luxolus
/
open-consul
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity

Merge pull request #13682 from hashicorp/docs/deemphasize-token-query-param 

docs: suggest using token header, not query param
This commit is contained in:
Jared Kirschner 2022-07-20 19:22:53 -04:00 committed by GitHub
parent 4cec3bd9db 7a58a4df96
commit 706e0def2e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
website/content/docs/agent/config/config-files.mdx
View File

@ -869,11 +869,12 @@ Valid time units are 'ns', 'us' (or 'µs'), 'ms', 's', 'm', 'h'."
- `master` ((#acl_tokens_master)) **Renamed in Consul 1.11 to
[`acl.tokens.initial_management`](#acl_tokens_initial_management).**
- `default` ((#acl_tokens_default)) - When provided, the agent will
use this token when making requests to the Consul servers. Clients can override
this token on a per-request basis by providing the "?token" query parameter.
When not provided, the empty token, which maps to the 'anonymous' ACL token,
is used.
- `default` ((#acl_tokens_default)) - When provided, this agent will
use this token by default when making requests to the Consul servers
instead of the [anonymous token](/docs/security/acl/acl-tokens#anonymous-token).
Consul HTTP API requests can provide an alternate token in their authorization header
to override the `default` or anonymous token on a per-request basis,
as described in [HTTP API Authentication](/api-docs#authentication).
- `agent` ((#acl_tokens_agent)) - Used for clients and servers to perform
internal operations. If this isn't specified, then the
@ -993,11 +994,7 @@ Valid time units are 'ns', 'us' (or 'µs'), 'ms', 's', 'm', 'h'."
in the cache can be resolved during the outage using the replicated set of ACLs.
- `acl_token` ((#acl_token_legacy)) - **Deprecated in Consul 1.4.0. See
the [`acl.tokens.default`](#acl_tokens_default) field instead.** When provided,
the agent will use this token when making requests to the Consul servers. Clients
can override this token on a per-request basis by providing the "?token" query
parameter. When not provided, the empty token, which maps to the 'anonymous' ACL
policy, is used.
the [`acl.tokens.default`](#acl_tokens_default) field instead.**
- `acl_ttl` ((#acl_ttl_legacy)) - **Deprecated in Consul 1.4.0. See the
[`acl.token_ttl`](#acl_token_ttl) field instead.**Used to control Time-To-Live