Callback URL for OAuth2 provider redirect #7
Comments
|
This seems related to #6 (review). Is the goal here to implement a single point for both external use and authentication to Vault? |
|
Thanks for reply @impl! Rather it can simplify the setup and don't need manual work to transfer the code and just press button to approve |
|
@binlab Note that the vault-plugin-auth-jwt api you listed isn't actually for the token issuer to call back directly to vault; the token issuer has to call back to an extra little web server started by the vault cli, and then the vault cli calls back to the vault server. Maybe what you're wanting is in this vault-plugin-auth-jwt pull request, combined with the #6 feature here. |
|
Hello! I've spent a while (well, a year now) noodling on this and I think it would expand the scope of the plugin beyond what's reasonably feasible for us to implement and maintain (e.g., requiring handling browser requests and defining client-side interaction like redirects). If someone from the community wanted to propose this functionality in a PR, we would certainly consider it, but I don't think this is a candidate for us to develop at this time. Thanks for the suggestion! |
Use Case
Would be nice to add endpoint URL on Vault side to automatically forward the user to Vault and skip a step -
vault write oauth2/bitbucket/creds/my-user-authDescribe the Solution You Would Like
Callback URL e.g. http://127.0.0.1:8200/oauth2/bitbucket/callback
similar to how implemented here https://www.vaultproject.io/api-docs/auth/jwt/#oidc-callback
Describe Alternatives You've Considered
Additional Context
The text was updated successfully, but these errors were encountered: