• lukegb's avatar
    tokend: init · 5f349c2f386f
    lukegb authored
    tokend is responsible for issuing service-scoped tokens based on the token held
    and generated by the Vault Agent.
    
    It can also generate "server-user" scoped tokens, which exist for convenience's
    sake: they are not a strong attestation of the user on the machine, and have
    limited privileges compared to a Vault token issued using e.g. `vault login
    -method=oidc`.
    5f349c2f386f
secretsmgr.nix 4.95 KB