vault_identity_oidc_client_creds

Reads well known public keys from an OIDC Provider provisioned in Vault.

Example Usage

resource "vault_identity_oidc_key" "key" {
  name               = "key"
  allowed_client_ids = ["*"]
  rotation_period    = 3600
  verification_ttl   = 3600
}

resource "vault_identity_oidc_client" "app" {
  name          = "application"
  key           = vault_identity_oidc_key.key.name
  redirect_uris = [
    "http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback",
    "http://127.0.0.1:8251/callback",
    "http://127.0.0.1:8080/callback"
  ]
  id_token_ttl     = 2400
  access_token_ttl = 7200
}

resource "vault_identity_oidc_provider" "provider" {
 name = "provider"
 allowed_client_ids = [
  vault_identity_oidc_client.test.client_id
 ]
}

data "vault_identity_oidc_public_keys" "public_keys" {
 name = vault_identity_oidc_provider.provider.name
}

Argument Reference

The following arguments are supported:

Attributes Reference

In addition to the arguments above, the following attributes are exported: