OpenStack Identity (keystone)

  1. Bug #1321378
  2. Comment #11

Comment 11 for bug 1321378

Revision history for this message
Adam Young (ayoung) wrote : Re: keystone user-role-delete operation fails when user no longer exists in backend

So...this is a continuing Saga. The fix that went in for Keystone only allows the V3 AP call to continue. However, there is currently no way to call that API except for CURL.

Something like:

 curl -X DELETE -H"X-Auth-Token:$TOKEN" -H "Content-type: application/json" $OS_AUTH_URL/projects/e9d504e8524e4c8d9876d179420dab89/users/tuser/roles/95a2366f8b514d43a5584342aefe448e

Will work, but there is no way to invoke that from python-keystoneclient or python-openwstackclient as both will attempt to list the users and do a lookup.

We probably need a --userid option that indicates that the passed in value is a userid, and do not attempt to look it up.