Dedicated OpenStack Dashboard login page for each SCS customer using federated login

[reqa]

As a SCS operator, I want to offer a good user experience to my customers which need to login to the OpenStack dashboard. Currently Horizon only offers a dropdown to select the IdP for federated login. If we would choose to configure multiple IdPs in OpenStack (e.g. one Realm in the SCS Keycloak to let the customer federate out from there to their "home" IAM), then all those customer names would be in the dropdown, which is probably neither desirable for the SCS operator nor for the SCS customer.

A custom login page (URL) in Horizon would be one possible solution to this problem. A complementary approach would be to support login via Email. Both may have valid reasons, so currently we may want to evaluate both options.

Note that Horizon will probably be replaced by https://wiki.openstack.org/wiki/Skyline , so the implementation will differ.

Definition of Ready:

• [ ] User Story is small enough to be finished within one sprint
• [ ] User Story is clear and understood by the whole team
• [ ] Acceptance criteria are defined
• [ ] Acceptance criteria are clear and understood by the whole team

Definition of Done:

• [ ] All acceptance criteria are met
• [ ] Changes have been reviewed
• [ ] CI tests have run successfully
• [ ] Documentation has been updated
• [ ] Release Notes have been updated

[reqa]

Jeff made the point that it may be more efficient to make use of the OIDCDiscoverURL parameter in wsgi-keystone.conf and put a better discoverypage there. That way would also be independent of a switch from Horizon to Skyline.