luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity

minor docs updates (#8725)

This commit is contained in:
Becca Petrin 2020-04-13 10:03:05 -07:00 committed by GitHub
parent 82c03b6c2c
commit 8e1ecefe59
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
command/token_create.go
View File

@ -123,7 +123,7 @@ func (c *TokenCreateCommand) Flags() *FlagSets {
Default: false,
Usage: "Create the token with no parent. This prevents the token from " +
"being revoked when the token which created it expires. Setting this " +
"value requires sudo permissions.",
"value requires root or sudo permissions.",
})
f.BoolVar(&BoolVar{

6
website/pages/api-docs/auth/token/index.mdx
View File

@ -74,8 +74,8 @@ during this call.
If not specified, defaults to all the policies of the calling token.
- `meta` `(map: {})` A map of string to string valued metadata. This is
passed through to the audit devices.
- `no_parent` `(bool: false)` - If true and set by a root caller, the token will
not have the parent token of the caller. This creates a token with no parent.
- `no_parent` `(bool: false)` - This argument only has effect if used by a root
or sudo caller. When set to true, the token created will not have a parent.
- `no_default_policy` `(bool: false)` - If true the `default` policy will not be
contained in this token's policy set.
- `renewable` `(bool: true)` - Set to `false` to disable the ability of the token
@ -99,7 +99,7 @@ during this call.
limit to the number of uses.
- `period` `(string: "")` - If specified, the token will be periodic; it will have
no maximum TTL (unless an "explicit-max-ttl" is also set) but every renewal
will use the given period. Requires a root/sudo token to use.
will use the given period. Requires a root token or one with the sudo capability.
- `entity_alias` `(string: "")` - Name of the entity alias to associate with
during token creation. Only works in combination with `role_name` argument
and used entity alias must be listed in `allowed_entity_aliases`. If this has

6
website/pages/docs/concepts/tokens.mdx
View File

@ -91,9 +91,9 @@ Often this behavior is not desired, so users with appropriate access can create
`orphan` tokens. These tokens have no parent -- they are the root of their own
token tree. These orphan tokens can be created:
1. Via the `auth/token/create-orphan` endpoint
2. By having `sudo` capability or `root` policy when accessing
`auth/token/create` and setting the `orphan` parameter to `true`
1. Via `write` access to the `auth/token/create-orphan` endpoint
2. By having `sudo` or `root` access to the `auth/token/create`
and setting the `no_parent` parameter to `true`
3. Via token store roles
4. By logging in with any other (non-`token`) auth method