Hi Guys,
Our company is using HCP vault , and I want to setup the Vault OIDC with google gsuite for our google account, I following this document https://developer.hashicorp.com/vault/docs/auth/jwt/oidc-providers/google#gsuite_service_account , and I have tried very hard to get it working, but it did not work,
Here is my config file
vault write auth/oidc/config -<<EOF
{
“oidc_discovery_url”: “https://accounts.google.com”,
“oidc_client_id”: “XXXXX”,
“oidc_client_secret”: “XXXXX”,
“default_role”: “default_role”,
“provider_config”: {
“provider”: “gsuite”,
“gsuite_service_account”: “{XXXX}”,
“gsuite_admin_impersonate”: “XXXXX”,
“fetch_groups”: true,
“fetch_user_info”: true,
“groups_recurse_max_depth”: 5
}
}
EOF
vault write auth/oidc/role/default_role -<<EOF
{
“allowed_redirect_uris”: [
“XXXX”
],
“bound_audiences”: [
“XXXXX”
],
“oidc_scopes”: [
“email”
],
“policies”: “reader”,
“groups_claim”: “groups”,
“verbose_oidc_logging”: “true”,
“ttl”: “24h”,
“claim_mappings”: {
“email”: “email”
},
“bound_claims”: {
“group”: [“somegroup@mydomain.com”]
},
“user_claim”: “email”
}
EOF
And then when I sign in in the Web UI using OIDC ,and then it will using my google email, but it keeps spinning, and I saw lots of this kinds of error on the browser
vendor-9435df1547cf2481cbe0bbe5b0f8c613.js:2693 Uncaught (in promise) TypeError: m is not a function
at vendor-9435df1547cf2481cbe0bbe5b0f8c613.js:2693:3
at vendor-9435df1547cf2481cbe0bbe5b0f8c613.js:2516:41
at e.track (vendor-9435df1547cf2481cbe0bbe5b0f8c613.js:3177:5)
at m (vendor-9435df1547cf2481cbe0bbe5b0f8c613.js:2516:20)
at vendor-9435df1547cf2481cbe0bbe5b0f8c613.js:2693:161
Does anyone have a solution for that?
Thank you in advance.
Thank you in advance.