Translations:ReleaseNotes/Liberty/54/en


 * Experimental: Domain specific configuration options can be stored in SQL instead of configuration files, using the new REST APIs.
 * Experimental: Keystone now supports tokenless authorization with X.509 SSL client certificate.
 * Configuring per-Identity Provider WebSSO is now supported.
 * and  attributes were added to SAML assertion in order to map user and project domains, respectively.
 * The credentials list call can now have its results filtered by credential type.
 * Support was improved for out-of-tree drivers by defining stable Driver Interfaces.
 * Several features were hardened, including Fernet tokens, Federation, domain specific configurations from database and role assignments.
 * Certain variables in keystone.conf now have options, which determine if the user's setting is valid.