4

Currently, I am connecting to a corporate vault service where I am using a vault token and passing it through below header in my spring cloud config service where properties of all microservices are kept. 

curl -X "GET" "http://localhost:8080/my-client-microservice/dev" -H "X-Config-Token: s.myvaulttoken"

where http://localhost:8080 is my spring cloud config service and s.myvaulttoken is my vault token. This is working absolutely fine.

I want to know the validity of this token. What I have read the documentation that token can be of two type: service or batch. I want to know whether this token can be used infinitely (as root tokens validity is infinite).

enter image description here

Since the client microservices require the vault token, I want to figure out the way to know the validity of a token. Can you guys help me to tell more about this?

I followed this link: https://learn.hashicorp.com/vault/getting-started/authentication

viveknaskar
  • 2,136
  • 1
  • 20
  • 35

1 Answers1

4

Every non-root token has a time-to-live (TTL) associated with it.

For example:

  • with a root token, the ttl is 0 
    vault token lookup -format json  | jq .data.ttl
0

  • with a regular user, the ttl is non-zero

    VAULT_TOKEN=$(vault token create -policy default -field token) vault token 
lookup -format json | jq .data.ttl
2764799

This check is possible through the API as well.

user2599522
  • 3,005
  • 2
  • 23
  • 40