Hello
I have a problem with Vault OIDC authentication via CLI for Gitlab server. I correctly established the connection to the Gitlab server, specified redirect URI’s, secret IDs from the Gitlab, etc.
Authentication through the UI on the default port 8200 works fine, however, connecting via the powershell console on port 8250 does not work correctly: the callback page to which the redirect is going is not available, and if I specify a second tcp listener for this port in the server’s vault configuration file, then callback page shows {“errors”:[ ]} and nothing happens
The Vault server is not intended to listen on port 8250.
When you execute vault login -method=oidc, the Vault CLI itself opens up a temporary local webserver on port 8250 to receive a redirect to localhost, from a web browser running on the same computer.
It sounds like you are using the callbackhost option on the command line. You should not use this option. I am not aware of any configuration where it makes sense to use this option.