OpenBao's Ember UI expects OIDC to complete in a popup and postMessage to window.opener. The standalone KeyCape login uses a full-page redirect, so the callback now exchanges the authorization code directly, persists the UI token in localStorage, and redirects into the vault UI. Unauthenticated /ui/ loads also redirect to the standalone login page to avoid ?with= bounce loops. |
||
|---|---|---|
| .. | ||
| openbao-apply-initial-config.sh | ||
| openbao-apply-ssh-engine.sh | ||
| openbao-tune-auth-listing.sh | ||
| openbao-ui-overlay-apply.sh | ||
| openbao-validate-emergency-drill-evidence.sh | ||
| openbao-validate-restore-evidence.sh | ||
| openbao-verify-authenticated.sh | ||
| openbao-verify-login-overlay.sh | ||
| openbao-verify-ssh-engine.sh | ||
| openbao-verify.sh | ||