Vault CLI OIDC login - prevent browser popup?

When using vault login -method=oidc a browser pops up which does the login and prints its successful execution.

We currently have a short TTL for our logins and having a browser popping up every time is really annoying.

I could not find a way to login quietly via OIDC - is there a way? I assume the HTTP requests behind the scenes could also issued quietly?

No, this is impossible by design of the protocol, because:

  • Either the user has to interact with the browser to authenticate (e.g. type a password)
  • Or it’s something, usually a cookie, stored in the browser that provides the authentication
1 Like