Although the CLI already supports setting the GOLDAP_PASSWORD environment variable for configuring authentication for simple LDAP binds, we should add support for encrypted credential stores. There are libraries that can make this fairly straight-forward, so the bulk of this issue is going to be UX design.
Considerations
- Users may want to store multiple credentials
- Users may want to map named credentials
- Users may want to include the
bind-dn and/or ldap-uri (along with the password as a named bundle)
- Users need to be able to update stored credentials
Ideas
- Add some kind of
auth command for managing credentials
- Allow named credential sets that can be referenced in subcommands
- Provide a mutable
default alias and an interface to manage it
- Use a host-based config format that allows
References
Although the CLI already supports setting the
GOLDAP_PASSWORDenvironment variable for configuring authentication for simple LDAP binds, we should add support for encrypted credential stores. There are libraries that can make this fairly straight-forward, so the bulk of this issue is going to be UX design.Considerations
bind-dnand/orldap-uri(along with thepasswordas a named bundle)Ideas
authcommand for managing credentialsdefaultalias and an interface to manage itReferences