Update doc for include_service_catalog with app cred

If swift is used with an Application Credential with access_rules [1], the catalog needs to be sent with the token for it to be evaluated by keystonemiddleware. [1]: https://docs.openstack.org/keystone/2023.1/user/application_credentials.html#access-rules Change-Id: I0b02821722ffc819bc8a97281a33391072242ffc
2023-08-11 13:25:38 +10:00 · 2023-08-11 13:25:38 +10:00 · 8a2c8b128b
commit 8a2c8b128b
parent 6444ef9be0
1 changed files with 3 additions and 4 deletions
--- a/doc/source/overview_auth.rst
+++ b/doc/source/overview_auth.rst
@ -174,10 +174,9 @@ your situation, but in short:
  will get the Swift memcache from the request environment.
 * ``include_service_catalog`` defaults to ``True`` if not set. This means
  that when validating a token, the service catalog is retrieved
-  and stored in the ``X-Service-Catalog`` header. Since Swift does not
-  use the ``X-Service-Catalog`` header, there is no point in getting
-  the service catalog. We recommend you set ``include_service_catalog``
-  to ``False``.
+  and stored in the ``X-Service-Catalog`` header. This is required if you use
+  access-rules in Application Credentials. You may also need to increase
+  `max_header_size`.


 .. note::