mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-09-10 00:11:09 +02:00
Code Issues Projects Releases Wiki Activity
vault/website/content/api-docs/system/internal-ui-mounts.mdx
Erica Thompson 0660ea6fac
Update README (#31244) 
* Update README

Let contributors know that docs will now be located in UDR

* Add comments to each mdx doc

Comment has been added to all mdx docs that are not partials

* chore: added changelog

changelog check failure

* wip: removed changelog

* Fix content errors

* Doc spacing

* Update website/content/docs/deploy/kubernetes/vso/helm.mdx

Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>

---------

Co-authored-by: jonathanfrappier <92055993+jonathanfrappier@users.noreply.github.com>
Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
2025-07-22 08:12:22 -07:00

117 lines
3.6 KiB
Plaintext
Raw Permalink Blame History

---
layout: api
page_title: /sys/internal/ui/mounts - HTTP API
description: >-
The `/sys/internal/ui/mounts` endpoint is used to manage mount listing
visibility.
---
> [!IMPORTANT]
> **Documentation Update:** Product documentation, which were located in this repository under `/website`, are now located in [`hashicorp/web-unified-docs`](https://github.com/hashicorp/web-unified-docs), colocated with all other product documentation. Contributions to this content should be done in the `web-unified-docs` repo, and not this one. Changes made to `/website` content in this repo will not be reflected on the developer.hashicorp.com website.
# `/sys/internal/ui/mounts`
The `/sys/internal/ui/mounts` endpoint is used to manage mount listing
visibility. The response generated by this endpoint is based on the
`listing_visibility` value on the mount, which can be set during mount time or
via mount tuning. This is currently only being used internally, for the UI and
for CLI preflight checks, and is an unauthenticated endpoint.
If called with a valid token in `X-Vault-Token` header, the response will
include additional mounts which the token has been granted path capabilities on.
Due to the nature of its intended usage, there is no guarantee on backwards
compatibility for this endpoint.
## Get available visible mounts
This endpoint lists all enabled auth methods.
| Method | Path |
| :----- | :------------------------ |
| `GET` | `/sys/internal/ui/mounts` |
### Sample request
```shell-session
$ curl \
http://127.0.0.1:8200/v1/sys/internal/ui/mounts
```
### Sample response
```json
{
"auth": {
"github/": {
"description": "GitHub auth",
"type": "github"
}
},
"secret": {
"custom-secrets/": {
"description": "Custom secrets",
"options": {
"version": "2"
},
"type": "kv"
}
}
}
```
## Get single mount details
This endpoint lists details for a specific mount path. This is an
authenticated endpoint, and is currently only being used internally.
The calling token should not be granted permissions to these API endpoints
directly, but instead rely on permissions granted to the individual mount path.
This means that if you give a token a policy with capabilities on a `:path`
(e.g. `/secret/*`), the token will be able to call
`sys/internal/ui/mounts/:path` (e.g. `sys/internal/ui/mounts/secret`) without
having to add that literal path to the policy document.
On certain mounts, it is possible to call an arbitrary path within the engine
(for example, `/sys/internal/ui/mounts/secret/path/to/secret` when the mount
path is `/secret`). If called in this manner, then this endpoint will return the
data for the mount that hosts that path. Therefore, a call to
`/sys/internal/ui/mounts/secret/path/to/secret` and a call to
`/sys/internal/ui/mounts/secret` will yield an identical response.
Due to the nature of its intended usage, there is no guarantee on backwards
compatibility for this endpoint.
| Method | Path |
| :----- | :------------------------------ |
| `GET` | `/sys/internal/ui/mounts/:path` |
### Sample request
```shell-session
$ curl \
--header "X-Vault-Token: ..." \
http://127.0.0.1:8200/v1/sys/internal/ui/mounts/cubbyhole
```
### Sample response
```json
{
"accessor": "cubbyhole_50fbe8d2",
"config": {
"default_lease_ttl": 0,
"force_no_cache": false,
"max_lease_ttl": 0
},
"description": "per-token private secret storage",
"external_entropy_access": false,
"local": true,
"options": null,
"path": "cubbyhole/",
"seal_wrap": false,
"type": "cubbyhole",
"uuid": "4bb40403-d9ba-d2ee-087a-4c6d371db5f2"
}
```
Reference in New Issue View Git Blame Copy Permalink