Hello,
Is there any way to get an authentication token without opening WebBrowser?
In my case, I want to run boundary authenticate oidc -auth-method-id on some Linux machine without WebBrowser to get the URL and to be able to run it externally to the original machine.
Generally speaking I think that kind of flow isn’t supported (or at least not considered safe) for OIDC itself. The basic flow depends on the client (your Linux machine) of the Relying Party (RP, in this case Boundary) being redirected to the Identity Provider (IdP) to receive a token, then itself presenting that token to the RP who can validate it as coming from the IdP.
You might be able to leverage curl to do what you need to do without an interactive browser session, depending on the provider, but I wonder if Boundary is the right solution for what you’re trying to do – what are you looking to do from the machine you’re trying to authenticate? It sounds like what you might be looking for is some sort of machine-oriented authentication and access, which is what Consul is very good at.