OpenID-Connect docs are unusable

[erickufrin-okta]

Is your feature request related to a problem? Please describe. Inability to understand documentation which is too generic. Lack of detail around "ROLE"

Specific section of issue is: default_role = default role the user will be using when connecting.

There is no detail on how to properly configure a role for an environment such as Okta.

Describe the solution you'd like Fully built-out documentation where an end-to-end example is used. If "ROLE" is pertinent to the setup then why is it completely absent from the OIDC instructions?

Describe alternatives you've considered Pulling my hair out

Additional context The documentation is incomplete.

Apparently this must be done, but no explanations or examples are given for something such as Okta OIDC. https://www.vaultproject.io/api/auth/jwt/index.html#create-role

[yuanmwang-wf]

I recently set up OIDC authentication with Okta in my company. Not sure if you've seen this, but I followed the steps outlined in this article and I found it to be quite useful: https://learn.hashicorp.com/vault/operations/oidc-auth

There are some Okta specific setups needed too: https://www.vaultproject.io/docs/auth/jwt_oidc_providers.html#okta

In your oidc role, make sure to set oidc_scopes to include at least ["profile", "groups"] so in the jwt returned by Okta you can see the user's name, email, what okta groups the user belongs to, etc. You can then use external identities and alias to assign more policies to the user depending on the user's groups.

[srmars]

Please update this, I am working for three days, still I can not figure it out what was the issue is. I am working for Azure AD integration, Like @erickufrin told, Pulling my hair out

[erickufrin-okta]

The docs are still unusable and do not actually get someone from point A to point B.