Interface TokenAuth
public interface TokenAuth
Token authentication method API.
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final AuthMethod<TokenAuth> Token authentication method.static final StringBatch token type.static final StringDefault token type.static final StringService token type. -
Method Summary
Modifier and TypeMethodDescriptiondefault CreateToken.ResponseCreate a new orphan token with default configuration.default CreateToken.ResponseCreate a new child token with default configuration.createToken(CreateToken.Request request) Create a new token with customized configuration.createTokenRole(CreateTokenRole.Request request) Creates (or replaces) the named role.deleteTokenRole(DeleteTokenRole.Request request) Delete a named token role.renew(RenewToken.Request request) Renews a lease associated with a token.revoke(RevokeToken.Request request) Revokes a token and all child tokens.Revokes a token and orphans all child tokens.
-
Field Details
-
AUTH_METHOD
Token authentication method.Documentation: https://www.vaultproject.io/api-docs/auth/token
-
TYPE_SERVICE
Service token type.- See Also:
-
TYPE_BATCH
Batch token type.- See Also:
-
TYPE_DEFAULT
Default token type.- See Also:
-
-
Method Details
-
createToken
Create a new child token with default configuration.- Returns:
- a new token
-
createOrphan
Create a new orphan token with default configuration.- Returns:
- a new token
-
createToken
Create a new token with customized configuration.- Parameters:
request- token request- Returns:
- a new token
-
renew
Renews a lease associated with a token. This is used to prevent the expiration of a token, and the automatic revocation of it. Token renewal is possible only if there is a lease associated with it.- Parameters:
request- with token to renew- Returns:
- a new token
-
revoke
Revokes a token and all child tokens. When the token is revoked, all dynamic secrets generated with it are also revoked.- Parameters:
request- with token to revoke- Returns:
- when revocation finishes
-
createTokenRole
Creates (or replaces) the named role. Roles enforce specific behavior when creating tokens that allow token functionality that is otherwise not available or would require sudo/root privileges to access. Role parameters, when set, override any provided options to the create endpoints. The role name is also included in the token path, allowing all tokens created against a role to be revoked using the /sys/leases/revoke-prefix endpoint.- Parameters:
request- token role request- Returns:
- when creation finishes
-
deleteTokenRole
Delete a named token role.- Parameters:
request- with name of the role- Returns:
- when deleted
-
revokeAndOrphan
Revokes a token and orphans all child tokens. When the token is revoked, all dynamic secrets generated with it are also revoked. This is a root protected endpoint.- Parameters:
request- with token to revoke- Returns:
- when revocation finishes
-