Vault Secrets Enginer Version 1 non existent path response

Hello, I’d like clarification on a certain issue:

I’m using the this Java client library to communicate with Vault:

When i pass a non existent path to the client, the response is null. However, I don’t see any documentation in the Vault API documents on what the actual response is in this scenario, and is this even the correct response?

Thank you

I’m not sure what you’re asking. Why is the library returning a null for a non-existent path? What would like it to return?

No returning null is fine, i just want confirmation that this is actually the case. Its not documented anywhere in the official Vault documents. What if the actual response was a empty string or something else, but the library masks it and converts to null?(this is hypothetical, and i don’t own the library so anything can really happen)

Well in this case you’re using a 3rd party java library, you can’t go searching for the API answer in Hashicorp’s documentation.

But as web access goes, the return code is actually more important than the answer.
For a invalid path, you should be getting a 40X back with an empty response, where as an empty value in Vault would result in a 200 and an empty response.

$ curl -I -H "X-Vault-Token: $(vault print token)" https://vault/v1/secret/data/foo
HTTP/2 405 
cache-control: no-store
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 64
date: Fri, 17 Dec 2021 08:22:53 GMT
1 Like