OpenStack API token lifespan extension

All,

OpenStack API issues token after successful authentication. However, it is only valid for 1 hour.

Is there any workaround or possibility to extend token's lifespan?

Thanks & Regards, Ganesh.

Solution

You may want to take a look at the solutions used by Heat, the OpenStack orchestration engine.

Heat needs to be able to execute actions on behalf of a user at some point in the future. Heat cannot simply store a token because, as you have stated, tokens expire.

Heat offers two solutions to "deferred authentication".

Keystone Trusts
Stored passwords

There are lots of details about how Heat handles this here and here.

There are some API examples of keystone trusts on the eNovance blog, and some more over here.

OpenStack Pulumi integration - Cannot connect due to apparently lacking parameter in YAML file
How to reach a OPENSTACK instance directly without using floating IP
installing python packages without internet and using source code as .tar.gz and .whl
Terraform loops with both index and values
Openstack Heat - separate templates
Using python to connect to MongoDB in OpenStack
Does POST request to /v1/<account-name> in OpenStack Swift create that account?
Openstack - Change Admin password for the Dashboard
Openstack: Terraform multiple Instances with additional Disks - for_each list(object)
Terraform: openstack_compute_instance_v2 assign multiple networks dinamically
How to get Memory Usage from Windows Server 2012 R2 in OpenStack
OpenStack - KeyStone Requires Authentication 401
Issues with bash scripting syntax in Jenkins pipeline
How to list openstack user groups of a different domain?
rabbitmq cluster mistmatch hostname issue
Terraform cant create VM in openstack provider (No suitable endpoint could be found in the service catalog)
NoValidHost: No valid host was found. There are not enough hosts available
Unable to establish connection to http://controller:9696/v2.0/networks
Get uploaded object URL using openstack4j
Use OpenStack4j in an OSGi platform
rabbitmq access to vhost denied
How can I choose a specific subnet when creating new server in OpenStack?
Trouble creating a bridge device for OpenStack Rocky Linux 9.2 networking
Create a flavour with openstack SDK
Creating octavia Loadbalancer fails with "Nova failed to build the instance due to: Invalid key_name provided"
What is the difference between provider network and self-service network in OpenStack?
What issues arise when using Openstack Swift SAIO for Production use?
Unable to fetch server IP in openstack VM
Adding VPNaaS to an OpenStack Zed setup
Openstack python api: How create a connection using Application Credentials?