/sys/config/auditing/request-headers

The /sys/config/auditing endpoint is used to configure auditing settings.

Read all audited request headers

This endpoint lists the request headers that are configured to be audited.

• sudo required – This endpoint requires sudo capability in addition to any path-specific capabilities.

Sample request

$ curl \  --header "X-Vault-Token: ..." \  http://127.0.0.1:8200/v1/sys/config/auditing/request-headers 

Sample response

{  "headers": {  "X-Forwarded-For": {  "hmac": true  }  } } 

Read single audit request header

This endpoint lists the information for the given request header.

• sudo required – This endpoint requires sudo capability in addition to any path-specific capabilities.

Parameters

• name (string: <required>) – Specifies the name of the request header to query. This is specified as part of the URL.

Sample request

$ curl \  --header "X-Vault-Token: ..." \  http://127.0.0.1:8200/v1/sys/config/auditing/request-headers/my-header 

Sample response

{  "X-Forwarded-For": {  "hmac": true  } } 

Create/Update audit request header

This endpoint enables auditing of a header.

• sudo required – This endpoint requires sudo capability in addition to any path-specific capabilities.

Parameters

• hmac (bool: false) – Specifies if this header's value should be HMAC'd in the audit logs.

Sample payload

{  "hmac": true } 

Sample request

$ curl \  --header "X-Vault-Token: ..." \  --request POST \  --data @payload.json \  http://127.0.0.1:8200/v1/sys/config/auditing/request-headers/my-header 

Delete audit request header

This endpoint disables auditing of the given request header.

• sudo required – This endpoint requires sudo capability in addition to any path-specific capabilities.

Sample request

$ curl \  --header "X-Vault-Token: ..." \  --request DELETE \  http://127.0.0.1:8200/v1/sys/config/auditing/request-headers/my-header