Has variant:
vault write auth/oidc/role/demo -<<EOF
{
"user_claim": "sub",
"bound_audiences": "abc123",
"role_type": "oidc",
"policies": "demo",
"ttl": "1h",
"bound_claims": { "groups": ["mygroup/mysubgroup"] }
}
EOF
I want to run this command in “Vault Browser CLI:”
I tried many different forms. Simply:
write auth/oidc/role/demo '{ "user_claim": "sub", "bound_audiences": "abc123", "role_type": "oidc", "policies": "demo", "ttl": "1h", "bound_claims": { "groups": ["mygroup/mysubgroup"] } }'
Doesn’t work. Reply is:
‘’’
Error writing to: auth/oidc/role/demo.
URL: /v1/auth/oidc/role/demo
Code: 400
Errors:
a user claim must be defined on the role!
‘’’
Screenshot from 2020-11-10 13-34-15|690x71
Question: how do I write DATA in Vault Browser CLI, without key?
Thank you.