Reads client credentials from an OIDC Client provisioned in Vault.
resource "vault_identity_oidc_client" "app" {
name = "application"
redirect_uris = [
"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback",
"http://127.0.0.1:8251/callback",
"http://127.0.0.1:8080/callback"
]
id_token_ttl = 2400
access_token_ttl = 7200
}
data "vault_identity_oidc_client_creds" "creds" {
name = vault_identity_oidc_client.app.name
}
The following arguments are supported:
namespace
- (Optional) The namespace of the target resource.
The value should not contain leading or trailing forward slashes.
The namespace
is always relative to the provider's configured namespace.
Available only for Vault Enterprise.
name
- (Required) The name of the OIDC Client in Vault.
In addition to the arguments above, the following attributes are exported:
client_id
- The Client ID returned by Vault.
client_secret
- The Client Secret Key returned by Vault.
For public OpenID Clients client_secret
is set to an empty string ""