Vault OIDC automatic creation of external groups from ADFS and automatic assigning of policies to entities

David.br · January 16, 2023, 2:10pm

Hello,

I have Vault working with OIDC and ADFS.
How can we automate the external group creation in vault and assign the right policy to the users of those groups?
I’ve made it manually for one external group and for one user through one of its entities.
But this isn’t a viable way of working for a potential system with several hundred different groups and even more users.

Best regards,

David

maxb · January 16, 2023, 6:52pm

You would need to write something that makes the appropriate calls to the Vault API to set up these groups.

David.br · January 18, 2023, 7:06am

Thank you @maxb for your reply.

Topic		Replies	Views
Vault OIDC auth method with external groups Vault	2	552	November 10, 2021
Vault secret access to specific group members Vault	1	1233	November 27, 2022
Vault OIDC external groups user being assigned all policies Vault	1	347	February 16, 2023
OIDC without role Vault	8	883	November 10, 2020
Dynamically create jumpcloud oidc users Vault vault	0	127	May 20, 2024

Vault OIDC automatic creation of external groups from ADFS and automatic assigning of policies to entities

Related topics