Has anyone managed to get Hashicorp Vault to authenticate against kratos / hydra as a non-user-facing service? (so, the user logs into an app, and that app's backend then connects to vault, passing on the auth cookie to vault which then gives access to that user's stored secrets)