Vault Browser CLI: cannot write on path data without 'key'

Has variant:

vault write auth/oidc/role/demo -<<EOF
  "user_claim": "sub",
  "bound_audiences": "abc123",
  "role_type": "oidc",
  "policies": "demo",
  "ttl": "1h",
  "bound_claims": { "groups": ["mygroup/mysubgroup"] }

I want to run this command in “Vault Browser CLI:”

I tried many different forms. Simply:

 write auth/oidc/role/demo '{   "user_claim": "sub",   "bound_audiences": "abc123",   "role_type": "oidc",   "policies": "demo",   "ttl": "1h",   "bound_claims": { "groups": ["mygroup/mysubgroup"] } }'

Doesn’t work. Reply is:

Error writing to: auth/oidc/role/demo.
URL: /v1/auth/oidc/role/demo
Code: 400
a user claim must be defined on the role!

Screenshot from 2020-11-10 13-34-15|690x71

Question: how do I write DATA in Vault Browser CLI, without key?

Thank you.

I had faced same problem.
That code block is not works on Vault UI.
You should run the code block on CLI(not UI CLI).

1 Like