docs: s/persona/alias (#3529)

website/source/api/secret/identity/index.html.md

@@ -54,7 +54,7 @@ $ curl \
 {
   "data": {
     "id": "8d6a45e5-572f-8f13-d226-cd0d1ec57297",
-    "personas": null
+    "aliases": null
   }
 }
 ```
@@ -93,7 +93,7 @@ $ curl \
       "team": "vault"
     },
     "name": "entity-c323de27-2ad2-5ded-dbf3-0c7ef98bc613",
-    "personas": [],
+    "aliases": [],
     "policies": [
       "eng-dev",
       "infra-dev"
@@ -147,14 +147,14 @@ $ curl \
 {
   "data": {
     "id": "8d6a45e5-572f-8f13-d226-cd0d1ec57297",
-    "personas": null
+    "aliases": null
   }
 }
 ```
 
 ## Delete Entity by ID
 
-This endpoint deletes an entity and all its associated personas.
+This endpoint deletes an entity and all its associated aliases.
 
 | Method     | Path                        | Produces               |
 | :--------- | :-------------------------- | :----------------------|
@@ -209,29 +209,29 @@ $ curl \
 }
 ```
 
-## Register Persona
+## Register Alias
 
-This endpoint creates a new persona and attaches it to the entity with the
+This endpoint creates a new alias and attaches it to the entity with the
 given identifier.
 
 | Method   | Path                | Produces               |
 | :------- | :------------------ | :----------------------|
-| `POST`   | `/identity/persona`  | `200 application/json` |
+| `POST`   | `/identity/alias`   | `200 application/json` |
 
 ### Parameters
 
-- `name` (string: Required) - Name of the persona. Name should be the
+- `name` (string: Required) - Name of the alias. Name should be the
   identifier of the client in the authentication source. For example, if the
-  persona belongs to userpass backend, the name should be a valid username
-  within userpass backend. If persona belongs to GitHub, it should be the
+  alias belongs to userpass backend, the name should be a valid username
+  within userpass backend. If alias belongs to GitHub, it should be the
   GitHub username.
 
-- `entity_id` (string: required) - Entity ID to which this persona belongs to.
+- `entity_id` (string: required) - Entity ID to which this alias belongs to.
 
 - `mount_accessor` (string: required) - Accessor of the mount to which the
-  persona should belong to.
+  alias should belong to.
 
-- `metadata` `(list of strings: [])` – Metadata to be associated with the persona. Format should be a list of `key=value` pairs.
+- `metadata` `(list of strings: [])` – Metadata to be associated with the alias. Format should be a list of `key=value` pairs.
 
 ### Sample Payload
 
@@ -251,7 +251,7 @@ $ curl \
     --header "X-Vault-Token: ..." \
     --request POST \
     --data @payload.json \
-    https://vault.rocks/v1/identity/persona
+    https://vault.rocks/v1/identity/alias
 ```
 
 ### Sample Response
@@ -265,24 +265,24 @@ $ curl \
 }
 ```
 
-## Read Persona by ID
+## Read Alias by ID
 
-This endpoint queries the persona by its identifier.
+This endpoint queries the alias by its identifier.
 
 | Method   | Path                         | Produces               |
 | :------- | :--------------------------- | :--------------------- |
-| `GET`    | `/identity/persona/id/:id`   | `200 application/json` |
+| `GET`    | `/identity/alias/id/:id`     | `200 application/json` |
 
 ### Parameters
 
-- `id` `(string: <required>)` – Specifies the identifier of the persona.
+- `id` `(string: <required>)` – Specifies the identifier of the alias.
 
 ### Sample Request
 
 ```
 $ curl \
     --header "X-Vault-Token: ..." \
-    https://vault.rocks/v1/identity/persona/id/34982d3d-e3ce-5d8b-6e5f-b9bb34246c31
+    https://vault.rocks/v1/identity/alias/id/34982d3d-e3ce-5d8b-6e5f-b9bb34246c31
 ```
 
 ### Sample Response
@@ -306,31 +306,31 @@ $ curl \
 }
 ```
 
-## Update Persona by ID
+## Update Alias by ID
 
-This endpoint is used to update an existing persona.
+This endpoint is used to update an existing alias.
 
 | Method   | Path                         | Produces               |
 | :------- | :--------------------------- | :--------------------- |
-| `POST`    | `/identity/persona/id/:id`  | `200 application/json` |
+| `POST`    | `/identity/alias/id/:id`    | `200 application/json` |
 
 ### Parameters
 
 - `id` `(string: <required>)` – Specifies the identifier of the entity.
 
-- `name` (string: Required) - Name of the persona. Name should be the
+- `name` (string: Required) - Name of the alias. Name should be the
   identifier of the client in the authentication source. For example, if the
-  persona belongs to userpass backend, the name should be a valid username
-  within userpass backend. If persona belongs to GitHub, it should be the
+  alias belongs to userpass backend, the name should be a valid username
+  within userpass backend. If alias belongs to GitHub, it should be the
   GitHub username.
 
-- `entity_id` (string: required) - Entity ID to which this persona belongs to.
+- `entity_id` (string: required) - Entity ID to which this alias belongs to.
 
 - `mount_accessor` (string: required) - Accessor of the mount to which the
-  persona should belong to.
+  alias should belong to.
 
 - `metadata` `(list of strings: [])` – Metadata to be associated with the
-  persona. Format should be a list of `key=value` pairs.
+  alias. Format should be a list of `key=value` pairs.
 
 ### Sample Payload
 
@@ -350,7 +350,7 @@ $ curl \
     --header "X-Vault-Token: ..." \
     --request POST \
     --data @payload.json \
-    https://vault.rocks/v1/identity/persona/id/34982d3d-e3ce-5d8b-6e5f-b9bb34246c31
+    https://vault.rocks/v1/identity/alias/id/34982d3d-e3ce-5d8b-6e5f-b9bb34246c31
 ```
 
 ### Sample Response
@@ -364,17 +364,17 @@ $ curl \
 }
 ```
 
-### Delete Persona by ID
+### Delete Alias by ID
 
-This endpoint deletes a persona from its corresponding entity.
+This endpoint deletes a alias from its corresponding entity.
 
 | Method     | Path                        | Produces               |
 | :--------- | :-------------------------- | :----------------------|
-| `DELETE`   | `/identity/persona/id/:id`  | `204 (empty body)`     |
+| `DELETE`   | `/identity/alias/id/:id`    | `204 (empty body)`     |
 
 ## Parameters
 
-- `id` `(string: <required>)` – Specifies the identifier of the persona.
+- `id` `(string: <required>)` – Specifies the identifier of the alias.
 
 ### Sample Request
 
@@ -382,17 +382,17 @@ This endpoint deletes a persona from its corresponding entity.
 $ curl \
     --header "X-Vault-Token: ..." \
     --request DELETE \
-    https://vault.rocks/v1/identity/persona/id/34982d3d-e3ce-5d8b-6e5f-b9bb34246c31
+    https://vault.rocks/v1/identity/alias/id/34982d3d-e3ce-5d8b-6e5f-b9bb34246c31
 ```
 
-### List Personas by ID
+### List Aliases by ID
 
-This endpoint returns a list of available personas by their identifiers.
+This endpoint returns a list of available aliases by their identifiers.
 
 | Method   | Path                         | Produces               |
 | :------- | :--------------------------- | :--------------------- |
-| `LIST`   | `/identity/persona/id`       | `200 application/json` |
-| `GET`    | `/identity/persona/id?list=true` | `200 application/json` |
+| `LIST`   | `/identity/alias/id`       | `200 application/json` |
+| `GET`    | `/identity/alias/id?list=true` | `200 application/json` |
 
 ### Sample Request
 
@@ -400,7 +400,7 @@ This endpoint returns a list of available personas by their identifiers.
 $ curl \
     --header "X-Vault-Token: ..." \
     --request LIST \
-    https://vault.rocks/v1/identity/persona/id
+    https://vault.rocks/v1/identity/alias/id
 ```
 
 ### Sample Response

website/source/api/system/mfa-duo.html.md

@@ -18,12 +18,12 @@ This endpoint defines a MFA method of type Duo.
 
 - `name` `(string: <required>)` – Name of the MFA method.
 
-- `mount_accessor` `(string: <required>)` - The mount to tie this method to for use in automatic mappings. The mapping will use the Name field of Personas associated with this mount as the username in the mapping.
+- `mount_accessor` `(string: <required>)` - The mount to tie this method to for use in automatic mappings. The mapping will use the Name field of Aliases associated with this mount as the username in the mapping.
 
-- `username_format` `(string)` - A format string for mapping Identity names to MFA method names. Values to substitute should be placed in `{{}}`. For example, `"{{persona.name}}@example.com"`. If blank, the Persona's Name field will be used as-is. Currently-supported mappings:
-  - persona.name: The name returned by the mount configured via the `mount_accessor` parameter
+- `username_format` `(string)` - A format string for mapping Identity names to MFA method names. Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. If blank, the Alias's Name field will be used as-is. Currently-supported mappings:
+  - alias.name: The name returned by the mount configured via the `mount_accessor` parameter
   - entity.name: The name configured for the Entity
-  - persona.metadata.`<key>`: The value of the Persona's metadata parameter
+  - alias.metadata.`<key>`: The value of the Alias's metadata parameter
   - entity.metadata.`<key>`: The value of the Entity's metadata paramater
 
 - `secret_key` `(string)` - Secret key for Duo.

website/source/api/system/mfa-okta.html.md

@@ -18,12 +18,12 @@ This endpoint defines a MFA method of type Okta.
 
 - `name` `(string: <required>)` – Name of the MFA method.
 
-- `mount_accessor` `(string: <required>)` - The mount to tie this method to for use in automatic mappings. The mapping will use the Name field of Personas associated with this mount as the username in the mapping.
+- `mount_accessor` `(string: <required>)` - The mount to tie this method to for use in automatic mappings. The mapping will use the Name field of Aliases associated with this mount as the username in the mapping.
 
-- `username_format` `(string)` - A format string for mapping Identity names to MFA method names. Values to substitute should be placed in `{{}}`. For example, `"{{persona.name}}@example.com"`. If blank, the Persona's Name field will be used as-is. Currently-supported mappings:
-  - persona.name: The name returned by the mount configured via the `mount_accessor` parameter
+- `username_format` `(string)` - A format string for mapping Identity names to MFA method names. Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. If blank, the Alias's Name field will be used as-is. Currently-supported mappings:
+  - alias.name: The name returned by the mount configured via the `mount_accessor` parameter
   - entity.name: The name configured for the Entity
-  - persona.metadata.`<key>`: The value of the Persona's metadata parameter
+  - alias.metadata.`<key>`: The value of the Alias's metadata parameter
   - entity.metadata.`<key>`: The value of the Entity's metadata paramater
 
 - `org_name` `(string)` - Name of the organization to be used in the Okta API.

website/source/api/system/mfa-pingid.html.md

@@ -18,12 +18,12 @@ This endpoint defines a MFA method of type PingID.
 
 - `name` `(string: <required>)` – Name of the MFA method.
 
-- `mount_accessor` `(string: <required>)` - The mount to tie this method to for use in automatic mappings. The mapping will use the Name field of Personas associated with this mount as the username in the mapping.
+- `mount_accessor` `(string: <required>)` - The mount to tie this method to for use in automatic mappings. The mapping will use the Name field of Aliases associated with this mount as the username in the mapping.
 
-- `username_format` `(string)` - A format string for mapping Identity names to MFA method names. Values to substitute should be placed in `{{}}`. For example, `"{{persona.name}}@example.com"`. If blank, the Persona's Name field will be used as-is. Currently-supported mappings:
-  - persona.name: The name returned by the mount configured via the `mount_accessor` parameter
+- `username_format` `(string)` - A format string for mapping Identity names to MFA method names. Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. If blank, the Alias's Name field will be used as-is. Currently-supported mappings:
+  - alias.name: The name returned by the mount configured via the `mount_accessor` parameter
   - entity.name: The name configured for the Entity
-  - persona.metadata.`<key>`: The value of the Persona's metadata parameter
+  - alias.metadata.`<key>`: The value of the Alias's metadata parameter
   - entity.metadata.`<key>`: The value of the Entity's metadata paramater
 
 - `settings_file_base64` `(string)` - A base64-encoded third-party settings file retrieved from PingID's configuration page.

website/source/docs/enterprise/identity/index.html.md

@@ -14,12 +14,12 @@ the tokens used in Vault.
 
 ## Concepts
 
-### Entities and Personas
+### Entities and Aliases
 
 Each user will have multiple accounts with various identity providers. Users
 can now be mapped as `Entities` and their corresponding accounts with
-authentication providers can be mapped as `Personas`. In essence, each entity
-is made up of zero or more personas.
+authentication providers can be mapped as `Aliases`. In essence, each entity
+is made up of zero or more aliases.
 
 ### Entity Management
 
@@ -50,15 +50,15 @@ _additional_ capabilities and not a replacement for the policies on the token,
 and to know the full set of capabilities of the token with an associated entity
 identifier, the policies on the token should be taken into account.
 
-### Mount Bound Personas
+### Mount Bound Aliases
 
 Vault supports multiple authentication backends and also allows enabling same
-authentication backend on different mounts. The persona name of the user with
+authentication backend on different mounts. The alias name of the user with
 each identity provider will be unique within the provider. But Vault also needs
-to uniquely distinguish between conflicting persona names across different
-mounts of these identity providers. Hence the persona name, in combination with
+to uniquely distinguish between conflicting alias names across different
+mounts of these identity providers. Hence the alias name, in combination with
 the authentication backend mount's accessor serve as the unique identifier of a
-persona.
+alias.
 
 ### Implicit Entities
 
@@ -66,7 +66,7 @@ Operators can create entities for all the users of an auth mount
 beforehand and assign policies to them, so that when users login, the desired
 capabilities to the tokens via entities are already assigned. But if that's not
 done, upon a successful user login from any of the authentication backends,
-Vault will create a new entity and assign a persona against the login that was
+Vault will create a new entity and assign a alias against the login that was
 successful.
 
 Note that, tokens created using the token authentication backend will not have

website/source/docs/enterprise/mfa/index.html.md

@@ -25,17 +25,17 @@ MFA in Vault can be of the following types.
 - `Okta` - If Okta push is configured and enabled on a path, then the enrolled
   device of the user will get a push notification to approve or deny the access
   to the API. The Okta username will be derived from the caller identity's
-  persona.
+  alias.
 
 - `Duo` - If Duo push is configured and enabled on a path, then the enrolled
   device of the user will get a push notification to approve or deny the access
   to the API. The Duo username will be derived from the caller identity's
-  persona.
+  alias.
 
 - `PingID` - If PingID push is configured and enabled on a path, then the
   enrolled device of the user will get a push notification to approve or deny
   the access to the API. The PingID username will be derived from the caller
-  identity's persona.
+  identity's alias.
 
 ## Configuring MFA Methods
 

website/source/docs/secrets/identity/index.html.md

@@ -12,18 +12,18 @@ Name: `identity`
 
 The Identity secret backend is the identity management solution for Vault. It
 internally maintains the clients who are recognized by Vault. Each client is
-internally termed as an `Entity`. An entity can have multiple `Personas`. For
+internally termed as an `Entity`. An entity can have multiple `Aliases`. For
 example, a single user who has accounts in both Github and LDAP, can be mapped
-to a single entity in Vault that has 2 personas, one of type Github and one of
+to a single entity in Vault that has 2 aliases, one of type Github and one of
 type LDAP. When a client authenticates via any of the credential backend
 (except the Token backend), Vault creates a new entity and attaches a new
-persona to it, if an entity doesn't already exist. The entity identifier will
+alias to it, if an entity doesn't already exist. The entity identifier will
 be tied to the authenticated token.  When such tokens are put to use, their
 entity identifiers are audit logged, marking a trail of actions performed by
 specific users.
 
 Identity store allows operators to **manage** the entities in Vault. Entities
-can be created and personas can be tied to entities, via the ACL'd API. There
+can be created and aliases can be tied to entities, via the ACL'd API. There
 can be policies set on the entities which adds capabilities to the tokens that
 are tied to entity identiers. The capabilities granted to tokens via the
 entities are **an addition** to the existing capabilities of the token and