How to list existing Vault tokens?

radecki.rafal · May 13, 2021, 4:40pm

Hi All,

For some time now I am using multinode HC Vault clusters with DynamoDB backend in my environments. I did not found a method to list all existing tokens. Is there any way to list them?

Thanks in advance for the help!

Best regards,
Rafal.

jeffsanicola · May 13, 2021, 5:32pm

Hi @radecki.rafal,

You can list tokens by their accessors using the vault list auth/token/accessors command. Note that you must have the “sudo” capability on this endpoint per this article: Token - Auth Methods - HTTP API | Vault by HashiCorp

You can look up token details using vault write auth/token/lookup-accessor accessor=${accessor} and revoke a token using vault write auth/token/revoke-accessor accessor=${accessor}. Both of these paths require the “update” permission.

Hopefully this helps.
Jeff

Topic		Replies	Views
How to list root tokens? Vault vault	2	630	August 8, 2023
Query what tokens have root policy attached Vault vault	5	1851	October 19, 2020
Number of tokens inconsistent? Vault	6	354	August 3, 2024
Is it possible to paginate auth/token/accessors/ Vault	4	1684	February 10, 2021
How to revoke a token without knowing the token nor accessor Vault	0	345	August 27, 2020

How to list existing Vault tokens?

Related topics