• HashiCorp Developer

  • HashiCorp Cloud Platform
  • Terraform
  • Packer
  • Consul
  • Vault
  • Boundary
  • Nomad
  • Waypoint
  • Vagrant
Vault
  • Install
  • Tutorials
  • Documentation
  • API
  • Integrations
  • Try Cloud(opens in new tab)
  • Sign up
Vault Home

API

Skip to main content
  • API
  • Client Libraries
  • Related Tools

    • Overview
    • /sys/audit
    • /sys/audit-hash
    • /sys/auth
    • /sys/capabilities
    • /sys/capabilities-accessor
    • /sys/capabilities-self
    • /sys/config/auditing
    • /sys/config/control-group
    • /sys/config/cors
    • /sys/config/reload
    • /sys/config/state
    • /sys/config/ui
    • /sys/control-group
    • /sys/generate-recovery-token
    • /sys/generate-root
    • /sys/health
    • /sys/host-info
    • /sys/in-flight-req
    • /sys/init
    • /sys/internal/counters
    • /sys/internal/specs/openapi
    • /sys/internal/ui/feature-flags
    • /sys/internal/ui/mounts
    • /sys/internal/ui/namespaces
    • /sys/internal/ui/resultant-acl
    • /sys/key-status
    • /sys/ha-status
    • /sys/leader
    • /sys/leases
    • /sys/license/status
    • /sys/loggers
    • /sys/managed-keys
      ENTENT
    • /sys/metrics
    • /sys/monitor
    • /sys/mounts
    • /sys/namespaces
    • /sys/plugins/reload/backend
    • /sys/plugins/catalog
    • /sys/policy
    • /sys/policies
    • /sys/policies/password
    • /sys/pprof
    • /sys/quotas/config
    • /sys/quotas/rate-limit
    • /sys/quotas/lease-count
    • /sys/raw
    • /sys/rekey
    • /sys/rekey-recovery-key
    • /sys/remount
    • /sys/rotate
    • /sys/rotate/config
    • /sys/seal
    • /sys/seal-status
    • /sys/sealwrap/rewrap
    • /sys/step-down
    • /sys/tools
    • /sys/unseal
    • /sys/version-history
    • /sys/wrapping/lookup
    • /sys/wrapping/rewrap
    • /sys/wrapping/unwrap
    • /sys/wrapping/wrap

  • Resources

  • Tutorial Library
  • Certifications
  • Community Forum
    (opens in new tab)
  • Support
    (opens in new tab)
  • GitHub
    (opens in new tab)
  1. Developer
  2. Vault
  3. API
  4. System Backend
  5. /sys/config/auditing
  • Vault
  • v1.11.x
  • v1.10.x
  • v1.9.x
  • v1.8.x
  • v1.7.x
  • v1.6.x
  • v1.5.x
  • v1.4.x

»/sys/config/auditing/request-headers

The /sys/config/auditing endpoint is used to configure auditing settings.

Read All Audited Request Headers

This endpoint lists the request headers that are configured to be audited.

  • sudo required – This endpoint requires sudo capability in addition to any path-specific capabilities.
MethodPath
GET/sys/config/auditing/request-headers

Sample Request

$ curl \
    --header "X-Vault-Token: ..." \
    http://127.0.0.1:8200/v1/sys/config/auditing/request-headers

Sample Response

{
  "headers": {
    "X-Forwarded-For": {
      "hmac": true
    }
  }
}

Read Single Audit Request Header

This endpoint lists the information for the given request header.

  • sudo required – This endpoint requires sudo capability in addition to any path-specific capabilities.
MethodPath
GET/sys/config/auditing/request-headers/:name

Parameters

  • name (string: <required>) – Specifies the name of the request header to query. This is specified as part of the URL.

Sample Request

$ curl \
    --header "X-Vault-Token: ..." \
    http://127.0.0.1:8200/v1/sys/config/auditing/request-headers/my-header

Sample Response

{
  "X-Forwarded-For": {
    "hmac": true
  }
}

Create/Update Audit Request Header

This endpoint enables auditing of a header.

  • sudo required – This endpoint requires sudo capability in addition to any path-specific capabilities.
MethodPath
POST/sys/config/auditing/request-headers/:name

Parameters

  • hmac (bool: false) – Specifies if this header's value should be HMAC'ed in the audit logs.

Sample Payload

{
  "hmac": true
}

Sample Request

$ curl \
    --header "X-Vault-Token: ..." \
    --request POST \
    --data @payload.json \
    http://127.0.0.1:8200/v1/sys/config/auditing/request-headers/my-header

Delete Audit Request Header

This endpoint disables auditing of the given request header.

  • sudo required – This endpoint requires sudo capability in addition to any path-specific capabilities.
MethodPath
DELETE/sys/config/auditing/request-headers/:name

Sample Request

$ curl \
    --header "X-Vault-Token: ..." \
    --request DELETE \
    http://127.0.0.1:8200/v1/sys/config/auditing/request-headers/my-header
Edit this page on GitHub

On this page

  1. /sys/config/auditing/request-headers
  2. Read All Audited Request Headers
  3. Read Single Audit Request Header
  4. Create/Update Audit Request Header
  5. Delete Audit Request Header
Give Feedback(opens in new tab)
  • Certifications
  • System Status
  • Terms of Use
  • Security
  • Privacy
  • Trademark Policy
  • Trade Controls
  • Give Feedback(opens in new tab)