• HashiCorp Developer

  • HashiCorp Cloud Platform
  • Terraform
  • Packer
  • Consul
  • Vault
  • Boundary
  • Nomad
  • Waypoint
  • Vagrant
Vault
  • Install
  • Tutorials
  • Documentation
  • API
  • Try Cloud(opens in new tab)
  • Sign up
Vault Home

API

Skip to main contentOverview
  • Client Libraries
  • Related Tools

    • Overview
    • Active Directory
    • AliCloud
    • AWS
    • Azure
    • Consul
    • Cubbyhole
    • Google Cloud
    • Google Cloud KMS
      • Overview
      • Entity
      • Entity Alias
      • Group
      • Group Alias
      • Identity Tokens
      • Lookup
      • OIDC Provider
    • KMIP
      ENTERPRISEENTERPRISE
    • Kubernetes
    • MongoDB Atlas
    • Nomad
    • LDAP
    • PKI
    • RabbitMQ
    • SSH
    • Terraform Cloud
    • TOTP
    • Transform
      ENTERPRISEENTERPRISE
    • Transit

  • Resources

  • Tutorial Library
  • Certifications
  • Community Forum
    (opens in new tab)
  • Support
    (opens in new tab)
  • GitHub
    (opens in new tab)
  1. Developer
  2. Vault
  3. API
  4. Secrets Engines
  5. Identity
  6. Group Alias
  • Vault
  • v1.11.x
  • v1.10.x
  • v1.9.x
  • v1.8.x
  • v1.7.x
  • v1.6.x
  • v1.5.x
  • v1.4.x

Create a Group Alias

This endpoint creates or updates a group alias.

MethodPath
POST/identity/group-alias

Parameters

  • name (string: entity-<UUID>) – Name of the group alias.

  • id (string: <optional>) - ID of the group alias. If set, updates the corresponding existing group alias.

  • mount_accessor (string: "") – Mount accessor which this alias belongs to.

  • canonical_id (string: "") - ID of the group to which this is an alias.

Sample Payload

{
  "canonical_id": "b86920ea-2831-00ff-15c5-a3f923f1ee3b",
  "mount_accessor": "auth_github_232a90dc",
  "name": "dev-team"
}

Sample Request

$ curl \
    --header "X-Vault-Token: ..." \
    --request POST \
    --data @payload.json \
    http://127.0.0.1:8200/v1/identity/group-alias

Sample Response

{
  "data": {
    "canonical_id": "b86920ea-2831-00ff-15c5-a3f923f1ee3b",
    "id": "ca726050-d8ac-6f1f-4210-3b5c5b613824"
  }
}

Update Group Alias by ID

This endpoint is used to update an existing group alias.

MethodPath
POST/identity/group-alias/id/:id

Parameters

  • id (string: <optional>) - ID of the group alias.

  • name (string: entity-<UUID>) – Name of the group alias.

  • mount_accessor (string: "") – Mount accessor which this alias belongs to.

  • canonical_id (string: "") - ID of the group to which this is an alias.

Sample Payload

{
  "canonical_id": "b86920ea-2831-00ff-15c5-a3f923f1ee3b",
  "mount_accessor": "auth_github_232a90dc",
  "name": "dev-team"
}

Sample Request

$ curl \
    --header "X-Vault-Token: ..." \
    --request POST \
    --data @payload.json \
    http://127.0.0.1:8200/v1/identity/group-alias/id/ca726050-d8ac-6f1f-4210-3b5c5b613824

Sample Response

{
  "data": {
    "canonical_id": "b86920ea-2831-00ff-15c5-a3f923f1ee3b",
    "id": "ca726050-d8ac-6f1f-4210-3b5c5b613824"
  }
}

Read Group Alias by ID

This endpoint queries the group alias by its identifier.

MethodPath
GET/identity/group-alias/id/:id

Parameters

  • id (string: <required>) – ID of the group alias.

Sample Request

$ curl \
    --header "X-Vault-Token: ..." \
    http://127.0.0.1:8200/v1/identity/group-alias/id/ca726050-d8ac-6f1f-4210-3b5c5b613824

Sample Response

{
  "data": {
    "canonical_id": "b86920ea-2831-00ff-15c5-a3f923f1ee3b",
    "creation_time": "2017-11-13T20:09:41.661694Z",
    "id": "ca726050-d8ac-6f1f-4210-3b5c5b613824",
    "last_update_time": "2017-11-13T20:09:41.661694Z",
    "merged_from_canonical_ids": null,
    "metadata": null,
    "mount_accessor": "auth_github_232a90dc",
    "mount_path": "",
    "mount_type": "github",
    "name": "dev-team"
  }
}

Delete Group Alias by ID

This endpoint deletes a group alias.

MethodPath
DELETE/identity/group-alias/id/:id

Parameters

  • id (string: <required>) – ID of the group alias.

Sample Request

$ curl \
    --header "X-Vault-Token: ..." \
    --request DELETE \
    http://127.0.0.1:8200/v1/identity/group-alias/id/ca726050-d8ac-6f1f-4210-3b5c5b613824

List Group Alias by ID

This endpoint returns a list of available group aliases by their identifiers.

MethodPath
LIST/identity/group-alias/id
GET/identity/group-alias/id?list=true

Sample Request

$ curl \
    --header "X-Vault-Token: ..." \
    --request LIST \
    http://127.0.0.1:8200/v1/identity/group-alias/id

Sample Response

{
  "data": {
    "keys": ["ca726050-d8ac-6f1f-4210-3b5c5b613824"]
  }
}
Edit this page on GitHub

On this page

  1. Create a Group Alias
  2. Update Group Alias by ID
  3. Read Group Alias by ID
  4. Delete Group Alias by ID
  5. Parameters
  6. List Group Alias by ID
Give Feedback(opens in new tab)
  • Certifications
  • System Status
  • Terms of Use
  • Security
  • Privacy
  • Trademark Policy
  • Trade Controls
  • Give Feedback(opens in new tab)