vault

mirror of https://github.com/hashicorp/vault.git synced 2025-08-23 15:41:07 +02:00

Author	SHA1	Message	Date
Jaired Jawed	1face9d8cf	Update Docs For Bound Audience Explanation (#30519 ) * update docs for more clarity around bound audiences * more updates * update changelog * Delete changelog/30519.txt * Update website/content/docs/auth/jwt/index.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update website/content/api-docs/auth/jwt.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> --------- Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>	2025-05-13 13:44:31 -07:00
Sarah Chavis	485ccbc5da	[DOCS] IA refresh (phase 2) (#30287 )	2025-04-29 17:08:14 -07:00
Robert	35af160994	Add docs for GCP automated root rotation (#29782 ) * Fix azure reference * Add gcp docs * Fix auth references	2025-03-04 11:58:13 -06:00
vinay-gopalan	1091474e4d	Add docs for scheduled root rotation feature for the AWS and DB engines (#29755 )	2025-02-27 15:48:47 -08:00
kpcraig	8497dc66d0	Add docs for plugins with enterprise scheduled root rotation feature (#29608 )	2025-02-27 10:44:36 -08:00
kpcraig	db0d911683	Add support code for auth/ldap root autorotation (#29535 ) --------- Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>	2025-02-13 16:06:47 -05:00
Equus quagga	19adf7c6cc	Adds an option to enable sAMAccountname logins when upndomain is set (#29118 ) * Adds an option to enable sAMAccountname logins when upndomain is set * Adds an option to enable sAMAccountname logins when upndomain is set * Updated changelog entry * Update 29118.txt * Updated cap/ldap version due to needed dependency * Updated cap/ldap version due to needed dependency * Restart CI * Updated LDAP api-docs and docs describing the enable_samaccountname_login option * Added missing comma in config_test.go * Update enables_samaccountname Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update enable_samaccountname_login feature documentation Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> --------- Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>	2025-01-24 12:08:18 -06:00
himran92	31499884c4	doc updates to include new fields for SAML sig validation (#29195 ) * doc updates to include new fields for SAML sig validation * edit description * changes * remove extra option of validating both options	2025-01-22 17:03:07 -05:00
Luis (LT) Carbonell	cb32dd03c0	Update docs for auth-cf (#29311 )	2025-01-07 20:18:11 -05:00
Steven Clark	9bf3d115fc	Add an option to allow cert-auth to return metadata about client cert that fails login (#29044 ) * Add an option to allow cert-auth to return metadata about client certs that fail login * Add cl * Update SPDX header for sdk/logical/response_test.go	2024-11-29 10:22:09 -05:00
Scott Miller	38df9cf488	Tweak the ocsp_ca_certificate param docs to be more clear about what kind of cert it wants (#28659 )	2024-10-09 16:16:26 -04:00
Yoko Hyakuna	34a1796d03	[Docs] Create 'Troubleshoot' section (#28028 ) * Create 'Troubleshoot' section * Remove extra spaces * Update redirects.js * Remove extra comma * Change the title * Update website/content/docs/troubleshoot/generate-root-token.mdx Co-authored-by: Brian Shumate <brianshumate@users.noreply.github.com> * Update website/content/docs/troubleshoot/generate-root-token.mdx Co-authored-by: Brian Shumate <brianshumate@users.noreply.github.com> * Update website/content/docs/troubleshoot/generate-root-token.mdx Co-authored-by: Brian Shumate <brianshumate@users.noreply.github.com> * Update website/content/docs/troubleshoot/generate-root-token.mdx Co-authored-by: Brian Shumate <brianshumate@users.noreply.github.com> * Update website/content/docs/troubleshoot/generate-root-token.mdx Co-authored-by: Brian Shumate <brianshumate@users.noreply.github.com> * Update website/content/docs/troubleshoot/generate-root-token.mdx Co-authored-by: Brian Shumate <brianshumate@users.noreply.github.com> * Update website/content/docs/troubleshoot/generate-root-token.mdx Co-authored-by: Brian Shumate <brianshumate@users.noreply.github.com> * Update website/content/docs/troubleshoot/generate-root-token.mdx Co-authored-by: Brian Shumate <brianshumate@users.noreply.github.com> * Update website/content/docs/troubleshoot/generate-root-token.mdx Co-authored-by: Brian Shumate <brianshumate@users.noreply.github.com> * Update website/content/docs/troubleshoot/generate-root-token.mdx Co-authored-by: Brian Shumate <brianshumate@users.noreply.github.com> * edit suggestions (#28047) * Fix the relative path - add missing '/' * Fix a typo --------- Co-authored-by: Brian Shumate <brianshumate@users.noreply.github.com> Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>	2024-08-09 14:21:41 -07:00
Meggie	fd1e53d256	Edit alias_name_source explanation (#27382 ) * Edit alias_name_source explanation We wanted to clarify the difference between the two options and the implications. * Add missing backticks * Add comma * Update website/content/api-docs/auth/kubernetes.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> --------- Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>	2024-08-07 16:07:36 -07:00
John-Michael Faircloth	76ebf0b41b	docs: correct auth jwt role requirements (#27384 ) * docs: correct auth jwt role requirements * remove upgrade guide to be added in separate PR * Revert "remove upgrade guide to be added in separate PR" This reverts commit 6554d3ff63623a329b0d93f7143d95cd3f19b3e6. * update required details for bound audience * Apply suggestions from code review Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * fix formatting to match the existing format of the file * add 1.16 known issues * add 1.17 upgrade guide note --------- Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>	2024-06-12 13:46:40 -05:00
Raja Nadar	0d9e944e04	remove response payload for update approle role id (#18505 ) The ```update approle role id``` api does not return any response. It is a http 204 operation. Co-authored-by: Violet Hynes <violet.hynes@hashicorp.com>	2024-06-04 13:15:23 -04:00
vinay-gopalan	5acc4331ea	Add WIF documentation for Azure Auth and Secrets engines (#27185 )	2024-06-03 13:17:13 -07:00
vinay-gopalan	01ccf580d8	Add WIF documentation for GCP Auth and Secrets engines (#27170 ) Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>	2024-06-03 13:16:56 -07:00
Milena Zlaticanin	309d832462	Add AWS Auth WIF docs (#27054 ) * add aws auth wif docs * update docs * update docs	2024-05-23 12:58:08 -07:00
kpcraig	bef178b4a5	Add ExternalID support to AWS Auth STS configuration (#26628 ) * add basic external id support to aws auth sts configuration --------- Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>	2024-05-07 11:10:57 -04:00
preetibhat6	f3e6bf572f	docs/Update cert.mdx (#26165 ) Changed sample request for Configure TLS certificate method from auth/cert/certs/cert1 to auth/cert/config	2024-05-01 14:09:38 -07:00
thegatsbylofiexperience	5b845c83ff	Add canonicalArn as a entity alias name (#22460 ) * Add canonicalArn as a entity alias name * Add Canonical Arn to iam_alias documentation	2024-04-29 15:56:26 -04:00
JMGoldsmith	7b4f6409c6	[DOCS] Updating approle docs and token partial to include batch token prefer… (#26490 ) * updating approle docs and token partial to include batch token preference * Update website/content/docs/auth/approle.mdx Co-authored-by: Brian Shumate <brianshumate@users.noreply.github.com> * Update website/content/partials/tokenstorefields.mdx Co-authored-by: Brian Shumate <brianshumate@users.noreply.github.com> * Update website/content/docs/auth/approle.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> --------- Co-authored-by: Brian Shumate <brianshumate@users.noreply.github.com> Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>	2024-04-19 12:32:12 -04:00
Adrian Todorov	76be7fb832	Clarify the wordinf AWS auth docs around alias source (#26441 )	2024-04-16 17:41:40 +01:00
Thy Ton	df477f6404	docs make kubernetes_ca_cert optional on kubernetes auth (#25963 ) --------- Co-authored-by: Ben Ash <32777270+benashz@users.noreply.github.com> Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>	2024-03-27 15:45:43 -07:00
Steven Clark	6fca34eace	Proceed with cert auth login attempts if ocsp_fail_open is true and servers are unreachable (#25982 )	2024-03-19 10:39:37 -04:00
Steven Clark	5785191067	Support OCSP responses without NextUpdate field set (#25912 ) * Support OCSP responses without a NextUpdate value set - Validate that the ThisUpdate value is properly prior to our current time and if NextUpdate is set that, ThisUpdate is before NextUpdate. - If we don't have a value for NextUpdate just compare against ThisUpdate. * Add ocsp_this_update_max_ttl support to cert auth - Allow configuring a maximum TTL of the OCSP response based on the ThisUpdate time like OpenSSL does - Add test to validate that we don't cache OCSP responses with no NextUpdate * Add cl * Add missing ` in docs * Rename ocsp_this_update_max_ttl to ocsp_this_update_max_age * Missed a few TTL references * Fix error message	2024-03-18 18:12:37 -04:00
Peter Wilson	a311735761	Support pre-hashed passwords with userpass backend (#25862 ) * allows use of pre-hashed passwords with userpass backend * Remove unneeded error * Single error check after switch * use param name quoted in error message * updated test for quoted param in error * white space fixes for markdown doc * More whitespace fixes * added changelog * Password/pre-hashed password are only required on 'create' operation * docs indentation * Update website/content/docs/auth/userpass.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Updated docs * Check length of hash too * Update builtin/credential/userpass/path_user_password_test.go :) Co-authored-by: Kuba Wieczorek <kuba.wieczorek@hashicorp.com> --------- Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> Co-authored-by: Kuba Wieczorek <kuba.wieczorek@hashicorp.com>	2024-03-12 18:16:11 +00:00
Thy Ton	50aa6eea70	docs: add templated policies workflow example to kubernetes auth (#25694 ) --------- Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>	2024-03-01 15:11:14 -08:00
Austin Gebauer	6d4f5df69c	auth/jwt: adds documentation for multi-jwks config parameter (#25503 ) * auth/jwt: adds documentation for multi-jwks config parameter * updates bound_issuer parameter * fix link	2024-02-20 08:49:53 -08:00
Scott Miller	734afbe09e	Cache trusted cert values, invalidating when anything changes (#25421 ) * Cache trusted cert values, invalidating when anything changes * rename to something more indicative * defer * changelog * Use an LRU cache rather than a static map so we can't use too much memory. Add docs, unit tests * Don't add to cache if disabled. But this races if just a bool, so make the disabled an atomic	2024-02-15 21:48:30 +00:00
Thy Ton	aab72100fb	add new config option use_annotations_as_alias_metadata for k8s auth on api docs (#24941 )	2024-02-01 11:45:53 -08:00
Jakob Beckmann	2a566f40fc	docs(kubernetes-auth): add API documentation for kubernetes auth namespace selectors (#19318 ) Co-authored-by: Thy Ton <maithytonn@gmail.com>	2024-02-01 11:41:07 -08:00
Stefan Zhelyazkov	f4978b3efd	Updating Vault docs for JWT support of numeric bound_claims (#24921 ) * Add a note that the role name is available as role in entity alias metadata * Update JWT docs for numeric bound_claims	2024-01-18 13:57:30 +00:00
Max Winslow	54bfd792be	Sample payload is empty for AWS auth login request in API docs (#24106 ) * Update aws.mdx * Update aws.mdx	2024-01-09 12:28:37 -05:00
Thy Ton	2cd8bbaa75	add token_reviewer_jwt_set to resp data on config read example on k8s auth api doc (#24564 )	2024-01-04 13:27:49 -05:00
owenzorrin	7df1b64a3d	Update ldap.mdx (#24338 ) add missing use_token_groups parameter * use_token_groups - (Optional) Use the Active Directory tokenGroups constructed attribute of the user to find the group memberships https://registry.terraform.io/providers/hashicorp/vault/latest/docs/resources/ldap_auth_backend#use_token_groups	2023-12-13 15:06:20 -08:00
Sungyoon Jeong	7336cf70ad	docs: fix typo in aws.mdx (#24435 )	2023-12-13 12:37:13 -08:00
Skybladev2	d74d920b6e	Fix Read config title level (#23543 )	2023-10-09 13:06:18 -07:00
Austin Gebauer	526d0f4502	auth/saml: adds API docs for verbose_logging config (#23370 )	2023-09-29 11:15:38 +09:00
Austin Gebauer	e3617218df	auth/saml: adds documentation (#23183 ) * auth/saml: adds documentation * Update website/content/api-docs/auth/saml.mdx Co-authored-by: John-Michael Faircloth <fairclothjm@users.noreply.github.com> * use sentence case for titles * Update website/content/api-docs/auth/saml.mdx Co-authored-by: Rémi Lapeyre <remi.lapeyre@lenstra.fr> * Update website/content/docs/auth/saml.mdx Co-authored-by: Rémi Lapeyre <remi.lapeyre@lenstra.fr> * Update website/content/docs/auth/saml.mdx Co-authored-by: Rémi Lapeyre <remi.lapeyre@lenstra.fr> * Update website/content/docs/auth/saml.mdx Co-authored-by: Rémi Lapeyre <remi.lapeyre@lenstra.fr> * Update website/content/docs/auth/saml.mdx Co-authored-by: Rémi Lapeyre <remi.lapeyre@lenstra.fr> * Update website/content/api-docs/auth/saml.mdx Co-authored-by: Rémi Lapeyre <remi.lapeyre@lenstra.fr> * Update website/content/api-docs/auth/saml.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update website/content/api-docs/auth/saml.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update website/content/api-docs/auth/saml.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update website/content/api-docs/auth/saml.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update website/content/api-docs/auth/saml.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update website/content/api-docs/auth/saml.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update website/content/api-docs/auth/saml.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update website/content/api-docs/auth/saml.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update website/content/api-docs/auth/saml.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * fixup technical detail on bound_subjects * Update website/content/api-docs/auth/saml.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update website/content/api-docs/auth/saml.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update website/content/api-docs/auth/saml.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update website/content/api-docs/auth/saml.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update website/content/api-docs/auth/saml.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * fixup relay state * Update website/content/api-docs/auth/saml.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update website/content/docs/auth/saml.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update website/content/docs/auth/saml.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update website/content/docs/auth/saml.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update website/content/docs/auth/saml.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * updates wording for bound_attributes * updates bound_attributes_type * updates groups_attribute * lowercase saml entities, add note to unauthenticated APIs * updates token api description * adds section for replication configuration * adds section for namespace config of acs * use tabs for authentication section * change word --------- Co-authored-by: John-Michael Faircloth <fairclothjm@users.noreply.github.com> Co-authored-by: Rémi Lapeyre <remi.lapeyre@lenstra.fr> Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>	2023-09-27 15:34:43 +09:00
Jason O'Donnell	27d647f97a	Update changelog for auth/azure v0.16.2 (#23059 ) * update changelog for azure v0.16.2 * Add retry docs	2023-09-13 21:23:01 +00:00
Theron Voran	afd1302cce	docs/k8s-auth: non-JWT tokens are now allowed for token_reviewer_jwt (#22857 )	2023-09-08 10:40:29 -07:00
Brian Shumate	614f50de66	Docs: AppRole API docs updates (#19162 ) - Add example response for Read AppRole Secret ID - Add example response for Read AppRole Secret ID Accessor	2023-08-17 16:25:06 -07:00
Michael Dempsey	d6b7e5bfa1	Add support for signed GET requests for aws authentication (#10961 ) * Support GET requests for aws-iam This is required to support presigned requests from aws-sdk-go-v2 * Add GET method tests for aws-iam auth login path * Update Website Documenation * Validate GET action even if iam-server header is not set * Combine URL checks * Add const amzSignedHeaders to aws credential builtin * Add test for multiple GET request actions * Add Changelog Entry --------- Co-authored-by: Max Coulombe <109547106+maxcoulombe@users.noreply.github.com>	2023-08-15 15:40:12 -04:00
Raymond Ho	0d0cda43d5	clarify docs in ldap/auth for userfilter (#22210 )	2023-08-07 13:13:52 -07:00
Raymond Ho	4f7a8fb494	AWS auth login with multi region STS support (#21960 )	2023-07-28 08:42:22 -07:00
Florin Cătălin Țiucra-Popa	24a7d966d5	Update cert.mdx (#22076 ) * Update cert.mdx Adding the missing parameter `url` for CRL create endpoint. * Update website/content/api-docs/auth/cert.mdx Co-authored-by: Steven Clark <steven.clark@hashicorp.com> * Update cert.mdx Corrected the duplicate `crl` line. --------- Co-authored-by: Steven Clark <steven.clark@hashicorp.com>	2023-07-27 17:09:17 +02:00
Rachel Culpepper	71841c51be	Vault-17911: add support for hex values in oid extension (#21830 ) * add support for hex values in oid extension * add changelog * add length check on split and error handling on unmarshal	2023-07-17 10:58:18 -04:00
Anton Averchenkov	f4f0412b6a	[docs] Convert titles to sentense case (#21426 ) * Convert documentation titles to sentense case * Docker, Google, Foundry, Cloud proper case	2023-06-30 19:22:07 -04:00
Rowan Smith	c7db2d61b0	[Docs] ldap auth add VAULT_LDAP_PASSWORD environment variable (#21407 ) Add VAULT_LDAP_PASSWORD environment variable	2023-06-22 11:31:26 -07:00

1 2 3

118 Commits