Skip to main content

Vault Learning Resources: Transit Secrets Engine, OpenID Connect Auth Method

May 08 2019Yoko Hyakuna

We are excited to announce additional hands-on tutorials to help you learn and integrate Vault as your secrets management solution. Several pre-existing tutorials have also been updated.

What's New?


»Auto-Unseal with Transit Secrets Engine

In addition to AliCloud KMS, Amazon KMS, Azure Key Vault, and Google Cloud KMS, Vault 1.1 added support for the Transit Secrets Engine to auto-unseal your Vault.

Auto-unseal

This guide walks you through the steps necessary to configure Transit Auto-Unseal.

If you don't have a Vault environment to experiment with Transit Auto-Unseal, click the Show Terminal button to launch an interactive tutorial in your web browser.

Launch Katacoda

»OpenID Connect (OIDC) Auth Method

Vault clients must first authenticate with Vault to acquire a valid token. Vault 1.1 introduced support for OpenID Connect (OIDC) as an auth method which is provided by many authentication services such as Auth0.

OIDC Auth Method

This guide walks through the configuration of the OIDC auth method using Auth0 as its OIDC provider.

NOTE: Refer to the Vault OpenID Demo for an example using Google OAuth.

»Update: Vault Agent Caching

Vault Agent was first introduced in Vault 0.11 as a client daemon to automate the authentication and token lifecycle management. Vault 1.1 introduced its caching mechanism to further improve the efficiency of token and lease management.

Vault Agent

The Vault Agent Caching tutorial now has a Katacoda scenario to demonstrate both Auto-Auth and Caching of Vault Agent using the approle auth method. If you don't have a Vault environment, try the Katacoda interactive tutorial today!

You can find many other educational resources, demo code, and interactive experiences at HashiCorp Learn or attend a training event with one of our training partners.

Sign up for the latest HashiCorp news

By submitting this form, you acknowledge and agree that HashiCorp will process your personal information in accordance with the Privacy Policy.

More blog posts like this one

3 cybersecurity stories from 2024 that show what we need to do in 2025
January 14 2025 | Strategy and Insights
3 cybersecurity stories from 2024 that show what we need to do in 2025

The majority of attacks in 2025 aren’t going to be related to AI or use zero-days. They’ll continue to focus on the easiest exploits, including exposed credentials and user access patterns.

Vault integrations with MongoDB, Private Machines, and walt.id strengthen customer security
December 11 2024 | Products & Technology
Vault integrations with MongoDB, Private Machines, and walt.id strengthen customer security

Three new HashiCorp Vault ecosystem integrations extend security use cases for customers.

HashiCorp at re:Invent 2024: Security Lifecycle Management with AWS
December 04 2024 | Products & Technology
HashiCorp at re:Invent 2024: Security Lifecycle Management with AWS

A recap of HashiCorp security news and developments on AWS from the past year, for your security management playbook.