Manage Authentication Mechanisms
Authentication methods are the components in Vault that perform identity validation of Vault clients and responsible for assigning a set of policies to an authenticated client. In this step you will enable an authentication method and generate login credentials.
NOTE: This step assumes that you created the webapp policy in the Create Vault Policies with Vault UI step.
Enable authentication
1.Select the Access view from the menu
This view is the index and displays all authentication methods, entities, groups, and leases. The token authentication method was enabled when Vault was initialized and cannot be disabled.
2. Select the Enable new method action from within the view.
This view displays all of the authentication methods that this version of Vault supports.
3. Choose the Username & Password method and select Next.
This view displays the path and the ability to configure the auth method. The path defaults to "userpass."
4. Select Enable Method.
The authentication method is created. The view displays its configuration page.
Create credentials
The User & Password authentication method, abbreviated as userpass, enables the creation of credentials for individual users.
1.Select the View method action from within the view.
This view displays the users created for this authentication methods. There are no users.
2. Select the Create user action from within the view.
This view displays the ability to create a custom login for a user.
3. Enter webapp
in the Username field. Enter password
in the Password field.
4. Toggle Tokens to display the token interface.
5. Enter webapp
in the Generated Token's Policies. Select Add.
NOTE: The policies added to this authentication method are not checked against available policies.
6. Select Save.
The authentication method for this user is created.
Authenticate with credentials
You are currently logged in with the root token. To login with these user credentials requires you to log out.
1.Open the Profile submenu. Select Sign Out.
You are now logged out of the server.
2. Choose userpass from the Method list.
The view changes to show a username and password login interface.
3. Enter webapp
in the Username field. Enter password
in the Password field. Select Sign in.
You are now logged through the userpass authentication method. The capabilities of this user are limited to the policies assigned to this user's auth method.