All about keystone tokens¶
Everything you need to know about keystone tokens.
- Keystone tokens
- Fernet - Frequently Asked Questions
- What is a fernet token?
- What is a fernet key?
- What are the different types of keys?
- So, how does a staged key help me and why do I care about it?
- Where do I put my key repository?
- What is the recommended way to rotate and distribute keys?
- Do fernet tokens still expire?
- Why should I choose fernet tokens over UUID tokens?
- Why should I choose fernet tokens over PKI or PKIZ tokens?
- Should I rotate and distribute keys from the same keystone node every rotation?
- How do I add new keystone nodes to a deployment?
- How should I approach key distribution?
- How long should I keep my keys around?
- Is a fernet token still a bearer token?
- What if I need to revoke all my tokens?
- What can an attacker do if they compromise a fernet key in my deployment?
- I rotated keys and now tokens are invalidating early, what did I do?
- JWS key rotation
- Token provider
Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.