A new platform for documentation and tutorials is launching soon.

We are migrating Vault documentation into HashiCorp Developer, our new developer experience.

Join Now
Type '/' to Search

»/sys/config/auditing/request-headers

The /sys/config/auditing endpoint is used to configure auditing settings.

»Read All Audited Request Headers

This endpoint lists the request headers that are configured to be audited.

  • sudo required – This endpoint requires sudo capability in addition to any path-specific capabilities.
MethodPath
GET/sys/config/auditing/request-headers

»Sample Request

$ curl \
    --header "X-Vault-Token: ..." \
    http://127.0.0.1:8200/v1/sys/config/auditing/request-headers

$ curl \
    --header "X-Vault-Token: ..." \
    http://127.0.0.1:8200/v1/sys/config/auditing/request-headers

»Sample Response

{
  "headers": {
    "X-Forwarded-For": {
      "hmac": true
    }
  }
}

{
  "headers": {
    "X-Forwarded-For": {
      "hmac": true
    }
  }
}

»Read Single Audit Request Header

This endpoint lists the information for the given request header.

  • sudo required – This endpoint requires sudo capability in addition to any path-specific capabilities.
MethodPath
GET/sys/config/auditing/request-headers/:name

»Parameters

  • name (string: <required>) – Specifies the name of the request header to query. This is specified as part of the URL.

»Sample Request

$ curl \
    --header "X-Vault-Token: ..." \
    http://127.0.0.1:8200/v1/sys/config/auditing/request-headers/my-header

$ curl \
    --header "X-Vault-Token: ..." \
    http://127.0.0.1:8200/v1/sys/config/auditing/request-headers/my-header

»Sample Response

{
  "X-Forwarded-For": {
    "hmac": true
  }
}

{
  "X-Forwarded-For": {
    "hmac": true
  }
}

»Create/Update Audit Request Header

This endpoint enables auditing of a header.

  • sudo required – This endpoint requires sudo capability in addition to any path-specific capabilities.
MethodPath
POST/sys/config/auditing/request-headers/:name

»Parameters

  • hmac (bool: false) – Specifies if this header's value should be HMAC'ed in the audit logs.

»Sample Payload

{
  "hmac": true
}

{
  "hmac": true
}

»Sample Request

$ curl \
    --header "X-Vault-Token: ..." \
    --request POST \
    --data @payload.json \
    http://127.0.0.1:8200/v1/sys/config/auditing/request-headers/my-header

$ curl \
    --header "X-Vault-Token: ..." \
    --request POST \
    --data @payload.json \
    http://127.0.0.1:8200/v1/sys/config/auditing/request-headers/my-header

»Delete Audit Request Header

This endpoint disables auditing of the given request header.

  • sudo required – This endpoint requires sudo capability in addition to any path-specific capabilities.
MethodPath
DELETE/sys/config/auditing/request-headers/:name

»Sample Request

$ curl \
    --header "X-Vault-Token: ..." \
    --request DELETE \
    http://127.0.0.1:8200/v1/sys/config/auditing/request-headers/my-header

$ curl \
    --header "X-Vault-Token: ..." \
    --request DELETE \
    http://127.0.0.1:8200/v1/sys/config/auditing/request-headers/my-header