syntax = "proto3"; option go_package = "github.com/hashicorp/vault/sdk/logical"; package logical; message Entity { // ID is the unique identifier for the entity string ID = 1; // Name is the human-friendly unique identifier for the entity string name = 2; // Aliases contains thhe alias mappings for the given entity repeated Alias aliases = 3; // Metadata represents the custom data tied to this entity map metadata = 4; // Disabled is true if the entity is disabled. bool disabled = 5; // NamespaceID is the identifier of the namespace to which this entity // belongs to. string namespace_id = 6; } message Alias { // MountType is the backend mount's type to which this identity belongs string mount_type = 1; // MountAccessor is the identifier of the mount entry to which this // identity belongs string mount_accessor = 2; // Name is the identifier of this identity in its authentication source string name = 3; // Metadata represents the custom data tied to this alias. Fields added // to it should have a low rate of change (or no change) because each // change incurs a storage write, so quickly-changing fields can have // a significant performance impact at scale. See the SDK's // "aliasmetadata" package for a helper that eases and standardizes // using this safely. map metadata = 4; // ID is the unique identifier for the alias string ID = 5; // NamespaceID is the identifier of the namespace to which this alias // belongs. string namespace_id = 6; // Custom Metadata represents the custom data tied to this alias map custom_metadata = 7; // Local indicates if the alias only belongs to the cluster where it was // created. If true, the alias will be stored in a location that are ignored // by the performance replication subsystem. bool local = 8; } message Group { // ID is the unique identifier for the group string ID = 1; // Name is the human-friendly unique identifier for the group string name = 2; // Metadata represents the custom data tied to this group map metadata = 3; // NamespaceID is the identifier of the namespace to which this group // belongs to. string namespace_id = 4; } message MFAMethodID { string type = 1; string id = 2; bool uses_passcode = 3; } message MFAConstraintAny { repeated MFAMethodID any = 1; } message MFARequirement { string mfa_request_id = 1; map mfa_constraints = 2; }