1OIDC-AGENT(1) User Commands OIDC-AGENT(1)
2
6 oidc-agent - OIDC token agent
7
9 oidc-agent [OPTION...]
10
12 oidc-agent -- An agent to manage oidc token
13 General:
15 --always-allow-idtoken Always allow id-token requests without manual
17 approval by the user.
18 -a, --socket-path=PATH, --bind_address=PATH
20 Create the UNIX-domain used for communicating with the agent at
21 this PATH. The default is '$TM‐
22 PDIR/oidc-XXXXXX/oidc-agent.<ppid>'. Use 'XXXXXX' as the last
23 six characters of a directory in the path to substitute them
24 with random characters.
25 -c, --confirm
27 Requires user confirmation when an application requests an ac‐
28 cess token for any loaded configuration
29 --json Print agent socket and pid as JSON instead of bash.
31 -k, --kill
33 Kill the current agent (given by the OIDCD_PID environment vari‐
34 able)
35 --no-autoload
37 Disables the autoload feature: A token request cannot load the
38 needed configuration. You have to do it with oidc-add.
39 --no-autoreauthenticate, --no-auto-reauthenticate
41 Disables the automatic re-authentication feature: If a refresh
42 token expired the re-atuhentiacte is not started automatically;
43 you have to do it manually.
44 --no-scheme
46 This option applies only when the authorization code flow is
47 used. oidc-agent will not use a custom uri scheme redirect.
48 --no-webserver
50 This option applies only when the authorization code flow is
51 used. oidc-agent will not start a webserver. Redirection to
52 oidc-gen through a custom uri scheme redirect uri and 'manual'
53 redirect is possible.
54 --quiet
56 Disable informational messages to stdout.
57 -t, --lifetime=TIME
59 Sets a default value in seconds for the maximum lifetime of ac‐
60 count configurations added to the agent. A lifetime specified
61 for an account configuration with oidc-add overwrites this de‐
62 fault value. Without this option the default maximum lifetime is
63 forever.
64 --with-group[=GROUP_NAME]
66 This option allows that applications running under another user
67 can access the agent. The user running the other application and
68 the user running the agent have to be in the specified group. If
69 no GROUP_NAME is specified the default is 'oidc-agent'.
70 Verbosity:
72 -d, --console
74 Runs oidc-agent on the console, without daemonizing.
75 -g, --debug
77 Sets the log level to DEBUG.
78 --log-stderr
80 Additionally prints log messages to stderr.
81 --status
83 Connects to the currently running agent and prints status infor‐
84 mation about it.
85 Help:
87 -?, --help
89 Give this help list
90 --usage
92 Give a short usage message
93 -V, --version
95 Print program version
96 Mandatory or optional arguments to long options are also mandatory or
98 optional for any corresponding short options.
99
101 $TMPDIR/oidc-XXXXXX/oidc-agent.<ppid>
102 UNIX-domain sockets used to contain the connection to the agent.
103
105 oidc-agent
106 Starts oidc-agent and prints the commands needed for setting the
107 required environment variables.
108 eval `oidc-agent`
110 Starts oidc-agent and sets the required environment variables
111 (only for this shell).
112 oidc-agent > ~/tmp/oidc-agent.env
114 Starts oidc-agent and exports the needed shell commands to
115 ~/tmp/oidc-agent.env Can be used to persist the agent.
116
118 Report bugs to <https://github.com/indigo-dc/oidc-agent/issues>
119 Subscribe to our mailing list to receive important updates about
120 oidc-agent: <https://www.lists.kit.edu/sympa/sub‐
121 scribe/oidc-agent-user>.
122
124 oidc-gen(1), oidc-add(1), oidc-token(1), oidc-keychain(1)
125 Low-traffic mailing list with updates such as critical security inci‐
127 dents and new releases: https://www.lists.kit.edu/sympa/subscribe/oidc-
128 agent-user
129 Full documentation can be found at https://indigo-dc.gitbooks.io/oidc-
131 agent/user/oidc-agent
132oidc-agent 5.0.1 September 2023 OIDC-AGENT(1)