OIDC CLI

A command line tool for working with OIDC

Installation

• Download a released binary: https://github.com/ctron/oidc-cli/releases

• From source with cargo:

  cargo install oidc-cli

• A binary with cargo-binstall:

  cargo binstall oidc-cli

• On Windows, you can use winget:

  winget install ctron.oidc
  

• With brew to you can:

  brew tap ctron/tap
  brew install ctron/tap/oidc

• With snap you can:

  snap install oidc

Example

Creating a new (confidential) client:

oidc create confidential my-client --issuer https://example.com/realm --client-id foo --client-secret bar

Creating a new (public) client:

oidc create public my-client --issuer https://example.com/realm --client-id foo

Then, get an access token:

oidc token my-client

Or combine it with e.g., HTTPie:

http example.com/api "Authorization:$(oidc token my-client --bearer)"

Or even shorter:

http example.com/api $(oidc token -H my-client)

This also works with curl:

curl http://example.com/api -H $(oidc token -H my-client)

More examples

Create a public client from an initial refresh token. This can be useful if you have a frontend application, but no means of performing the authorization code flow with a local server. In case you have access to the refresh token, e.g via the browsers developer console, you can initialize the public client with that:

oidc create public my-client --issuer https://example.com/realm --client-id foo --refresh-token <refresh-token>