--- layout: api page_title: /sys/config/auditing - HTTP API description: The `/sys/config/auditing` endpoint is used to configure auditing settings. --- > [!IMPORTANT] > **Documentation Update:** Product documentation, which were located in this repository under `/website`, are now located in [`hashicorp/web-unified-docs`](https://github.com/hashicorp/web-unified-docs), colocated with all other product documentation. Contributions to this content should be done in the `web-unified-docs` repo, and not this one. Changes made to `/website` content in this repo will not be reflected on the developer.hashicorp.com website. # `/sys/config/auditing/request-headers` @include 'alerts/restricted-root.mdx' The `/sys/config/auditing` endpoint is used to configure auditing settings. ## Read all audited request headers This endpoint lists the request headers that are configured to be audited. - **`sudo` required** – This endpoint requires `sudo` capability in addition to any path-specific capabilities. | Method | Path | | :----- | :------------------------------------- | | `GET` | `/sys/config/auditing/request-headers` | ### Sample request ```shell-session $ curl \ --header "X-Vault-Token: ..." \ http://127.0.0.1:8200/v1/sys/config/auditing/request-headers ``` ### Sample response ```json { "headers": { "X-Forwarded-For": { "hmac": true } } } ``` ## Read single audit request header This endpoint lists the information for the given request header. - **`sudo` required** – This endpoint requires `sudo` capability in addition to any path-specific capabilities. | Method | Path | | :----- | :------------------------------------------- | | `GET` | `/sys/config/auditing/request-headers/:name` | ### Parameters - `name` `(string: )` – Specifies the name of the request header to query. This is specified as part of the URL. ### Sample request ```shell-session $ curl \ --header "X-Vault-Token: ..." \ http://127.0.0.1:8200/v1/sys/config/auditing/request-headers/my-header ``` ### Sample response ```json { "X-Forwarded-For": { "hmac": true } } ``` ## Create/Update audit request header This endpoint enables auditing of a header. - **`sudo` required** – This endpoint requires `sudo` capability in addition to any path-specific capabilities. | Method | Path | | :----- | :------------------------------------------- | | `POST` | `/sys/config/auditing/request-headers/:name` | ### Parameters - `hmac` `(bool: false)` – Specifies if this header's value should be HMAC'd in the audit logs. ### Sample payload ```json { "hmac": true } ``` ### Sample request ```shell-session $ curl \ --header "X-Vault-Token: ..." \ --request POST \ --data @payload.json \ http://127.0.0.1:8200/v1/sys/config/auditing/request-headers/my-header ``` ## Delete audit request header This endpoint disables auditing of the given request header. - **`sudo` required** – This endpoint requires `sudo` capability in addition to any path-specific capabilities. | Method | Path | | :------- | :------------------------------------------- | | `DELETE` | `/sys/config/auditing/request-headers/:name` | ### Sample request ```shell-session $ curl \ --header "X-Vault-Token: ..." \ --request DELETE \ http://127.0.0.1:8200/v1/sys/config/auditing/request-headers/my-header ```