Scroll to navigation

OIDC-ADD(1) User Commands OIDC-ADD(1)


oidc-add - adds account configurations to oidc-agent


oidc-add [OPTION...] ACCOUNT_SHORTNAME | -a | -l | -x | -X | -R


oidc-add -- A client for adding and removing accounts to the oidc-agent

Lists the currently loaded account configurations
approval by the user for this account configuration.
Require user confirmation when an application requests an access token for this configuration
Lists all configured account configurations
Prints the encrypted account configuration and exits
Command from which the agent can read the encryption password
Reads the encryption password from the passed environment variable (default: OIDC_ENCRYPTION_PW), instead of prompting the user
Uses the first line of FILE as the encryption password.
Uses the passed GPG KEY for encryption
Stores the used encryption password in the systems' keyring
Change the mode how oidc-add should prompt for passwords. The default is 'cli'.
Keeps the encryption password encrypted in memory for TIME seconds. Default value for TIME: Forever
The account configuration is removed, not added
Use a remote central oidc-agent, instead of a local one.
Removes all account configurations currently loaded
Enables seccomp system call filtering; allowing only predefined system calls.
Set a maximum lifetime in seconds when adding the account configuration
Lock agent
Unlock agent
Sets the log level to DEBUG
Enables verbose mode
-?, --help
Give this help list
Give a short usage message
Print program version

Mandatory or optional arguments to long options are also mandatory or optional for any corresponding short options.


~/.config/oidc-agent/ or ~/.oidc-agent/

oidc-add reads account and client configurations in this directory.


oidc-add example
Adds the 'example' account configuration to oidc-agent.

oidc-add example -r
Removes the 'example' account configuration from oidc-agent.

oidc-add example -t 300
Adds the 'example' account configuration to oidc-agent. It will be automatically removed after 5 minutes (300s).

oidc-add -R
Removes all loaded account configurations from oidc-agent.

oidc-add -x
Locks the agent. Use -X to unlock.


Report bugs to <>
Subscribe to our mailing list to receive important updates about oidc-agent: <>.


oidc-agent(1), oidc-gen(1), oidc-token(1)

Low-traffic mailing list with updates such as critical security incidents and new releases:

Full documentation can be found at

February 2022 oidc-add 4.2.6