openstack-manuals/doc/user-guide/source/sdk_authenticate_against_identity_endpoint.rst
James Benson 78b0670c60 Fix typo from keystoneclient.v_20.... to v2_0
There is a typo in the first sentence with

... a keystoneclient.v_20.client.Client and corrected it with:
keystoneclient.v2_0.client.Client

Closes-Bug: 1564087
Change-Id: I4045286f73699940a482148d5a2548e594fbea55
2016-04-01 01:43:10 +00:00

1.7 KiB

Authenticate against an Identity endpoint

To authenticate against the Identity v2.0 endpoint, instantiate a keystoneclient.v2_0.client.Client object:

from os import environ as env
import keystoneclient.v2_0.client as ksclient
keystone = ksclient.Client(auth_url=env['OS_AUTH_URL'],
                           username=env['OS_USERNAME'],
                           password=env['OS_PASSWORD'],
                           tenant_name=env['OS_TENANT_NAME'],
                           region_name=env['OS_REGION_NAME'])

After you instantiate a Client object, you can retrieve the token by accessing its auth_token attribute object:

import keystoneclient.v2_0.client as ksclient
keystone = ksclient.Client(...)
print keystone.auth_token

If the OpenStack cloud is configured to use public-key infrastructure (PKI) tokens, the Python script output looks something like this:

MIIQUQYJKoZIhvcNAQcCoIIQQjCCED4CAQExCTAHBgUrDgMCGjCCDqcGCSqGSIb3DQEHAaCCDpgE
gg6UeyJhY2Nlc3MiOiB7InRva2VuIjogeyJpc3N1ZWRfYXQiOiAiMjAxMy0xMC0yMFQxNjo1NjoyNi
4zNTg2MjUiLCAiZXhwaXJlcyI6ICIyMDEzLTEwLTIxVDE2OjU2OjI2WiIsICJpZCI6ICJwbGFjZWhv
...
R3g14FJ0BxtTPbo6WarZ+sA3PZwdgIDyGNI-0Oqv-8ih4gJC9C6wBCel1dUXJ0Mn7BN-SfuxkooVk6
e090bcKjTWet3CC8IEj7a6LyLRVTdvmKGA5-pgp2mS5fb3G2mIad4Zeeb-zQn9V3Xf9WUGxuiVu1Hn
fhuUpJT-s9mU7+WEC3-8qkcBjEpqVCvMpmM4INI=

Note

This example shows a subset of a PKI token. A complete token is over 5000 characters long.