Support for Custom Labels for OIDC Auth Provider

[pacecreative]

Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
End users are unfamiliar with OIDC but are familiar with the name of our custom OIDC provider are confused when trying to log in with the UI. Thus when we direct them to the login, we usually get questions about what source to use for auth.

Describe the solution you'd like
A clear and concise description of what you want to happen.
When a user navigates to the UI, and the listing_visibility is marked as unauth, it would be nice to have a label property that could be set so instead of oidc it would say My Provider.

Additionally, it would be beneficial to have the button also reflect the custom provider name, similar to the Gitlab or Google OIDC login buttons. For example, it would say Sign in with My Provider. This way the user would see a familiar name on the log in button.

Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.
I tried changing the oidc auth source path to be closer to the provider name, but it would not work from either the OIDC with the custom mount path in the Other menu, or from the tabbed layout because of the unauth for listing_visibility. When I reset it back to the default path of oidc, it worked again.

Explain any additional use-cases
If there are any use-cases that would help us understand the use/need/value please share them as they can help us decide on acceptance and prioritization.

Additional context
Add any other context or screenshots about the feature request here.

[hellobontempo]

Hi there, you can mount oidc at a custom path name, and it will still perform the auth flow. Did you also update your callback urls (both in the client settings of the OIDC provider, and in the vault configuration for that auth method)?
For example, if you mount at my_custom_path it would look something like:

# enable method at custom path vault
vault auth enable -path=my_custom_path oidc
vault write auth/my_custom_path/config oidc_discovery_url="https://<provider domain>/" oidc_client_id=<client id> oidc_client_secret=<client secret> default_role="reader"
vault write auth/my_custom_path/role/reader bound_audiences=<client id>  allowed_redirect_uris="http://localhost:8200/ui/vault/auth/my_custom_path/oidc/callback" allowed_redirect_uris="http://localhost:8250/oidc/callback" user_claim="sub" policies="reader"

# show as tab
vault auth tune -listing-visibility="unauth" my_custom_path/

Allowed callback url in when configuring client:

  http://localhost:4200/ui/vault/auth/my_custom_path/oidc/callback

Demo of working auth flow with custom tab name below. At this time there's no way to customize the button text but there's an open feature request to add this functionality

[hsimon-hashicorp]

@pacecreative since it's been some time since we've heard from you on this request, I'm going to go ahead and close it with thanks to @hellobontempo for her always-awesome demo gifs. As she notes, we have an open feature request for the button text, so watch Vault's release notes in the future. Thanks!