How to add an application authentication method to Keystone?

Using the application credentials, it is possible to authenticate using the credential identifier and a secret string that is not the user’s password. Thus, the user’s password is not embedded in the application configuration, which is especially important for users whose credentials are managed by an external system, such as LDAP or a single sign-on system.

To configure it, you need to add application credentials as an authentication method in the /etc/keystone/keystone.conf file:

[auth]
methods = external,password,token,oauth1,application_credential

Restart the keystone service using the command:

systemctl restart keystone