How To Create Application Credentials

Users can create application credentials to allow their applications to authenticate to SDSC Cloud Services. With application credentials, applications authenticate with the application credential ID and a secret string which is not the user’s password. This way, the user’s password is not embedded in the application’s configuration.

This is also useful for the OpenStack command line client, used in automated tasks (when you are not prompted for a password).

Instructions

  1. Creating a new application credential
    1. Open the Identity tab on left side and Select "Application Credentials"

  2. Click the "Create Application Credential" Button at the top right

  3. In the popup Window give the new application credential a name. You can also give a description.
    You can leave secret blank and it will auto generate the secret for you (Or you can specify a secret).
    You can set expiration date/time if you want to have this application credential only be good for a specified period of time
    Roles you can leave as is. Application credentials have same role as the user that created them.
    **Please do not check the "Unrestricted" box. This allows your application credential to make other credentials (This poses a security risk).
    Click "Create Application Credential" when done:



  4. Save your secret from new credential.
    When you application credential is created a confirmation window pops up with your new secret. You can copy and paste the secret somewhere or download the openrc file to use with OpenStack command line clients.



  5. Deleting the application credential:
    In the event you need to delete an application credential, you can do so on the same screen where you created it. There is a "Delete Application Credential" button to delete the credential: