Ansible playbooks to set up devstack with as a federated identity provider
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.


Federated Devstack

Ansible playbooks to set up a minimal devstack with as the SAML2 identity provider or Google as the OpenID Connect identity provider.

To use shibboleth as the SAML2 SP implementation, run:

./ shibboleth

To use mod_auth_mellon as the SAML2 SP implementation, run:

./ mellon

To use OpenID Connect, get your Client ID and Client Secret from the Google API Console, and set them as environment variables:

export GOOGLE_OPENIDC_CLIENT_ID=<Google Client ID>
export GOOGLE_OPENIDC_CLIENT_SECRET=<Google Client Secret>
./ oidc

You must also add these redirect URIs to the project in the Google API console:

This script expects to be run on an Ubuntu Trusty or Xenial VM with certain dependencies already installed. You can build such a VM with diskimage-builder using the command:

disk-image-create -u pip-and-virtualenv devuser dhcp-all-interfaces vm cloud-init-nocloud -p python,git,libssl-dev --image-size 30 -o ubuntu.qcow2

You must also ensure the instance where your devstack is running is accessible from your browser by the domain name "".