Skip to content

feat (security): Support encrypted keychains for credential storage #7

Description

@timoguin

Although the CLI already supports setting the GOLDAP_PASSWORD environment variable for configuring authentication for simple LDAP binds, we should add support for encrypted credential stores. There are libraries that can make this fairly straight-forward, so the bulk of this issue is going to be UX design.

Considerations

  • Users may want to store multiple credentials
  • Users may want to map named credentials
  • Users may want to include the bind-dn and/or ldap-uri (along with the password as a named bundle)
  • Users need to be able to update stored credentials

Ideas

  • Add some kind of auth command for managing credentials
  • Allow named credential sets that can be referenced in subcommands
  • Provide a mutable default alias and an interface to manage it
  • Use a host-based config format that allows

References

Metadata

Metadata

Assignees

Labels

enhancementNew feature or request

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions