Permission Denied to access HCP Vault via cURL

ricardoptcosta · June 15, 2021, 11:20am

Hello,

I created a vault cluster with public domain. I can access using the cli and the vault command. However, when I try to reach it using cURL, I always get permission denied. As an example, I was following the tutorial [ Build Your Own Certificate Authority (CA)] { Build Your Own Certificate Authority (CA) | Vault - HashiCorp Learn} but as soon as in the first step I get permission denied, ie, when running curl --header "X-Vault-Token: $VAULT_TOKEN" --request POST --data '{"type":"pki"}' $VAULT_ADDR/v1/sys/mounts/pki I get as response {"errors":["1 error occurred:\n\t* permission denied\n\n"]}

Any idea what can be causing this problem?

jeffsanicola · June 15, 2021, 12:39pm

In my experience this usually means you have an expired or invalid token set in your VAULT_ADDR environment variable or the token has insufficient permissions.

This is what I would start asking myself if I ran into this:

Have I substituted the token specified in the doc for a token generated from my own Vault environment and is it still valid?
If so, am I using a root token or something with less privilege?
If the latter do I have all the necessary capabilities applied?
If so, are you sure you have all the necessary capabilities applied (e.g. missing sudo)

Hopefully this helps!

Topic		Replies	Views
Hashicorp Vault - Permission denied in API While Succcess In CLI Vault	1	591	September 16, 2022
Permission denied using admin token Vault	6	1668	June 18, 2021
Permission denied error while list command Vault	1	218	December 14, 2022
Github action error permission denied hashicorp vault Vault vault	0	228	March 1, 2022
Getting permission denied with curl request Vault vault	3	270	March 14, 2024

Permission Denied to access HCP Vault via cURL

Related topics