docs: Add note about scoping on tokens

stephenfin · stephenfin · commit 2e301857af76 · 2025-05-29T19:13:21.000+01:00
Change-Id: I4df74eaa1aa82fb8666bc1e6728b55a3e81bc76a
Signed-off-by: Stephen Finucane &lt;stephenfin@redhat.com&gt;
diff --git a/doc/source/cli/authentication.rst b/doc/source/cli/authentication.rst
@@ -295,6 +295,15 @@ or, using environment variables:
 
        $ TOKEN=$(openstack token issue -f value -c id)
 
+.. note::
+
+    The above examples assume you require a project-scoped token. You can omit
+    the project-related configuration if your user has a default project ID set.
+    Conversely, if requesting domain-scoped or system-scoped, you should update
+    these examples accordingly. If the user does not have a default project
+    configured and no scoping information is provided, the resulting token will
+    be unscoped.
+
 ``v3totp``
 ~~~~~~~~~~
 
