Vault API call for secret not working :” {"errors":[]} “

David.br · September 28, 2023, 1:10pm

Hello,

We have vault version v1.14.2 installed with consul version V1.16.1 configure with ADFS (OIDC).
All is working fine in the browser. We can create and read secrets (kv type 1)
But we can’t read the secrets with an API call ( we copy the token after logon through OIDC and ADFS.
The error we see with an API call is the following :” {“errors”:} “
Nothing is returned in tracing “vault monitor -log-level=trace”

Call ‘ curl -H “X-Vault-Token: hvs.blablalbla” -X LIST https://dev-app-vault.infrabel.be/custom_path ’ or ‘ curl -H “X-Vault-Token: hvs.blablalbla” -X GET https://dev-app-vault.infrabel.be/custom_path/secret/testsecret ‘

policy:
‘
path “custom_path/*” {
capabilities = [“create”, “read”, “update”, “delete”, “list”]
}
‘

What can we do to further debug this ?
What do we need to do to fix this ?

Best Regards,

David

tsiamer · September 30, 2023, 4:16pm

Hi,

You are missing the api port and v1 as you are using kv1, so it should be like so:

curl -X 'GET' \
  'https://dev-app-vault.infrabel.be:8200/v1/custom_path' \
  -H 'accept: */*' \
  -H 'X-Vault-Token: hvs.blablalbla'

David.br · October 2, 2023, 7:26am

Thank you tsiamer.
the call is working now with the v1 in the URL

My setup is behind a loadbalancer, so I don’t have to specify the 8200 port.

Best regards,

David

tsiamer · October 2, 2023, 2:57pm

You are welcome, good to hear it is fixed.

Topic		Replies	Views
KV Secret Engine - API Not working Vault	10	3600	May 5, 2020
How to fetch secret from Vault through API? Vault vault	1	407	June 12, 2023
Read KV Secrets Vault kv	2	974	March 15, 2022
Ember Data Request GET /v1/sys/policies/acl returned a 500 Payload (application/json) Vault	9	4359	February 24, 2024
Unable to return specific versions of a secret path in kv v2 in template, seems to only return latest version Consul consul-template	0	1241	March 2, 2020

Vault API call for secret not working :” {"errors":[]} “

Related topics