oidc-agent
The oidc-agent is a command-line tool for managing OpenID Connect tokens developed by Karlsruhe Institute of Technology (KIT).
Obtain a Token
If you haven’t installed oidc-agent in your system, please read the installation guide.
Note
Please make sure that you have installed the version 4.3.0 or laterMake sure that the oidc-agent-service
is started by executing the command:
$ eval `oidc-agent-service start`
To obtain a Token you need to execute the following command:
$ oidc-gen --pub --issuer https://aai.egi.eu/auth/realms/egi
$ oidc-gen --pub --issuer https://aai-demo.egi.eu/auth/realms/egi
$ oidc-gen --pub --issuer https://aai-dev.egi.eu/auth/realms/egi
Then enter a short name for the account to configure, and the scopes that the Access Token should contain.
Note
To get a Refresh Token you need to specify theoffline_access
scope in the requested scopesAfter that, you need to log in either by visiting the provided URL or by scanning the displayed QR code, and then provide the user code displayed in the oidc-agent.
Last but not least, you will need to provide an encryption password to protect the obtained Access/Refresh Token.
For more information, please read the oidc-agent documentation.