Vault CLI OIDC login - prevent browser popup?

patscli · October 9, 2022, 11:39am

When using vault login -method=oidc a browser pops up which does the login and prints its successful execution.

We currently have a short TTL for our logins and having a browser popping up every time is really annoying.

I could not find a way to login quietly via OIDC - is there a way? I assume the HTTP requests behind the scenes could also issued quietly?

maxb · October 9, 2022, 11:53am

No, this is impossible by design of the protocol, because:

Either the user has to interact with the browser to authenticate (e.g. type a password)
Or it’s something, usually a cookie, stored in the browser that provides the authentication

Topic		Replies	Views
Sudden problem with Vault OIDC login Vault	3	1197	January 22, 2023
Vault CLI OIDC login on server without desktop gui environment Vault	2	1031	October 17, 2022
OIDC cli logon on jumphost? Vault	3	595	November 25, 2020
Vault login OIDC via Onelogin Vault vault	9	974	June 16, 2023
Using OIDC as auth type connecting to Vault from CLI always shows the redirect url as localhost Vault	7	787	August 31, 2023