summaryrefslogtreecommitdiffstats
path: root/keystone-moon/releasenotes/notes/new_features-e33d793d8a5ca76a.yaml
diff options
context:
space:
mode:
Diffstat (limited to 'keystone-moon/releasenotes/notes/new_features-e33d793d8a5ca76a.yaml')
-rw-r--r--keystone-moon/releasenotes/notes/new_features-e33d793d8a5ca76a.yaml21
1 files changed, 21 insertions, 0 deletions
diff --git a/keystone-moon/releasenotes/notes/new_features-e33d793d8a5ca76a.yaml b/keystone-moon/releasenotes/notes/new_features-e33d793d8a5ca76a.yaml
new file mode 100644
index 00000000..06e1db2c
--- /dev/null
+++ b/keystone-moon/releasenotes/notes/new_features-e33d793d8a5ca76a.yaml
@@ -0,0 +1,21 @@
+---
+features:
+ - >
+ **Experimental** - Domain specific configuration options can be stored in
+ SQL instead of configuration files, using the new REST APIs.
+ - >
+ **Experimental** - Keystone now supports tokenless authorization with
+ X.509 SSL client certificate.
+ - Configuring per-Identity Provider WebSSO is now supported.
+ - >
+ ``openstack_user_domain`` and ``openstack_project_domain`` attributes were
+ added to SAML assertion in order to map user and project domains,
+ respectively.
+ - The credentials list call can now have its results filtered by credential
+ type.
+ - Support was improved for out-of-tree drivers by defining stable driver
+ interfaces.
+ - Several features were hardened, including Fernet tokens, federation,
+ domain specific configurations from database and role assignments.
+ - Certain variables in ``keystone.conf`` now have options, which determine
+ if the user's setting is valid.