Your company here — click to reach over 10,000 unique daily visitors

oidc-add - Man Page

adds account configurations to oidc-agent


oidc-add [OPTION...] ACCOUNT_SHORTNAME | -a | -l | -x | -X | -R


oidc-add -- A client for adding and removing accounts to the oidc-agent


--always-allow-idtoken Always allow id-token requests without manual

approval by the user for this account configuration.

-a,  --loaded

Lists the currently loaded account configurations

-c,  --confirm

Require user confirmation when an application requests an access token for this configuration

-f,  --force

Force to load the account configuration into the agent, even if it was already loaded.

-l,  --list

Lists all configured account configurations


Command from which the agent can read the encryption password


Reads the encryption password from the passed environment variable (default: OIDC_ENCRYPTION_PW), instead of prompting the user


Uses the first line of FILE as the encryption password.


Change the mode how oidc-add should prompt for passwords. The default is 'cli'.


Keeps the encryption password encrypted in memory for TIME seconds. Default value for TIME: Forever

-p,  --print

Prints the encrypted account configuration and exits


Use a remote central oidc-agent, instead of a local one.

-r,  --remove

The account configuration is removed, not added

-R,  --remove-all

Removes all account configurations currently loaded


Indicates that the agent should load the account configuration without checking it, i.e. no access token is obtained on load.

-t,  --lifetime=TIME

Set a maximum lifetime in seconds when adding the account configuration

-x,  --lock

Lock agent

-X,  --unlock

Unlock agent


-g,  --debug

Sets the log level to DEBUG

-v,  --verbose

Enables verbose mode


-?,  --help

Give this help list


Give a short usage message

-V,  --version

Print program version

Mandatory or optional arguments to long options are also mandatory or optional for any corresponding short options.


~/.config/oidc-agent/ or ~/.oidc-agent/

oidc-add reads account and client configurations in this directory.


oidc-add example

Adds the 'example' account configuration to oidc-agent.

oidc-add example -r

Removes the 'example' account configuration from oidc-agent.

oidc-add example -t 300

Adds the 'example' account configuration to oidc-agent. It will be automatically removed after 5 minutes (300s).

oidc-add -R

Removes all loaded account configurations from oidc-agent.

oidc-add -x

Locks the agent. Use -X to unlock.

Reporting Bugs

Report bugs to <https://github.com/indigo-dc/oidc-agent/issues>
Subscribe to our mailing list to receive important updates about oidc-agent: <https://www.lists.kit.edu/sympa/subscribe/oidc-agent-user>.

See Also

oidc-agent(1), oidc-gen(1), oidc-token(1)

Low-traffic mailing list with updates such as critical security incidents and new releases: https://www.lists.kit.edu/sympa/subscribe/oidc-agent-user

Full documentation can be found at https://indigo-dc.gitbooks.io/oidc-agent/user/oidc-add

Referenced By

oidc-agent(1), oidc-gen(1), oidc-prompt(1), oidc-token(1).

January 2024 oidc-add 5.1.0