application credential¶
Identity v3
With application credentials, a user can grant their applications limited
access to their cloud resources. Once created, users can authenticate with an
application credential by using the v3applicationcredential
auth type.
application credential create¶
Create new application credential
openstack application credential create
[--secret <secret>]
[--role <role>]
[--expiration <expiration>]
[--description <description>]
[--unrestricted]
[--restricted]
[--access-rules <access-rules>]
<name>
-
--secret
<secret>
¶ Secret to use for authentication (if not provided, one will be generated)
-
--role
<role>
¶ Roles to authorize (name or ID) (repeat option to set multiple values)
-
--expiration
<expiration>
¶ Sets an expiration date for the application credential, format of YYYY-mm-ddTHH:MM:SS (if not provided, the application credential will not expire)
-
--description
<description>
¶ Application credential description
-
--unrestricted
¶
Enable application credential to create and delete other application credentials and trusts (this is potentially dangerous behavior and is disabled by default)
-
--restricted
¶
Prohibit application credential from creating and deleting other application credentials and trusts (this is the default behavior)
-
--access-rules
<access-rules>
¶ Either a string or file path containing a JSON-formatted list of access rules, each containing a request method, path, and service, for example ‘[{“method”: “GET”, “path”: “/v2.1/servers”, “service”: “compute”}]’
-
name
¶
Name of the application credential
application credential delete¶
Delete application credentials(s)
openstack application credential delete
<application-credential>
[<application-credential> ...]
-
application-credential
¶
Application credentials(s) to delete (name or ID)
application credential list¶
List application credentials
openstack application credential list
[--sort-column SORT_COLUMN]
[--sort-ascending | --sort-descending]
[--user <user>]
[--user-domain <user-domain>]
-
--sort-column
SORT_COLUMN
¶ specify the column(s) to sort the data (columns specified first have a priority, non-existing columns are ignored), can be repeated
-
--sort-ascending
¶
sort the column(s) in ascending order
-
--sort-descending
¶
sort the column(s) in descending order
-
--user
<user>
¶ User whose application credentials to list (name or ID)
-
--user-domain
<user-domain>
¶ Domain the user belongs to (name or ID). This can be used in case collisions between user names exist.