You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I noticed a few inconsistencies today with the Token auth backend:
The docs specify no_parent to create an orphan token, but the help text from the token-create command says that this command is called orphan.
The docs say that if lease is not specified, "the token is valid indefinitely." But this isn't true; it's valid for Vault's hard-coded limit of 30 days. Someone that doesn't carefully look at the returned token_duration and only uses the documentation may get a rude awakening a month down the line.
The docs for auth/token/create indicate that to add metadata to a token you use metadata, but when doing this via the Go API it doesn't work; I need to use meta. However, from the command line client, metadatadoes work, because it's not converting from JSON like the API.
The text was updated successfully, but these errors were encountered:
@sethvargo I think these are both documentation bugs, although I haven't checked orphan (it accepts the flag without choking but that doesn't mean it's valid).
@jefferai Thanks for catching these! The first one is not a "bug" per-se, the CLI tool just is mapping the -orphan flag to the no_parent option. The API is no_parent however.
I noticed a few inconsistencies today with the Token auth backend:
The docs specify
no_parent
to create an orphan token, but the help text from thetoken-create
command says that this command is calledorphan
.The docs say that if
lease
is not specified, "the token is valid indefinitely." But this isn't true; it's valid for Vault's hard-coded limit of 30 days. Someone that doesn't carefully look at the returnedtoken_duration
and only uses the documentation may get a rude awakening a month down the line.The docs for
auth/token/create
indicate that to add metadata to a token you usemetadata
, but when doing this via the Go API it doesn't work; I need to usemeta
. However, from the command line client,metadata
does work, because it's not converting from JSON like the API.The text was updated successfully, but these errors were encountered: