Curl POST 'no data provided' or 'json parsing error'

jyk4100 · August 12, 2022, 4:14pm

Hello. Can I get some advice on how to “put” to vault using curl post with data from a local json file?

I have been trying to post secrets to vault and I have searched Google, StackOverFlow, API docs and still stuck after N hours. I am new to curl so my word choice may be precise please excuse

“url-encoded” request works (as in the “Here is an example of writing a secret using cURL:” example in the api-docs)

curl --request POST	-H "X-Vault-Token:{token}" \
	--data '{"data":{"username": "hello", "password": "world"}}' \
	https://vault..../test-secret

However, I don’t want to do this nor I haven’t found a good way to “format” a local json file into such format "'{"data":{ [key-value pairs from json file] }}'"
So I am trying post with data but I am facing either parsing or no-data error. For example

failed to parse JSON input: invalid character '-' in numeric literal error

curl -v -X POST https://vault..../test-secret \
	-H "X-Vault-Token:{token}" -H "Content-Type: application/json" \
	-F "data=@temp.json" --trace-ascii /dev/stdout

I am setting --trace-ascii /dev/stdout so I can see what data is being sent and it appears data is being sent but I am getting parsing error and Content-Type: application/octect-stream which is not expected

0070: Content-Type: application/octet-stream
0098: 
009a: { "username": "hello", "password": "world" }
...
<= Recv data, 84 bytes (0x54)
0000: {"errors":["failed to parse JSON input: invalid character '-' in
0040:  numeric literal"]}.
{"errors":["failed to parse JSON input: invalid character '-' in numeric literal"]}

no data provided error

curl -v -X POST https://vault..../test-secret \
	-H "X-Vault-Token:{token}"	-H "Content-Type: application/json" \
	-d @temp.json --trace-ascii /dev/stdout

this give “no data provided” error but it appears dat at is being sent?

=> Send data, 44 bytes (0x2c)
0000: { "username": "hello", "password": "world" }
== Info: We are completely uploaded and fine
<= Recv header, 13 bytes (0xd)
0000: HTTP/2 400 
<= Recv header, 25 bytes (0x19)
0000: cache-control: no-store
<= Recv header, 32 bytes (0x20)
0000: content-type: application/json
<= Recv header, 20 bytes (0x14)
0000: content-length: 32
<= Recv header, 37 bytes (0x25)
0000: date: Fri, 12 Aug 2022 16:00:40 GMT
<= Recv header, 2 bytes (0x2)
0000: 
<= Recv data, 32 bytes (0x20)
0000: {"errors":["no data provided"]}.
{"errors":["no data provided"]}

maxb · August 12, 2022, 6:08pm

Is there a reason you’re not using the Vault CLI here? It exists for a reason, to help easily compose request to Vault without complex uses of e.g. curl.

The curl -F option is for sending multipart MIME data. Vault does not use that format, so discard that command.

The "no data provided" error is because you tried to write a JSON object to a Vault KV v2 engine, without any {"data": { ... } } structure present in what you sent.

You should use the command

vault kv put .../test-secret @temp.json

jyk4100 · August 12, 2022, 7:49pm

I was so hooked up with curl and didn’t see the vault cli option
Now it works effortlessly with vault kv put…