Note: this component is designated "advanced", which means that objects of this type are not expected to be created or altered in most environments. If you believe that such a change is necessary, you may want to contact support in order to understand the potential impact of that change.
User Pass Vault Authentication Methods authenticate to Vault with a username and password, which can be exchanged for an access token.
The User Pass Vault Authentication Method component inherits from the Vault Authentication Method
The properties supported by this managed object are as follows:
| Basic Properties: | Advanced Properties: |
|---|---|
| description | None |
| username | |
| password | |
| login-mechanism-name |
| Description | A description for this Vault Authentication Method |
| Default Value | None |
| Allowed Values | A string |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | The username for the user to authenticate. |
| Default Value | None |
| Allowed Values | A string |
| Multi-Valued | No |
| Required | Yes |
| Admin Action Required | None. Modification requires no further action |
| Description | The password for the user to authenticate. |
| Default Value | None |
| Allowed Values | A string |
| Multi-Valued | No |
| Required | Yes |
| Admin Action Required | None. Modification requires no further action |
| Description | The name used when enabling the desired UserPass authentication mechanism in the Vault server. This should be the portion of the request URI path needed ot authenticate to a Vault instance with the desired UserPass mechanism. It should be the portion of the path between "/v1/sys/auth/" and "/login/". For example, in the request URI "http://vault.example.com:8200/v1/sys/auth/userpass/login/jdoe", the mechanism name is "userpass". |
| Default Value | userpass |
| Allowed Values | A string |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
To list the configured Vault Authentication Methods:
dsconfig list-vault-authentication-methods
[--property {propertyName}] ...
To view the configuration for an existing Vault Authentication Method:
dsconfig get-vault-authentication-method-prop
--method-name {name}
[--tab-delimited]
[--script-friendly]
[--property {propertyName}] ...
To update the configuration for an existing Vault Authentication Method:
dsconfig set-vault-authentication-method-prop
--method-name {name}
(--set|--add|--remove) {propertyName}:{propertyValue}
[(--set|--add|--remove) {propertyName}:{propertyValue}] ...
To create a new User Pass Vault Authentication Method:
dsconfig create-vault-authentication-method
--method-name {name}
--type user-pass
--set username:{propertyValue}
--set password:{propertyValue}
[--set {propertyName}:{propertyValue}] ...
To delete an existing Vault Authentication Method:
dsconfig delete-vault-authentication-method
--method-name {name}