I’m building some Vault functionality into my company’s developer CLI via the Vault API. I’ve been able to invoke a bunch of other endpoints just fine, but I’m running into a problem with trying to list users. The request looks like this:
LIST https://<host>/v1/auth/okta/users
X-Vault-Token: <token>
and the response:
HTTP 400: Bad Request
Content-Length: 11
Content-Type: text/plain
Date: Tue, 05 Apr 2022 15:50:22 GMT
Connection: close
Bad Request
The documentation for this endpoint seems to indicate that no parameters are required, and the path looks correct, so I don’t understand why I’m getting this error. This documentation indicates that I’m supposed to be getting an application/json response with one or more errors in the response body if there’s a problem, but that’s not happening, either.
Thank you, that was what I needed. I knew that LIST wasn’t a standard HTTP method, but the HTTP standard doesn’t forbid custom verbs, and the documentation very clearly stated to use LIST. I don’t understand why the documentation says to use LIST when the API doesn’t accept it. The part I was missing was the ?list=true query parameter.
The Vault API accepts LIST just fine. You must have a load balancer or web application firewall that is blocking it, between you and the actual Vault process.