How can I get list of secrets by API request

I created KV2 engine named “test”.
I want to list all secrets defined in this scope by api request.

vault kv list test/

What is API equivalent of this CLI ?
Is any way to get this information ?

Hi, leavinus.

Vault CLI requests usually take the -output-curl-string argument that will show the Curl arguments (and thus the exact URL) corresponding to the command. In this case:

$ vault kv list -output-curl-string test/
curl -H "X-Vault-Request: true" -H "X-Vault-Token: $(vault print token)" http://localhost:8200/v1/test/metadata?list=true

Note that ‘kv list’ does a pre-check so this command will fail if tried against a nonexistent mount, or one to which your token lacks permissions. (which was a little surprising to me.)

You can also find the API for the KV version 2 secrets engine here: https://www.vaultproject.io/api/secret/kv/kv-v2

best,
Mark

2 Likes