The Akeyless Dev Hub

If you're looking for help with the only zero-trust, SaaS, unified platform for secrets management - you've come to the right place.

This is our documentation and updates center.

Documentation

Akeyless introduced its support for OpenID Connect (OIDC).
OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. It allows Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User in an interoperable and REST-like manner.

CLI

Run the following command in your terminal, with the relevant parameters enabled.

akeyless create-auth-method-oidc --name oauth-am --issuer {your-issuer-url} --client-id {your-client-id}  --client-secret {your-client-secret} --unique-identifier {your-unique-identifier (e.g 'email' or 'username'')}

Options:

-n, --name

*Auth Method name

--issuer

Issuer URL

--client-id

Client ID (application ID)

--client-secret

Client secret

--unique-identifier

Unique identifier (ID) value should be configured for OIDC, OAuth2, LDAP, and SAML authentication method types and is usually a value such as an email, username, or upn for example. Whenever a user logs in with a token, these authentication types issue a "sub claim" containing details uniquely identifying that user. This sub claim includes a key containing the ID value that you configured, and is used to distinguish between different users from within the same organization

--access-expires[=0]

Access expiration date in Unix timestamp (select 0 for access without expiry date)

--bound-ips

A CIDR whitelist of the IPs that the access is restricted to

UI

In order to create a new OIDC authentication credentials, go to Auth Methods tab, click on new and select OIDC.

Updated 26 days ago


OIDC


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.