Documentation

Module: auth/token

Provides implementation for the Vault Auth Token backend APIs

Extends

  • Vaulted

Methods

<inner> createToken( [mountName])

Creates a token to use for authenticating with the Vault.

Parameters:
Name Type Argument Default Description
options.body.id string <optional>

ID of the client token
options.body.policies Array <optional>

list of policies for the token
options.body.meta Object <optional>

map of string to string valued metadata
options.body.no_parent boolean <optional>

creates a token with no parent
options.body.no_default_profile boolean <optional>

default profile will not be a part of this token's policy set
options.body.ttl string <optional>

TTL period of the token
options.body.display_name string <optional>

display name of the token
options.body.num_uses number <optional>

maximum uses for the given token
options.token string <optional>

the authentication token
mountName string <optional>
 token

path name the token auth backend is mounted on
Returns:
Type
Promise

<inner> lookupToken( [mountName])

Retrieve information about the specified existing token.

Parameters:
Name Type Argument Default Description
options.id string

unique identifier for the token
options.token string <optional>

the authentication token
mountName string <optional>
 token

path name the token auth backend is mounted on
Returns:
Type
Promise

<inner> lookupTokenSelf( [mountName])

Retrieve information about the current client token.

Parameters:
Name Type Argument Default Description
options.token string <optional>

the authentication token
mountName string <optional>
 token

path name the token auth backend is mounted on
Returns:
Type
Promise

<inner> renewToken( [mountName])

Renew an existing token to use for authenticating with the Vault.

Parameters:
Name Type Argument Default Description
options.id string

unique identifier for the token
options.body.increment number <optional>

lease increment
options.token string <optional>

the authentication token
mountName string <optional>
 token

path name the token auth backend is mounted on
Returns:
Type
Promise

<inner> revokeToken( [mountName])

Revokes the specified existing token and all child tokens.

Parameters:
Name Type Argument Default Description
options.id string

unique identifier for the token
options.token string <optional>

the authentication token
mountName string <optional>
 token

path name the token auth backend is mounted on
Returns:
Type
Promise

<inner> revokeTokenOrphan( [mountName])

Revokes the specified existing token but not the child tokens.

Parameters:
Name Type Argument Default Description
options.id string

unique identifier for the token
options.token string <optional>

the authentication token
mountName string <optional>
 token

path name the token auth backend is mounted on
Returns:
Type
Promise

<inner> revokeTokenPrefix( [mountName])

Revokes all tokens generated at a given prefix including children and secrets.

Parameters:
Name Type Argument Default Description
options.id string

token prefix
options.token string <optional>

the authentication token
mountName string <optional>
 token

path name the token auth backend is mounted on
Returns:
Type
Promise

<inner> revokeTokenSelf( [mountName])

Revokes the current client token and all child tokens.

Parameters:
Name Type Argument Default Description
options.token string <optional>

the authentication token
mountName string <optional>
 token

path name the token auth backend is mounted on
Returns:
Type
Promise