I have an application which allows users to authenticate via JWT access tokens. Sometimes, we need to assign a JWT to an internal script. Is it possible to use Vault to create a JWT for use with my application?
Example:
Set Up
- I configure a hypothetical
jwt
secret engine with my application’s JWT secret
Use
- Script authenticates to Vault with approle credentials
- Script requests JWT from Vault
- Something like
GET /jwt/creds/:name
(based on database engine syntax)
- Something like
- Vault uses my application’s JWT secret to generate a valid JWT
- Vault returns JWT to Script
I don’t see a JWT secret engine. Is this possible to do?