Keystone Role documentation

Asked by Fatih Güçlü Akkaya


Where can I find any documentation regarding Keystone > Roles v2.0 APIs?



Question information

English Edit question
OpenStack Identity (keystone) Edit question
No assignee Edit question
Solved by:
Joseph Heck
Last query:
Last reply:
Revision history for this message
Best Joseph Heck (heckj) said :

Creating roles and assigning to user & tenants is definitely supported, and is a bit convoluted under the covers of the V2.0 REST API. I'd recommend doing the adding using the python-keystoneclient command line interface (install python-keystoneclient with "python install", and then you have a command "keystone" which does a lot of the command line interactions.

There's bugs with it (current list at, but currently if you add --debug, it does show you the details of the HTTP request and response used to enable that functionality.

Revision history for this message
Fatih Güçlü Akkaya (gucluakkaya) said :

Thanks Joseph Heck, that solved my question.

Revision history for this message
Rahul Bhardwaj (bhardwaj-rahul20) said :

I am trying to do the same thing from my python script. I tried to do it from add_user function in and also add_user_role in is actually called from add_user function) but I am getting a 404-resource not found. Also the format in which tenant, user and role id are described is also missing. Horizon directly passes ids, probably as integers or some other format(which I am unable to find) but add_user_role does a base.getid on all so, a direct passing of integers will always throw an error, right?
Any insights?

Revision history for this message
adapaka bhavaniprasad (adapaka-prasad) said :


I am familiar with keystone role such as member, admin.
Both the roles has different access permissions. can anybody guide on complete roles in keystone ??
Admin role is admin for specific project. i want to be a role which is admin of all keystone tenants.

please send any links .

thanks in advance.