Is your feature request related to a problem? Please describe.
Something that is a hindrance from those coming over from Vault is that Vault has a web UI component for TOTP secret mounts.
The Vault TOTP web UI component allows one to add keys, delete keys, list keys (...obviously), and generate codes (even though the display/generation part is... VERY broken)
It'd be great if OpenBao implemented similar.
Examples from Vault UI:
Navigation
A mount with keys (a single key):
That key's entry:
When going to Generate code >:
Unhiding the code:
Creating (adding) a new key...
Using Vault as the provider ( { ... "generate": true ... } )
{ ... "exported": true ... }
{ ... "exported": false ... }
Expanded TOTP Code Options, explicit period ({ ... "period": "30" ... })
Expanded TOTP Code Options, implicit/default period
Expanded Provider Options
A key after creation with Generate enabled
Using an external party as a provider (a "TOTP import")
Describe the solution you'd like
Web UI management and generation of TOTP secrets.
Describe alternatives you've considered
N/A
Explain any additional use-cases
This helps a ton if Vault is being used in a shared manner with less-technical individuals. "Make this API call", "run this bao/vault command", and/or "Go here and do this in the API explorer" is a lot of friction for less-technical users.
Additional context
N/A
This issue is a copy of the original - github.com/openbao/openbao/issues/2280
Is your feature request related to a problem? Please describe.
Something that is a hindrance from those coming over from Vault is that Vault has a web UI component for TOTP secret mounts.
The Vault TOTP web UI component allows one to add keys, delete keys, list keys (...obviously), and generate codes (even though the display/generation part is... VERY broken)
It'd be great if OpenBao implemented similar.
Examples from Vault UI:
Navigation
A mount with keys (a single key):
That key's entry:
When going to Generate code >:
Unhiding the code:
Creating (adding) a new key...
Using Vault as the provider (
{ ... "generate": true ... }){ ... "exported": true ... }{ ... "exported": false ... }Expanded TOTP Code Options, explicit period (
{ ... "period": "30" ... })Expanded TOTP Code Options, implicit/default period
Expanded Provider Options
A key after creation with Generate enabled
Using an external party as a provider (a "TOTP import")
Describe the solution you'd like
Web UI management and generation of TOTP secrets.
Describe alternatives you've considered
N/A
Explain any additional use-cases
This helps a ton if Vault is being used in a shared manner with less-technical individuals. "Make this API call", "run this
bao/vaultcommand", and/or "Go here and do this in the API explorer" is a lot of friction for less-technical users.Additional context
N/A