Virtual HSM
Home
  • Virtual HSM
  • Documentation
    • What is Virtual HSM?
    • Use Case: Attested Secret Provisioning in the Cloud
    • Setup
      • Install
      • vHSM Server Configuration
        • Parameters
        • vHSM Telemetry Parameters
      • vHSM Agent
        • Agent Configuration
      • vHSM Proxy
        • Proxy Configuration
    • Get Started
      • Start the Vault server
      • MariaDB root admin password provisioning on Azure DCXas_v5 VM
    • Supported Cloud Configurations
  • Tutorials
    • Deploying the vhsm Container on an EC2 Instance
    • CLI quickstart
    • vHSM Agent quickstart
    • vHSM Proxy quickstart
    • Passing vHSM secrets using ConfigMaps
    • Provisioning MariaDB Password on Azure DCXas_v5 VM
    • Registering a buckypaper plugin
    • Monitoring vHSM with Grafana
  • Integration with Utimaco SecurityServer
    • Integrate enclaive vHSM with Utimaco HSM
  • API
    • Auth
    • Default
    • Secrets
    • System
    • Identity
    • Models
  • vHSM CLI
    • Server and Infrastructure Management
      • vhsm server
      • vhsm proxy
      • vhsm monitor
      • vhsm status
      • vhsm agent
    • Secret Management
      • vhsm read
      • vhsm write
      • vhsm delete
      • vhsm list
      • vhsm secrets
        • vhsm secrets enable
        • vhsm secrets disable
        • vhsm secrets list
        • vhsm secrets move
        • vhsm secrets tune
      • vhsm unwrap
    • Configuration and Management
      • vhsm plugin
        • vhsm plugin info
        • vhsm plugin deregister
        • vhsm plugin list
        • vhsm plugin register
        • vhsm plugin reload
        • vhsm plugin reload-status
      • vhsm namespace
      • vhsm operator
      • vhsm print
      • vhsm path-help
      • vhsm lease
    • Auditing and Debugging
      • vhsm audit
      • vhsm debug
    • Attestation
    • Security and Encryption
      • vhsm pki
        • vhsm pki health-check
        • vhsm pki issue
        • vhsm pki list-intermediates
        • vhsm pki reissue
        • vhsm pki verify-sign
      • vhsm transit
      • vhsm ssh
      • vhsm transform
    • Authentication and Authorization
      • vhsm login
      • vhsm auth
      • vhsm token
      • vhsm policy
    • Storage and Data Mangement
      • vhsm kv
      • vhsm patch
    • vhsm version
      • vhsm version-history
  • Troubleshooting
    • CA Validity Period
    • CRL Validity Period
    • Root Certificate Issued Non-CA Leaves
    • Role Allows Implicit Localhost Issuance
    • Role Allows Glob-Based Wildcard Issuance
    • Performance Impact
    • Accessibility of Audit Information
    • Allow If-Modified-Since Requests
    • Auto-Tidy Disabled
    • Tidy Hasn't Run
    • Too Many Certificates
    • Enable ACME Issuance
    • ACME Response Headers Configuration
  • Resources
    • Community
    • GitHub
    • Youtube
    • CCx101 wiki
Powered by GitBook
On this page

Was this helpful?

  1. API

Identity

PreviousSystemNextModels

Was this helpful?

Read an alias by ID

get
Path parameters
idstringRequired

ID of the alias

Responses
200
Alias details retrieved successfully.
application/json
400
Invalid alias ID or malformed request.
application/json
403
Permission denied to read alias.
application/json
500
Internal server error.
application/json
get
GET /v1/identity/alias/id/{id} HTTP/1.1
Host: localhost:8200
Accept: */*
{
  "request_id": "a3d8e7f2-25be-abc1-3cd4-84792cbbd9f5",
  "lease_id": "",
  "renewable": false,
  "lease_duration": 0,
  "data": {
    "id": "bda7a8b6-dbe9-4622-3a34-8904589d3a17",
    "name": "my-alias",
    "mount_type": "userpass",
    "canonical_id": "abcd1234-ef56-7890-ghij-klmnopqrstuv",
    "custom_metadata": {}
  },
  "wrap_info": null,
  "warnings": null,
  "auth": null
}

Delete an alias by ID

delete
Path parameters
idstringRequired

ID of the alias

Responses
204
Alias deleted successfully. No content is returned.
400
Invalid alias ID.
application/json
403
Not authorized to delete alias.
application/json
500
Internal error during deletion.
application/json
delete
DELETE /v1/identity/alias/id/{id} HTTP/1.1
Host: localhost:8200
Accept: */*

No content

List all the alias IDs for the entity

get
Query parameters
liststring · enumRequired

Must be set to true

Possible values:
Responses
200
Successfully listed alias IDs.
application/json
Responseany
400
Bad request – missing or incorrect query param.
application/json
403
Insufficient permissions to list aliases.
application/json
500
Internal server error.
application/json
get
GET /v1/identity/entity-alias/id HTTP/1.1
Host: localhost:8200
Accept: */*
{
  "request_id": "a11b22c3-d4ef-5678-9abc-000000000000",
  "lease_id": "",
  "renewable": false,
  "lease_duration": 0,
  "data": {
    "keys": [
      "bda7a8b6-dbe9-4622-3a34-8904589d3a17",
      "cbe1d3af-d9cd-43b9-9e29-54a17dc830d9"
    ]
  },
  "wrap_info": null,
  "warnings": null,
  "auth": null
}

Read an alias by ID for the entity

get
Path parameters
idstringRequired

ID of the alias

Responses
200
Alias details retrieved successfully.
application/json
Responseany
400
Invalid alias ID
application/json
403
Permission denied
application/json
500
Internal server error
application/json
get
GET /v1/identity/entity-alias/id/{id} HTTP/1.1
Host: localhost:8200
Accept: */*
{
  "request_id": "1234abcd-ef56-7890-gh12-ijklmnopqrst",
  "data": {
    "id": "a1b2c3d4-e5f6-7890-abcd-1234567890ef",
    "name": "my-entity-alias",
    "mount_type": "userpass",
    "canonical_id": "canonical-123",
    "custom_metadata": {
      "role": "devops"
    }
  }
}

Delete an alias by ID for the entity

delete
Path parameters
idstringRequired

ID of the alias

Responses
204
Alias deleted successfully. No content returned.
400
Invalid alias ID
application/json
403
Unauthorized to delete alias
application/json
500
Server error
application/json
delete
DELETE /v1/identity/entity-alias/id/{id} HTTP/1.1
Host: localhost:8200
Accept: */*

No content

List all the entity IDs

get
Query parameters
liststring · enumRequired

Must be set to true

Example: truePossible values:
Responses
200
Successfully retrieved the list of entity IDs.
application/json
Responseany
400
Invalid or missing query parameter.
application/json
403
Access denied due to insufficient permissions.
application/json
500
Server encountered an unexpected condition.
application/json
get
GET /v1/identity/entity/id HTTP/1.1
Host: localhost:8200
Accept: */*
{
  "request_id": "d34db33f-b6e1-4ea7-8180-9827e9f8e5ac",
  "data": {
    "keys": [
      "entity-123",
      "entity-456",
      "entity-789"
    ]
  }
}

Read an entity by ID

get
Path parameters
idstringRequired

ID of the entity. If set, updates the corresponding existing entity.

Responses
200
Entity details retrieved successfully.
application/json
Responseany
400
Invalid request.
application/json
403
Forbidden. You don’t have permission to perform this action.
application/json
500
Internal server error.
application/json
get
GET /v1/identity/entity/id/{id} HTTP/1.1
Host: localhost:8200
Accept: */*
{
  "request_id": "dd1f7b72-05d4-4234-b8e5-cb61e2dfb942",
  "data": {
    "id": "a1b2c3d4",
    "name": "developer-entity",
    "metadata": {
      "department": "engineering"
    }
  }
}

Delete an entity by ID

delete
Path parameters
idstringRequired

ID of the entity. If set, updates the corresponding existing entity.

Responses
204
Entity deleted successfully. No content is returned.
400
Invalid entity ID.
application/json
403
Access denied.
application/json
500
Server error during deletion.
application/json
delete
DELETE /v1/identity/entity/id/{id} HTTP/1.1
Host: localhost:8200
Accept: */*

No content

List all the entity names

get
Query parameters
liststring · enumRequired

Must be set to true

Example: truePossible values:
Responses
200
A list of entity names was successfully retrieved.
application/json
400
Bad request due to missing or invalid query parameter.
application/json
403
Forbidden. The user does not have permission to access this resource.
application/json
500
Internal server error occurred while processing the request.
application/json
get
GET /v1/identity/entity/name HTTP/1.1
Host: localhost:8200
Accept: */*
{
  "request_id": "8df8b7f3-4c1a-45b8-b23a-e4c1b61c5f95",
  "data": {
    "keys": [
      "developer-entity",
      "admin-entity",
      "viewer-entity"
    ]
  }
}

Read an entity by name

get
Path parameters
namestringRequired

Name of the entity

Responses
200
Entity retrieved successfully.
application/json
Responseany
400
Bad request due to invalid input.
application/json
403
Forbidden. Access denied.
application/json
500
Internal server error.
application/json
get
GET /v1/identity/entity/name/{name} HTTP/1.1
Host: localhost:8200
Accept: */*
{
  "request_id": "d7c78b49-235b-4e3a-b2ef-237bb9a1fe3e",
  "data": {
    "id": "3dfb7a63-d826-4b8d-97c5-b31fc109e8c5",
    "name": "developer-entity",
    "metadata": {
      "team": "engineering"
    },
    "policies": [
      "default",
      "admin"
    ]
  }
}

Delete an entity by name

delete
Path parameters
namestringRequired

Name of the entity

Responses
204
Entity deleted successfully. No content returned.
400
Bad request.
application/json
403
Forbidden.
application/json
500
Internal error.
application/json
delete
DELETE /v1/identity/entity/name/{name} HTTP/1.1
Host: localhost:8200
Accept: */*

No content

List all the group alias IDs

get
Query parameters
liststring · enumRequired

Must be set to true

Example: truePossible values:
Responses
200
OK
application/json
Responseany
400
Bad Request - The request is malformed or invalid.
application/json
403
Forbidden - The user does not have permission to access the resource.
application/json
500
Internal Server Error - An error occurred on the server.
application/json
get
GET /v1/identity/group-alias/id HTTP/1.1
Host: localhost:8200
Accept: */*
{
  "group_alias_ids": [
    "alias1",
    "alias2",
    "alias3"
  ]
}

Read a group alias by its ID

get
Path parameters
idstringRequired

ID of the group alias.

Example: alias123
Responses
200
OK
application/json
Responseany
400
Bad Request - Invalid alias ID.
application/json
403
Forbidden - Access to the alias is not allowed.
application/json
500
Internal Server Error
application/json
get
GET /v1/identity/group-alias/id/{id} HTTP/1.1
Host: localhost:8200
Accept: */*
{
  "id": "alias123",
  "name": "Group Alias Name",
  "description": "A description of the group alias."
}

Delete a group alias by its ID

delete
Path parameters
idstringRequired

ID of the group alias.

Example: alias123
Responses
204
No content - The alias was successfully deleted.
400
Bad Request - Invalid alias ID format.
application/json
403
Forbidden - Insufficient permissions to delete the alias.
application/json
500
Internal Server Error
application/json
delete
DELETE /v1/identity/group-alias/id/{id} HTTP/1.1
Host: localhost:8200
Accept: */*

No content

List all the group IDs

get
Query parameters
liststring · enumRequired

Must be set to true

Example: truePossible values:
Responses
200
List of group IDs retrieved successfully.
application/json