Kristi Nikolla discovered an information leak in Keystone, the OpenStack identity service, if running in a federated setup.