Prompting user to enter credentials (i.e vault) while connecting to target resource

Finally, i am able to setup self-hosted boundary, worker and desktop client in air-gapped environment as a containerized apps in our k8 cluster.

i am using keycloak as a authentication service and trying to implement authorization service at the target level.

in my case, user gets authenicated against keycloak and can view the lists of targets in his desktop client web browser. now I am looking to force the user to enter the credentials while connecting to the target. once the credentials are successful then he can connect to the target resource. I am trying to use vault as static credential or dynamic secret injection with time bound.

wondering if anyone has done like this.

Which credentials are you wanting the user to enter? If it’s the credentials for the remote machine, unless you are using Enterprise with credential injection, authentication is performed by the remote service anyways…so the user will be prompted if their environment does not contain a necessary credential already. Credential brokering could be used to pull a cred from Vault and give it to the user at session authorization time to enter.