In the documentation, it states:
“For example, on developer machines, the GitHub auth method is easiest to use. But for servers the AppRole method is the recommended choice.”
Why is this exactly? There doesn’t seem to be any justification for why AppRole is recommended over an SSO implementation for instance.
GitHub is (usually) a human-level auth method, and AppRole is machine.
You wouldn’t want a developer to have to use a roleID/secretID to login to manage KV secrets in Vault… Nor would you want a server to do some CLI/bash script to login with Github.
Each has their own use case.
I don’t think the doc is recommending AppRole over a specific SSO (assuming you’re referring here https://www.vaultproject.io/docs/auth) in general, just for server/machine authentication.