From 174aa4adb12d18b51f85e37dab365465ed9c442f Mon Sep 17 00:00:00 2001 From: vishalnayak Date: Fri, 14 Oct 2016 22:39:56 -0400 Subject: [PATCH] Update github login output in the docs --- website/source/docs/auth/github.html.md | 61 ++++++++++++++----------- 1 file changed, 35 insertions(+), 26 deletions(-) diff --git a/website/source/docs/auth/github.html.md b/website/source/docs/auth/github.html.md index 4782fd9b75..44eb2c9515 100644 --- a/website/source/docs/auth/github.html.md +++ b/website/source/docs/auth/github.html.md @@ -10,10 +10,9 @@ description: |- Name: `github` -The GitHub auth backend can be used to authenticate with Vault using -a GitHub personal access token. -This method of authentication is most useful for humans: operators or -developers using Vault directly via the CLI. +The GitHub auth backend can be used to authenticate with Vault using a GitHub +personal access token. This method of authentication is most useful for humans: +operators or developers using Vault directly via the CLI. ## Authentication @@ -42,23 +41,27 @@ The response will be in JSON. For example: ```javascript { - "lease_id": "", - "renewable": false, - "lease_duration": 0, - "data": null, - "warnings": null, "auth": { - "client_token": "c4f280f6-fdb2-18eb-89d3-589e2e834cdb", - "policies": [ - "admins" - ], + "renewable": true, + "lease_duration": 2764800, "metadata": { - "org": "test_org", - "username": "rajanadar", + "username": "vishalnayak", + "org": "hashicorp" }, - "lease_duration": 0, - "renewable": false - } + "policies": [ + "default", + "dev-policy" + ], + "accessor": "f93c4b2d-18b6-2b50-7a32-0fecf88237b8", + "client_token": "1977fceb-3bfa-6c71-4d1f-b64af98ac018" + }, + "warnings": null, + "wrap_info": null, + "data": null, + "lease_duration": 0, + "renewable": false, + "lease_id": "", + "request_id": "3c346f3b-e089-39ab-a953-a349f2284e3c" } ``` @@ -109,21 +112,27 @@ you will need to include it as: `some-amazing-team`. Example: ``` -$ vault write auth/github/map/teams/admins value=admins -Success! Data written to: auth/github/map/teams/admins +$ vault write auth/github/map/teams/dev value=dev-policy +Success! Data written to: auth/github/map/teams/dev ``` -The above would make anyone in the "admins" team receive tokens with the policy `admins`. +The above would make anyone in the `dev` team receive tokens with the policy +`dev-policy`. -You can then auth with a user that is a member of the "admins" team using a Personal Access Token with the `read:org` scope. +You can then auth with a user that is a member of the `dev` team using a +Personal Access Token with the `read:org` scope. GitHub token can also be supplied from the env variable `VAULT_AUTH_GITHUB_TOKEN`. ``` $ vault auth -method=github token=000000905b381e723b3d6a7d52f148a5d43c4b45 -Successfully authenticated! The policies that are associated -with this token are listed below: - -admins +Successfully authenticated! You are now logged in. +The token below is already saved in the session. You do not +need to "vault auth" again with the token. +token: 0d9ab511-bc25-4fb6-a58b-94ce12b8da9c +token_duration: 2764800 +token_policies: [default dev-policy] ``` +Clients can use this token to perform an allowed set of operations on all the +paths contained by the policy set.