"Missing client token" when authenticating with login/pass on Hashicorp Vault

Question 1

"Missing client token" when authenticating with login/pass on Hashicorp Vault

hashicorp-vault

Karreg · Apr 9, 2018 · Viewed 15k times · Source

Answer

Answer

OK, si I figured it out by trials.

So the userpass auth was indeed disabled. I have to use LDAP auth. With the Vault-UI that is installed, I managed to find the URL to authenticate. If was the following : https://******:8200/v1/auth/<ldap>/login/<user>

And that way it's working.

Unfortunately, it does not help in the end. The idea was to synchronize Vault data locally, but the Vault API is really not built for that kind of access. It requires a LOT of requests, and end up being very slow for a few secrets synchronized...

Thanks for the help!

Question 2

I'm trying to get login/pass authentication working on Vault. When I try the method given in the API documentation here: https://www.vaultproject.io/api/auth/userpass/index.html#login

I get this error:

$ curl --request POST --data @payload.json https://<myurl>:8200/v1/auth/userpass/login/<mylogin> -k
{"errors":["missing client token"]}

And I can't find information on this error. It makes me wonder what happens, because I want to authenticate with login/pass to get the token, so that's just normal to not have it.

Here is the content of the payload.json:

{
  "password": "foo"
}

Is there any way to login with username/password? This is the only fallback method I have when the user does not know its token.

Thanks!

"Missing client token" when authenticating with login/pass on Hashicorp Vault

Answer

Related questions