oidc-add(1)

adds account configurations to oidc-agent

Section 1 oidc-agent-cli bookworm source

Description

OIDC-ADD

NAME

oidc-add - adds account configurations to oidc-agent

SYNOPSIS

oidc-add [OPTION...] ACCOUNT_SHORTNAME | -a | -l | -x | -X | -R

DESCRIPTION

oidc-add -- A client for adding and removing accounts to the oidc-agent

General:

-a, --loaded

Lists the currently loaded account configurations

--always-allow-idtoken Always allow id-token requests without manual

approval by the user for this account configuration.

-c, --confirm

Require user confirmation when an application requests an access token for this configuration

-l, --list

Lists all configured account configurations

-p, --print

Prints the encrypted account configuration and exits

--pw-cmd=CMD

Command from which the agent can read the encryption password

--pw-env[=OIDC_ENCRYPTION_PW]

Reads the encryption password from the passed environment variable (default: OIDC_ENCRYPTION_PW), instead of prompting the user

--pw-file=FILE

Uses the first line of FILE as the encryption password.

--pw-gpg=KEY_ID, --pw-pgp=KEY_ID, --gpg=KEY_ID, --pgp=KEY_ID

Uses the passed GPG KEY for encryption

--pw-keyring

Stores the used encryption password in the systems’ keyring

--pw-prompt=cli|gui

Change the mode how oidc-add should prompt for passwords. The default is ’cli’.

--pw-store[=TIME]

Keeps the encryption password encrypted in memory for TIME seconds. Default value for TIME: Forever

-r, --remove

The account configuration is removed, not added

--remote

Use a remote central oidc-agent, instead of a local one.

-R, --remove-all

Removes all account configurations currently loaded

--seccomp

Enables seccomp system call filtering; allowing only predefined system calls.

-t, --lifetime=TIME

Set a maximum lifetime in seconds when adding the account configuration

-x, --lock

Lock agent

-X, --unlock

Unlock agent

Verbosity:

-g, --debug

Sets the log level to DEBUG

-v, --verbose

Enables verbose mode

Help:

-?, --help

Give this help list

--usage

Give a short usage message

-V, --version

Print program version

Mandatory or optional arguments to long options are also mandatory or optional for any corresponding short options.

FILES

˜/.config/oidc-agent/ or ˜/.oidc-agent/

oidc-add reads account and client configurations in this directory.

EXAMPLES

oidc-add example

Adds the ’example’ account configuration to oidc-agent.

oidc-add example -r

Removes the ’example’ account configuration from oidc-agent.

oidc-add example -t 300

Adds the ’example’ account configuration to oidc-agent. It will be automatically removed after 5 minutes (300s).

oidc-add -R

Removes all loaded account configurations from oidc-agent.

oidc-add -x

Locks the agent. Use -X to unlock.

REPORTING BUGS

Report bugs to <https://github.com/indigo-dc/oidc-agent/issues>
Subscribe to our mailing list to receive important updates about oidc-agent: <https://www.lists.kit.edu/sympa/subscribe/oidc-agent-user>.

SEE ALSO

oidc-agent(1), oidc-gen(1), oidc-token(1)

Low-traffic mailing list with updates such as critical security incidents and new releases: https://www.lists.kit.edu/sympa/subscribe/oidc-agent-user

Full documentation can be found at https://indigo-dc.gitbooks.io/oidc-agent/user/oidc-add

See Also