I need help in enabling SSO for Vault
My main goal is to enables SSO for vault and manage the user access via AD groups
I have enabled OIDC authentication method and configured it as shown below but unable to manage user access via AD groups.
Users are able to successfully authenticate via OIDC but the authorization is not happening via AD group.
vault read auth/oidc/config
Key Value
bound_issuer n/a
default_role demo
jwt_supported_algs
jwt_validation_pubkeys
oidc_client_id ###########
oidc_discovery_ca_pem n/a
oidc_discovery_url https://####
======================================================================
vault read auth/oidc/role/demo
Key Value
allowed_redirect_uris [https://hostname:8200/ui/vault/auth/oidc/oidc/callback http://localhost:8200/oidc/callback
http://localhost:8250/oidc/callback
bound_audiences [client ID from Ping]
bound_cidrs
bound_claims
bound_subject n/a
claim_mappings
groups_claim groups
max_ttl 0s
num_uses 0
period 0s
policies [policy name]
role_type oidc
ttl 1h
user_claim sub
========================================================================
vault policy read sso-test-list
path “secret/*” {
capabilities = [“list”]
}