How to know the validity of a vault token that is being used for connecting to vault?
Currently, I am connecting to a corporate vault service where I am using a vault token and passing it through below header in my spring cloud config service where properties of all microservices are kept.
curl -X "GET" "http://localhost:8080/my-client-microservice/dev" -H "X-Config-Token: s.myvaulttoken"
where http://localhost:8080 is my spring cloud config service and s.myvaulttoken is my vault token. This is working absolutely fine.
I want to know the validity of this token. What I have read the documentation that token can be of two type: service or batch. I want to know whether this token can be used infinitely (as root tokens validity is infinite).
Since the client microservices require the vault token, I want to figure out the way to know the validity of a token. Can you guys help me to tell more about this?
I followed this link: https://learn.hashicorp.com/vault/getting-started/authentication
Every non-root token has a time-to-live (TTL) associated with it.
For example:
- with a root token, the ttl is 0
vault token lookup -format json | jq .data.ttl 0 with a regular user, the ttl is non-zero
VAULT_TOKEN=$(vault token create -policy default -field token) vault token lookup -format json | jq .data.ttl 2764799
This check is possible through the API as well.
- Hashicorp Vault cli return 403 when trying to use kv
- HashiCorp Transit Engine, what permission are required to read the public key?
- Vault Agent Injector - Use init container only (disable sidecar)
- How to call Hashicorp Vault from AWS Lambda in NodeJS with IAM Authentication
- How to use values in Vault annotation content in Helm Chart
- What is the difference between a HashiCorp Vault lease and token accessor?
- Is there a way to allow a user to change it's own password on Hashicorp's Vault UI
- Injecting secrets into Kubernetes pods via Vault Agent containers
- Hashicorp Vault Server UI loads a blank screen
- How to restart Kubernetes pod when a secret is updated in Hashicorp Vault?
- Python Hashicorp Vault library 'hvac' creates a new secret version but removes keys from previous version
- HashiCorp Vault 403 Permission Denied issue with Kubernetes Auth
- Hashicorp Vault ACL Policy Templating / for Vault host key signing
- How can I run Hashicorp Vault docker image with HTTPS on production
- Can't get vault kv-v2 secret using curl
- Hashicorp vault how to list all roles
- HashiCorp Vault Error 403 Permission denied
- How to set up Vault JWT Authentication with Auto-Auth?
- ArgoCD and Vault Integration Issue: Unresolved Error in Admin Interface
- Retrieving secrets from HashiCorp Vault in jenkins pipeline using HashiCorp Vault Plugin
- Error making API request when using Vault secrets
- How can one use HashiCorp Vault in Airflow?
- Unable to enable Vault audit using Pulumi on Rancher Desktop
- How can I delete 4 Million Leases in my Hashicorp Vault
- Error in helm templating using vault configmap for injector
- AWX + Hashicorp Vault django.request Bad Request
- Hashicorp Vault vs Azure Key Vault
- How to use the HashiCorp's Vault API in order to get all all the secret values from a directory with a single API call
- How to enable a kv secret engine in vault using HTTP APIs
- Vault Error, Server gave HTTP response to HTTPS client