vault-plugin-secrets-oauthapp

OAuth 2.0 secrets plugin for HashiCorp Vault supporting a variety of grant types (by puppetlabs)
Add to my DEV experience Suggest topics
Source Code
Suggest alternative
Edit details
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

Vault-plugin-secrets-oauthapp Alternatives

Similar projects and alternatives to vault-plugin-secrets-oauthapp

  • nango

    33 vault-plugin-secrets-oauthapp VS nango

    A single API for all your integrations.

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a better vault-plugin-secrets-oauthapp alternative or higher similarity.
Suggest an alternative to vault-plugin-secrets-oauthapp

vault-plugin-secrets-oauthapp reviews and mentions

Posts with mentions or reviews of vault-plugin-secrets-oauthapp. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-02-07.
  • Show HN: We built an open-source OAuth service for 40 APIs
    4 projects | news.ycombinator.com | 7 Feb 2023
    This is cool. I like the frontend aspect. Looks really handy for a lot of apps where integration with other services is a core feature (I've built several just over the past few years, so I definitely get it).

    I do wish it supported encrypted storage. For example, I wrote/maintain a Vault plugin to do basically the same work as the backend side of this project[0]. I wonder if you would be interested in supporting Vault as a backend in addition to PostgreSQL down the line? Feel free to reach out if so.

    To answer your question:

    Like some others here, I haven't found the actual integration points to be terribly difficult with most OAuth 2 servers. Once you have a token, you can call their APIs. No problem. I wrote the Vault plugin I referenced above to basically just do automatic refreshes without ever exposing client secrets/refresh tokens to our services, and it works fine.

    Rather our customers would get into situations where they inadvertently revoked access, the user that authorized the integration initially left the company and it was automatically disabled, etc. and there was no notification that it happened. Basically all of the lifecycle management side that couldn't be automated down to "refresh my token when it's about to expire" sucked. So anything you're looking to support there would be a huge value-add IMO.

    Another one is that each provider has their own scope definitions/mapping to their APIs. Some scopes subsume others (e.g. GitHub has all repos, public repos, org admin, org read-only, etc.). Some get deprecated and need to be replaced with others on the next auth attempt. We could never keep them up to date because they were usually just part of docs, not enumerated through some API somewhere. If you had a way to provide the user with a way to see and select those scopes in advance, that would be huge. Think if my app or a user could answer the question "I want to call this API endpoint, what scopes do I need?" by just asking your service to figure it out.

    [0]: https://github.com/puppetlabs/vault-plugin-secrets-oauthapp

Stats

Basic vault-plugin-secrets-oauthapp repo stats
1
90
2.3
about 1 month ago

puppetlabs/vault-plugin-secrets-oauthapp is an open source project licensed under Apache License 2.0 which is an OSI approved license.

The primary programming language of vault-plugin-secrets-oauthapp is Go.

Popular Comparisons

  1. vault-plugin-secrets-oauthapp VS nango

Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com