Lucifer007
Reputation: 137
How to configure the OIDC config with GO package-github.com/hashicorp/vault/api
We are able to initialize/unseal and enable the vault using bellow code.
newres, err := client.Sys().Init(&intireq)
resseal, err := client.Sys().Unseal("xxxxxxxxxxxxxxxxxxxxx")
fmt.Println("resseal:", resseal)
enableopt := vault.MountInput{}
enableopt.Type = "oidc"
client.SetToken("xxxxxxxxxxxxxxxxxx")
err = client.Sys().EnableAuthWithOptions("oidc", &enableopt)
We can see oidc enabled in UI also. Now we need to configure the oidc, which if done from UI it is using below POST api with configs id: "oidc", oidc_discovery_url:"xxxxxx"......
https://vault.xxxxxx.com/v1/auth/oidc/config
We need to configure the same from our GO code where we are using go client vault "github.com/hashicorp/vault/api"
Not able to get the method for auth configuration need help on correct method.
Upvotes: 1
Views: 148
Answers (1)
spurgavie
Reputation: 171
The API is exposed in the Logical() struct, so you can use something like
type oidcConfig struct {
OIDCDiscoveryURL string `json:"oidc_discovery_url"`
// ...snip...
}
// in function call
config := oidcConfig{
OIDCDiscoveryURL: "https://sample.url/oidc"
// ..snip..
}
resp, err := client.Logical().Write("auth/oidc/config", config)
There are better ways of setting the config keys than this of course but hopefully gives you a trivial example.
Upvotes: 1
Related Questions
- Authentication methods using the vault API package
- how to configure kubernetes container spec for oauth2 proxy using Azure provider and Hashicorp Vault secret injector
- Vault SSH PKI with OIDC - user as SSH principal
- Vault authentication with Okta
- Working with Vault client on golang
- Vault Token Helper not being detected?
- Vault: how to create an secret-id
- Importing vault/builtin/credential/aws adds testing flags to command-line app
- SSH: Unable to authenticate with key signed by Hashicorp Vault using Go
- Using Hashicorp Vault for storage of client id and secret in OAuth2 Password Flow