Vault CLI OIDC login - prevent browser popup?

patscli · October 9, 2022, 11:39am

When using vault login -method=oidc a browser pops up which does the login and prints its successful execution.

We currently have a short TTL for our logins and having a browser popping up every time is really annoying.

I could not find a way to login quietly via OIDC - is there a way? I assume the HTTP requests behind the scenes could also issued quietly?

maxb · October 9, 2022, 11:53am

No, this is impossible by design of the protocol, because:

Either the user has to interact with the browser to authenticate (e.g. type a password)
Or it’s something, usually a cookie, stored in the browser that provides the authentication