We've had some relatively unproductive discussions in the paste about auth_token being aware of the endpoint_id it's protecting -- it's unnecessary config or will require fragile auto-detection code by taking a guess from a catalog response.
Scoping to service type seems like a great first step towards more granular control.
Endpoint ID's or services types?
We've had some relatively unproductive discussions in the paste about auth_token being aware of the endpoint_id it's protecting -- it's unnecessary config or will require fragile auto-detection code by taking a guess from a catalog response.
Scoping to service type seems like a great first step towards more granular control.