This repo configures an existing vault instance, uses the Identity engine to create JWT tokens, validates the tokens, and rotates keys. The hcp-demo script will configure HCP vault and run through all steps of the demo.
Demo Slides can be found here Vault and OAuth 2.0
This demo assumes a running HCP Vault instance, and your shells has the following variables set.
export VAULT_ADDR=
export VAULT_TOKEN=
export VAULT_NAMESPACE=admin
Manually cut/paste commands from the hcp-demo.sh
script to slowly walk through each step. Run it to do a dry test.
./hcp-demo.sh
- create dev namespace to work in
- enable userpass
- create ops-1 and app-1 users
- configure oidc
- create jwt tokens
- validate
- rotate
Neil Dahlke 💬 📖💻 |