Skip to main content

Set IAM configuration

post
/api/pvlt/1.0/ctl/iam/conf

Sets the identity and access management (IAM) configuration.

The role that performs this operation must have the CapIAMWriter capability. See Access control for more information about how capabilities are used to control access to operations.

Request

Request body

IAM configuration in TOML format.

object required*
  • policies - object
    Values of additional properties are objects
    • operations - array of strings
    • policy_type - string required*
    • reasons - array of strings
    • resources - array of strings
  • roles - object
    Values of additional properties are objects
    • capabilities - array of strings
    • policies - array of strings
  • users - object
    Values of additional properties are objects
    • disabled - boolean
    • role - string required*
  • idps - object
    Values of additional properties are objects
    • type - string required*
    • disabled - boolean
    • conf - object required*
Example
policies = { }
roles = { }
users = { }
idps = { }

Possible responses

The request is successful.

Try the API

Authorization

Request body

Navigate to the docs of your local Vault installation to try the API directly from there.

Code examples

Example