luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
open-vault/website/source/docs/http/sys-auth.html.md
Jeff Mitchell 7f3041d6a5 Fix formatting
2016-09-19 13:00:50 -04:00

3.6 KiB
Raw Blame History

layout page_title sidebar_current description
http HTTP API: /sys/auth docs-http-auth-auth The `/sys/auth` endpoint is used to manage auth backends in Vault.

/sys/auth

GET

Description
Lists all the enabled auth backends.
Method
GET
Parameters
None
Returns
```javascript
{
  "github": {
    "type": "github",
    "description": "GitHub auth"
  }
}
```

POST

Description
Enable a new auth backend. The auth backend can be accessed and configured via the auth path specified in the URL. This auth path will be exposed under the `auth` prefix. For example, enabling with the `/sys/auth/foo` URL will make the backend available at `/auth/foo`. _This endpoint requires `sudo` capability on the final path._
Method
POST
URL
`/sys/auth/`
Parameters
  • type required The name of the auth backend type, such as "github"
  • description optional A human-friendly description of the auth backend.
Returns
`204` response code.

DELETE

Description
Disable the auth backend at the given auth path. _This endpoint requires `sudo` capability on the final path._
Method
DELETE
URL
`/sys/auth/`
Parameters
None
Returns
`204` response code.

/sys/auth/[auth-path]/tune

GET

Description
Read the given auth path's configuration. Returns the current time in seconds for each TTL, which may be the system default or a auth path specific value. _This endpoint requires `sudo` capability on the final path, but the same functionality can be achieved without `sudo` via `sys/mounts/auth/[auth-path]/tune`._
Method
GET
URL
`/sys/auth/[auth-path]/tune`
Parameters
None
Returns
```javascript
{
  "default_lease_ttl": 3600,
  "max_lease_ttl": 7200
}
```

POST

Description
Tune configuration parameters for a given auth path. _This endpoint requires `sudo` capability on the final path, but the same functionality can be achieved without `sudo` via `sys/mounts/auth/[auth-path]/tune`._
Method
POST
URL
`/sys/auth/[auth-path]/tune`
Parameters
  • default_lease_ttl optional The default time-to-live. If set on a specific auth path, overrides the global default. A value of "system" or "0" are equivalent and set to the system default TTL.
  • max_lease_ttl optional The maximum time-to-live. If set on a specific auth path, overrides the global default. A value of "system" or "0" are equivalent and set to the system max TTL.
Returns
`204` response code.