naftiko: 1.0.0-alpha2 info: label: HashiCorp Vault API description: HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`. tags: - Hashicorp - API created: '2026-05-06' modified: '2026-05-06' capability: consumes: - type: http namespace: hashicorp baseUri: https://api.example.com description: HashiCorp Vault API HTTP API. resources: - name: auth-token-accessors path: /auth/token/accessors/ operations: - name: getauthtokenaccessors method: GET description: HashiCorp List token accessors, which can then be be used to iterate and discover their properties or revoke them. Because this can be used to cause a denial of service, this endpoint requires 'sudo' capability in addition to 'list'. inputParameters: - name: list in: query type: string description: Return a list if `true` outputRawFormat: json outputParameters: - name: result type: object value: $. - name: auth-token-create path: /auth/token/create operations: - name: postauthtokencreate method: POST description: HashiCorp The token create path is used to create new tokens. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: auth-token-create-orphan path: /auth/token/create-orphan operations: - name: postauthtokencreateorphan method: POST description: HashiCorp The token create path is used to create new orphan tokens. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: auth-token-create-role-name path: /auth/token/create/{role_name} operations: - name: postauthtokencreaterole-name method: POST description: HashiCorp This token create path is used to create new tokens adhering to the given role. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: auth-token-lookup path: /auth/token/lookup operations: - name: getauthtokenlookup method: GET description: HashiCorp This endpoint will lookup a token and its properties. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: postauthtokenlookup method: POST description: HashiCorp This endpoint will lookup a token and its properties. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: auth-token-lookup-accessor path: /auth/token/lookup-accessor operations: - name: postauthtokenlookupaccessor method: POST description: HashiCorp This endpoint will lookup a token associated with the given accessor and its properties. Response will not contain the token ID. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: auth-token-lookup-self path: /auth/token/lookup-self operations: - name: getauthtokenlookupself method: GET description: HashiCorp This endpoint will lookup a token and its properties. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: postauthtokenlookupself method: POST description: HashiCorp This endpoint will lookup a token and its properties. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: auth-token-renew path: /auth/token/renew operations: - name: postauthtokenrenew method: POST description: HashiCorp This endpoint will renew the given token and prevent expiration. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: auth-token-renew-accessor path: /auth/token/renew-accessor operations: - name: postauthtokenrenewaccessor method: POST description: HashiCorp This endpoint will renew a token associated with the given accessor and its properties. Response will not contain the token ID. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: auth-token-renew-self path: /auth/token/renew-self operations: - name: postauthtokenrenewself method: POST description: HashiCorp This endpoint will renew the token used to call it and prevent expiration. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: auth-token-revoke path: /auth/token/revoke operations: - name: postauthtokenrevoke method: POST description: HashiCorp This endpoint will delete the given token and all of its child tokens. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: auth-token-revoke-accessor path: /auth/token/revoke-accessor operations: - name: postauthtokenrevokeaccessor method: POST description: HashiCorp This endpoint will delete the token associated with the accessor and all of its child tokens. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: auth-token-revoke-orphan path: /auth/token/revoke-orphan operations: - name: postauthtokenrevokeorphan method: POST description: HashiCorp This endpoint will delete the token and orphan its child tokens. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: auth-token-revoke-self path: /auth/token/revoke-self operations: - name: postauthtokenrevokeself method: POST description: HashiCorp This endpoint will delete the token used to call it and all of its child tokens. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: auth-token-roles path: /auth/token/roles operations: - name: getauthtokenroles method: GET description: HashiCorp This endpoint lists configured roles. inputParameters: - name: list in: query type: string description: Return a list if `true` outputRawFormat: json outputParameters: - name: result type: object value: $. - name: auth-token-roles-role-name path: /auth/token/roles/{role_name} operations: - name: getauthtokenrolesrole-name method: GET description: GET /auth/token/roles/{role_name} outputRawFormat: json outputParameters: - name: result type: object value: $. - name: postauthtokenrolesrole-name method: POST description: POST /auth/token/roles/{role_name} outputRawFormat: json outputParameters: - name: result type: object value: $. - name: deleteauthtokenrolesrole-name method: DELETE description: DELETE /auth/token/roles/{role_name} outputRawFormat: json outputParameters: - name: result type: object value: $. - name: auth-token-tidy path: /auth/token/tidy operations: - name: postauthtokentidy method: POST description: HashiCorp This endpoint performs cleanup tasks that can be run if certain error conditions have occurred. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: cubbyhole-path path: /cubbyhole/{path} operations: - name: getcubbyholepath method: GET description: HashiCorp Retrieve the secret at the specified location. inputParameters: - name: list in: query type: string description: Return a list if `true` outputRawFormat: json outputParameters: - name: result type: object value: $. - name: postcubbyholepath method: POST description: HashiCorp Store a secret at the specified location. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: deletecubbyholepath method: DELETE description: HashiCorp Deletes the secret at the specified location. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: identity-alias path: /identity/alias operations: - name: postidentityalias method: POST description: HashiCorp Create a new alias. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: identity-alias-id path: /identity/alias/id operations: - name: getidentityaliasid method: GET description: HashiCorp List all the alias IDs. inputParameters: - name: list in: query type: string description: Return a list if `true` outputRawFormat: json outputParameters: - name: result type: object value: $. - name: identity-alias-id-id path: /identity/alias/id/{id} operations: - name: getidentityaliasidid method: GET description: HashiCorp Update, read or delete an alias ID. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: postidentityaliasidid method: POST description: HashiCorp Update, read or delete an alias ID. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: deleteidentityaliasidid method: DELETE description: HashiCorp Update, read or delete an alias ID. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: identity-entity path: /identity/entity operations: - name: postidentityentity method: POST description: HashiCorp Create a new entity outputRawFormat: json outputParameters: - name: result type: object value: $. - name: identity-entity-alias path: /identity/entity-alias operations: - name: postidentityentityalias method: POST description: HashiCorp Create a new alias. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: identity-entity-alias-id path: /identity/entity-alias/id operations: - name: getidentityentityaliasid method: GET description: HashiCorp List all the alias IDs. inputParameters: - name: list in: query type: string description: Return a list if `true` outputRawFormat: json outputParameters: - name: result type: object value: $. - name: identity-entity-alias-id-id path: /identity/entity-alias/id/{id} operations: - name: getidentityentityaliasidid method: GET description: HashiCorp Update, read or delete an alias ID. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: postidentityentityaliasidid method: POST description: HashiCorp Update, read or delete an alias ID. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: deleteidentityentityaliasidid method: DELETE description: HashiCorp Update, read or delete an alias ID. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: identity-entity-batch-delete path: /identity/entity/batch-delete operations: - name: postidentityentitybatchdelete method: POST description: HashiCorp Delete all of the entities provided outputRawFormat: json outputParameters: - name: result type: object value: $. - name: identity-entity-id path: /identity/entity/id operations: - name: getidentityentityid method: GET description: HashiCorp List all the entity IDs inputParameters: - name: list in: query type: string description: Return a list if `true` outputRawFormat: json outputParameters: - name: result type: object value: $. - name: identity-entity-id-id path: /identity/entity/id/{id} operations: - name: getidentityentityidid method: GET description: HashiCorp Update, read or delete an entity using entity ID outputRawFormat: json outputParameters: - name: result type: object value: $. - name: postidentityentityidid method: POST description: HashiCorp Update, read or delete an entity using entity ID outputRawFormat: json outputParameters: - name: result type: object value: $. - name: deleteidentityentityidid method: DELETE description: HashiCorp Update, read or delete an entity using entity ID outputRawFormat: json outputParameters: - name: result type: object value: $. - name: identity-entity-merge path: /identity/entity/merge operations: - name: postidentityentitymerge method: POST description: HashiCorp Merge two or more entities together outputRawFormat: json outputParameters: - name: result type: object value: $. - name: identity-entity-name path: /identity/entity/name operations: - name: getidentityentityname method: GET description: HashiCorp List all the entity names inputParameters: - name: list in: query type: string description: Return a list if `true` outputRawFormat: json outputParameters: - name: result type: object value: $. - name: identity-entity-name-name path: /identity/entity/name/{name} operations: - name: getidentityentitynamename method: GET description: HashiCorp Update, read or delete an entity using entity name outputRawFormat: json outputParameters: - name: result type: object value: $. - name: postidentityentitynamename method: POST description: HashiCorp Update, read or delete an entity using entity name outputRawFormat: json outputParameters: - name: result type: object value: $. - name: deleteidentityentitynamename method: DELETE description: HashiCorp Update, read or delete an entity using entity name outputRawFormat: json outputParameters: - name: result type: object value: $. - name: identity-group path: /identity/group operations: - name: postidentitygroup method: POST description: HashiCorp Create a new group. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: identity-group-alias path: /identity/group-alias operations: - name: postidentitygroupalias method: POST description: HashiCorp Creates a new group alias, or updates an existing one. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: identity-group-alias-id path: /identity/group-alias/id operations: - name: getidentitygroupaliasid method: GET description: HashiCorp List all the group alias IDs. inputParameters: - name: list in: query type: string description: Return a list if `true` outputRawFormat: json outputParameters: - name: result type: object value: $. - name: identity-group-alias-id-id path: /identity/group-alias/id/{id} operations: - name: getidentitygroupaliasidid method: GET description: GET /identity/group-alias/id/{id} outputRawFormat: json outputParameters: - name: result type: object value: $. - name: postidentitygroupaliasidid method: POST description: POST /identity/group-alias/id/{id} outputRawFormat: json outputParameters: - name: result type: object value: $. - name: deleteidentitygroupaliasidid method: DELETE description: DELETE /identity/group-alias/id/{id} outputRawFormat: json outputParameters: - name: result type: object value: $. - name: identity-group-id path: /identity/group/id operations: - name: getidentitygroupid method: GET description: HashiCorp List all the group IDs. inputParameters: - name: list in: query type: string description: Return a list if `true` outputRawFormat: json outputParameters: - name: result type: object value: $. - name: identity-group-id-id path: /identity/group/id/{id} operations: - name: getidentitygroupidid method: GET description: HashiCorp Update or delete an existing group using its ID. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: postidentitygroupidid method: POST description: HashiCorp Update or delete an existing group using its ID. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: deleteidentitygroupidid method: DELETE description: HashiCorp Update or delete an existing group using its ID. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: identity-group-name path: /identity/group/name operations: - name: getidentitygroupname method: GET description: GET /identity/group/name inputParameters: - name: list in: query type: string description: Return a list if `true` outputRawFormat: json outputParameters: - name: result type: object value: $. - name: identity-group-name-name path: /identity/group/name/{name} operations: - name: getidentitygroupnamename method: GET description: GET /identity/group/name/{name} outputRawFormat: json outputParameters: - name: result type: object value: $. - name: postidentitygroupnamename method: POST description: POST /identity/group/name/{name} outputRawFormat: json outputParameters: - name: result type: object value: $. - name: deleteidentitygroupnamename method: DELETE description: DELETE /identity/group/name/{name} outputRawFormat: json outputParameters: - name: result type: object value: $. - name: identity-lookup-entity path: /identity/lookup/entity operations: - name: postidentitylookupentity method: POST description: HashiCorp Query entities based on various properties. outputRawFormat: json outputParameters: - name: result type: object value: $. exposes: - type: rest port: 8080 namespace: hashicorp-rest description: REST adapter for HashiCorp Vault API. resources: - path: /auth/token/accessors/ name: getauthtokenaccessors operations: - method: GET name: getauthtokenaccessors description: HashiCorp List token accessors, which can then be be used to iterate and discover their properties or revoke them. Because this can be used to cause a denial of service, this endpoint requires 'sudo' capability in addition to 'list'. call: hashicorp.getauthtokenaccessors outputParameters: - type: object mapping: $. - path: /auth/token/create name: postauthtokencreate operations: - method: POST name: postauthtokencreate description: HashiCorp The token create path is used to create new tokens. call: hashicorp.postauthtokencreate outputParameters: - type: object mapping: $. - path: /auth/token/create-orphan name: postauthtokencreateorphan operations: - method: POST name: postauthtokencreateorphan description: HashiCorp The token create path is used to create new orphan tokens. call: hashicorp.postauthtokencreateorphan outputParameters: - type: object mapping: $. - path: /auth/token/create/{role_name} name: postauthtokencreaterole-name operations: - method: POST name: postauthtokencreaterole-name description: HashiCorp This token create path is used to create new tokens adhering to the given role. call: hashicorp.postauthtokencreaterole-name outputParameters: - type: object mapping: $. - path: /auth/token/lookup name: getauthtokenlookup operations: - method: GET name: getauthtokenlookup description: HashiCorp This endpoint will lookup a token and its properties. call: hashicorp.getauthtokenlookup outputParameters: - type: object mapping: $. - path: /auth/token/lookup name: postauthtokenlookup operations: - method: POST name: postauthtokenlookup description: HashiCorp This endpoint will lookup a token and its properties. call: hashicorp.postauthtokenlookup outputParameters: - type: object mapping: $. - path: /auth/token/lookup-accessor name: postauthtokenlookupaccessor operations: - method: POST name: postauthtokenlookupaccessor description: HashiCorp This endpoint will lookup a token associated with the given accessor and its properties. Response will not contain the token ID. call: hashicorp.postauthtokenlookupaccessor outputParameters: - type: object mapping: $. - path: /auth/token/lookup-self name: getauthtokenlookupself operations: - method: GET name: getauthtokenlookupself description: HashiCorp This endpoint will lookup a token and its properties. call: hashicorp.getauthtokenlookupself outputParameters: - type: object mapping: $. - path: /auth/token/lookup-self name: postauthtokenlookupself operations: - method: POST name: postauthtokenlookupself description: HashiCorp This endpoint will lookup a token and its properties. call: hashicorp.postauthtokenlookupself outputParameters: - type: object mapping: $. - path: /auth/token/renew name: postauthtokenrenew operations: - method: POST name: postauthtokenrenew description: HashiCorp This endpoint will renew the given token and prevent expiration. call: hashicorp.postauthtokenrenew outputParameters: - type: object mapping: $. - path: /auth/token/renew-accessor name: postauthtokenrenewaccessor operations: - method: POST name: postauthtokenrenewaccessor description: HashiCorp This endpoint will renew a token associated with the given accessor and its properties. Response will not contain the token ID. call: hashicorp.postauthtokenrenewaccessor outputParameters: - type: object mapping: $. - path: /auth/token/renew-self name: postauthtokenrenewself operations: - method: POST name: postauthtokenrenewself description: HashiCorp This endpoint will renew the token used to call it and prevent expiration. call: hashicorp.postauthtokenrenewself outputParameters: - type: object mapping: $. - path: /auth/token/revoke name: postauthtokenrevoke operations: - method: POST name: postauthtokenrevoke description: HashiCorp This endpoint will delete the given token and all of its child tokens. call: hashicorp.postauthtokenrevoke outputParameters: - type: object mapping: $. - path: /auth/token/revoke-accessor name: postauthtokenrevokeaccessor operations: - method: POST name: postauthtokenrevokeaccessor description: HashiCorp This endpoint will delete the token associated with the accessor and all of its child tokens. call: hashicorp.postauthtokenrevokeaccessor outputParameters: - type: object mapping: $. - path: /auth/token/revoke-orphan name: postauthtokenrevokeorphan operations: - method: POST name: postauthtokenrevokeorphan description: HashiCorp This endpoint will delete the token and orphan its child tokens. call: hashicorp.postauthtokenrevokeorphan outputParameters: - type: object mapping: $. - path: /auth/token/revoke-self name: postauthtokenrevokeself operations: - method: POST name: postauthtokenrevokeself description: HashiCorp This endpoint will delete the token used to call it and all of its child tokens. call: hashicorp.postauthtokenrevokeself outputParameters: - type: object mapping: $. - path: /auth/token/roles name: getauthtokenroles operations: - method: GET name: getauthtokenroles description: HashiCorp This endpoint lists configured roles. call: hashicorp.getauthtokenroles outputParameters: - type: object mapping: $. - path: /auth/token/roles/{role_name} name: getauthtokenrolesrole-name operations: - method: GET name: getauthtokenrolesrole-name description: GET /auth/token/roles/{role_name} call: hashicorp.getauthtokenrolesrole-name outputParameters: - type: object mapping: $. - path: /auth/token/roles/{role_name} name: postauthtokenrolesrole-name operations: - method: POST name: postauthtokenrolesrole-name description: POST /auth/token/roles/{role_name} call: hashicorp.postauthtokenrolesrole-name outputParameters: - type: object mapping: $. - path: /auth/token/roles/{role_name} name: deleteauthtokenrolesrole-name operations: - method: DELETE name: deleteauthtokenrolesrole-name description: DELETE /auth/token/roles/{role_name} call: hashicorp.deleteauthtokenrolesrole-name outputParameters: - type: object mapping: $. - path: /auth/token/tidy name: postauthtokentidy operations: - method: POST name: postauthtokentidy description: HashiCorp This endpoint performs cleanup tasks that can be run if certain error conditions have occurred. call: hashicorp.postauthtokentidy outputParameters: - type: object mapping: $. - path: /cubbyhole/{path} name: getcubbyholepath operations: - method: GET name: getcubbyholepath description: HashiCorp Retrieve the secret at the specified location. call: hashicorp.getcubbyholepath outputParameters: - type: object mapping: $. - path: /cubbyhole/{path} name: postcubbyholepath operations: - method: POST name: postcubbyholepath description: HashiCorp Store a secret at the specified location. call: hashicorp.postcubbyholepath outputParameters: - type: object mapping: $. - path: /cubbyhole/{path} name: deletecubbyholepath operations: - method: DELETE name: deletecubbyholepath description: HashiCorp Deletes the secret at the specified location. call: hashicorp.deletecubbyholepath outputParameters: - type: object mapping: $. - path: /identity/alias name: postidentityalias operations: - method: POST name: postidentityalias description: HashiCorp Create a new alias. call: hashicorp.postidentityalias outputParameters: - type: object mapping: $. - path: /identity/alias/id name: getidentityaliasid operations: - method: GET name: getidentityaliasid description: HashiCorp List all the alias IDs. call: hashicorp.getidentityaliasid outputParameters: - type: object mapping: $. - path: /identity/alias/id/{id} name: getidentityaliasidid operations: - method: GET name: getidentityaliasidid description: HashiCorp Update, read or delete an alias ID. call: hashicorp.getidentityaliasidid outputParameters: - type: object mapping: $. - path: /identity/alias/id/{id} name: postidentityaliasidid operations: - method: POST name: postidentityaliasidid description: HashiCorp Update, read or delete an alias ID. call: hashicorp.postidentityaliasidid outputParameters: - type: object mapping: $. - path: /identity/alias/id/{id} name: deleteidentityaliasidid operations: - method: DELETE name: deleteidentityaliasidid description: HashiCorp Update, read or delete an alias ID. call: hashicorp.deleteidentityaliasidid outputParameters: - type: object mapping: $. - path: /identity/entity name: postidentityentity operations: - method: POST name: postidentityentity description: HashiCorp Create a new entity call: hashicorp.postidentityentity outputParameters: - type: object mapping: $. - path: /identity/entity-alias name: postidentityentityalias operations: - method: POST name: postidentityentityalias description: HashiCorp Create a new alias. call: hashicorp.postidentityentityalias outputParameters: - type: object mapping: $. - path: /identity/entity-alias/id name: getidentityentityaliasid operations: - method: GET name: getidentityentityaliasid description: HashiCorp List all the alias IDs. call: hashicorp.getidentityentityaliasid outputParameters: - type: object mapping: $. - path: /identity/entity-alias/id/{id} name: getidentityentityaliasidid operations: - method: GET name: getidentityentityaliasidid description: HashiCorp Update, read or delete an alias ID. call: hashicorp.getidentityentityaliasidid outputParameters: - type: object mapping: $. - path: /identity/entity-alias/id/{id} name: postidentityentityaliasidid operations: - method: POST name: postidentityentityaliasidid description: HashiCorp Update, read or delete an alias ID. call: hashicorp.postidentityentityaliasidid outputParameters: - type: object mapping: $. - path: /identity/entity-alias/id/{id} name: deleteidentityentityaliasidid operations: - method: DELETE name: deleteidentityentityaliasidid description: HashiCorp Update, read or delete an alias ID. call: hashicorp.deleteidentityentityaliasidid outputParameters: - type: object mapping: $. - path: /identity/entity/batch-delete name: postidentityentitybatchdelete operations: - method: POST name: postidentityentitybatchdelete description: HashiCorp Delete all of the entities provided call: hashicorp.postidentityentitybatchdelete outputParameters: - type: object mapping: $. - path: /identity/entity/id name: getidentityentityid operations: - method: GET name: getidentityentityid description: HashiCorp List all the entity IDs call: hashicorp.getidentityentityid outputParameters: - type: object mapping: $. - path: /identity/entity/id/{id} name: getidentityentityidid operations: - method: GET name: getidentityentityidid description: HashiCorp Update, read or delete an entity using entity ID call: hashicorp.getidentityentityidid outputParameters: - type: object mapping: $. - path: /identity/entity/id/{id} name: postidentityentityidid operations: - method: POST name: postidentityentityidid description: HashiCorp Update, read or delete an entity using entity ID call: hashicorp.postidentityentityidid outputParameters: - type: object mapping: $. - path: /identity/entity/id/{id} name: deleteidentityentityidid operations: - method: DELETE name: deleteidentityentityidid description: HashiCorp Update, read or delete an entity using entity ID call: hashicorp.deleteidentityentityidid outputParameters: - type: object mapping: $. - path: /identity/entity/merge name: postidentityentitymerge operations: - method: POST name: postidentityentitymerge description: HashiCorp Merge two or more entities together call: hashicorp.postidentityentitymerge outputParameters: - type: object mapping: $. - path: /identity/entity/name name: getidentityentityname operations: - method: GET name: getidentityentityname description: HashiCorp List all the entity names call: hashicorp.getidentityentityname outputParameters: - type: object mapping: $. - path: /identity/entity/name/{name} name: getidentityentitynamename operations: - method: GET name: getidentityentitynamename description: HashiCorp Update, read or delete an entity using entity name call: hashicorp.getidentityentitynamename outputParameters: - type: object mapping: $. - path: /identity/entity/name/{name} name: postidentityentitynamename operations: - method: POST name: postidentityentitynamename description: HashiCorp Update, read or delete an entity using entity name call: hashicorp.postidentityentitynamename outputParameters: - type: object mapping: $. - path: /identity/entity/name/{name} name: deleteidentityentitynamename operations: - method: DELETE name: deleteidentityentitynamename description: HashiCorp Update, read or delete an entity using entity name call: hashicorp.deleteidentityentitynamename outputParameters: - type: object mapping: $. - path: /identity/group name: postidentitygroup operations: - method: POST name: postidentitygroup description: HashiCorp Create a new group. call: hashicorp.postidentitygroup outputParameters: - type: object mapping: $. - path: /identity/group-alias name: postidentitygroupalias operations: - method: POST name: postidentitygroupalias description: HashiCorp Creates a new group alias, or updates an existing one. call: hashicorp.postidentitygroupalias outputParameters: - type: object mapping: $. - path: /identity/group-alias/id name: getidentitygroupaliasid operations: - method: GET name: getidentitygroupaliasid description: HashiCorp List all the group alias IDs. call: hashicorp.getidentitygroupaliasid outputParameters: - type: object mapping: $. - path: /identity/group-alias/id/{id} name: getidentitygroupaliasidid operations: - method: GET name: getidentitygroupaliasidid description: GET /identity/group-alias/id/{id} call: hashicorp.getidentitygroupaliasidid outputParameters: - type: object mapping: $. - path: /identity/group-alias/id/{id} name: postidentitygroupaliasidid operations: - method: POST name: postidentitygroupaliasidid description: POST /identity/group-alias/id/{id} call: hashicorp.postidentitygroupaliasidid outputParameters: - type: object mapping: $. - path: /identity/group-alias/id/{id} name: deleteidentitygroupaliasidid operations: - method: DELETE name: deleteidentitygroupaliasidid description: DELETE /identity/group-alias/id/{id} call: hashicorp.deleteidentitygroupaliasidid outputParameters: - type: object mapping: $. - path: /identity/group/id name: getidentitygroupid operations: - method: GET name: getidentitygroupid description: HashiCorp List all the group IDs. call: hashicorp.getidentitygroupid outputParameters: - type: object mapping: $. - path: /identity/group/id/{id} name: getidentitygroupidid operations: - method: GET name: getidentitygroupidid description: HashiCorp Update or delete an existing group using its ID. call: hashicorp.getidentitygroupidid outputParameters: - type: object mapping: $. - path: /identity/group/id/{id} name: postidentitygroupidid operations: - method: POST name: postidentitygroupidid description: HashiCorp Update or delete an existing group using its ID. call: hashicorp.postidentitygroupidid outputParameters: - type: object mapping: $. - path: /identity/group/id/{id} name: deleteidentitygroupidid operations: - method: DELETE name: deleteidentitygroupidid description: HashiCorp Update or delete an existing group using its ID. call: hashicorp.deleteidentitygroupidid outputParameters: - type: object mapping: $. - path: /identity/group/name name: getidentitygroupname operations: - method: GET name: getidentitygroupname description: GET /identity/group/name call: hashicorp.getidentitygroupname outputParameters: - type: object mapping: $. - path: /identity/group/name/{name} name: getidentitygroupnamename operations: - method: GET name: getidentitygroupnamename description: GET /identity/group/name/{name} call: hashicorp.getidentitygroupnamename outputParameters: - type: object mapping: $. - path: /identity/group/name/{name} name: postidentitygroupnamename operations: - method: POST name: postidentitygroupnamename description: POST /identity/group/name/{name} call: hashicorp.postidentitygroupnamename outputParameters: - type: object mapping: $. - path: /identity/group/name/{name} name: deleteidentitygroupnamename operations: - method: DELETE name: deleteidentitygroupnamename description: DELETE /identity/group/name/{name} call: hashicorp.deleteidentitygroupnamename outputParameters: - type: object mapping: $. - path: /identity/lookup/entity name: postidentitylookupentity operations: - method: POST name: postidentitylookupentity description: HashiCorp Query entities based on various properties. call: hashicorp.postidentitylookupentity outputParameters: - type: object mapping: $. - type: mcp port: 9090 namespace: hashicorp-mcp transport: http description: MCP adapter for HashiCorp Vault API for AI agent use. tools: - name: getauthtokenaccessors description: HashiCorp List token accessors, which can then be be used to iterate and discover their properties or revoke them. Because this can be used to cause a denial of service, this endpoint requires 'sudo' capability in addition to 'list'. hints: readOnly: true destructive: false idempotent: true call: hashicorp.getauthtokenaccessors with: list: tools.list inputParameters: - name: list type: string description: Return a list if `true` outputParameters: - type: object mapping: $. - name: postauthtokencreate description: HashiCorp The token create path is used to create new tokens. hints: readOnly: false destructive: false idempotent: false call: hashicorp.postauthtokencreate outputParameters: - type: object mapping: $. - name: postauthtokencreateorphan description: HashiCorp The token create path is used to create new orphan tokens. hints: readOnly: false destructive: false idempotent: false call: hashicorp.postauthtokencreateorphan outputParameters: - type: object mapping: $. - name: postauthtokencreaterole-name description: HashiCorp This token create path is used to create new tokens adhering to the given role. hints: readOnly: false destructive: false idempotent: false call: hashicorp.postauthtokencreaterole-name outputParameters: - type: object mapping: $. - name: getauthtokenlookup description: HashiCorp This endpoint will lookup a token and its properties. hints: readOnly: true destructive: false idempotent: true call: hashicorp.getauthtokenlookup outputParameters: - type: object mapping: $. - name: postauthtokenlookup description: HashiCorp This endpoint will lookup a token and its properties. hints: readOnly: false destructive: false idempotent: false call: hashicorp.postauthtokenlookup outputParameters: - type: object mapping: $. - name: postauthtokenlookupaccessor description: HashiCorp This endpoint will lookup a token associated with the given accessor and its properties. Response will not contain the token ID. hints: readOnly: false destructive: false idempotent: false call: hashicorp.postauthtokenlookupaccessor outputParameters: - type: object mapping: $. - name: getauthtokenlookupself description: HashiCorp This endpoint will lookup a token and its properties. hints: readOnly: true destructive: false idempotent: true call: hashicorp.getauthtokenlookupself outputParameters: - type: object mapping: $. - name: postauthtokenlookupself description: HashiCorp This endpoint will lookup a token and its properties. hints: readOnly: false destructive: false idempotent: false call: hashicorp.postauthtokenlookupself outputParameters: - type: object mapping: $. - name: postauthtokenrenew description: HashiCorp This endpoint will renew the given token and prevent expiration. hints: readOnly: false destructive: false idempotent: false call: hashicorp.postauthtokenrenew outputParameters: - type: object mapping: $. - name: postauthtokenrenewaccessor description: HashiCorp This endpoint will renew a token associated with the given accessor and its properties. Response will not contain the token ID. hints: readOnly: false destructive: false idempotent: false call: hashicorp.postauthtokenrenewaccessor outputParameters: - type: object mapping: $. - name: postauthtokenrenewself description: HashiCorp This endpoint will renew the token used to call it and prevent expiration. hints: readOnly: false destructive: false idempotent: false call: hashicorp.postauthtokenrenewself outputParameters: - type: object mapping: $. - name: postauthtokenrevoke description: HashiCorp This endpoint will delete the given token and all of its child tokens. hints: readOnly: false destructive: false idempotent: false call: hashicorp.postauthtokenrevoke outputParameters: - type: object mapping: $. - name: postauthtokenrevokeaccessor description: HashiCorp This endpoint will delete the token associated with the accessor and all of its child tokens. hints: readOnly: false destructive: false idempotent: false call: hashicorp.postauthtokenrevokeaccessor outputParameters: - type: object mapping: $. - name: postauthtokenrevokeorphan description: HashiCorp This endpoint will delete the token and orphan its child tokens. hints: readOnly: false destructive: false idempotent: false call: hashicorp.postauthtokenrevokeorphan outputParameters: - type: object mapping: $. - name: postauthtokenrevokeself description: HashiCorp This endpoint will delete the token used to call it and all of its child tokens. hints: readOnly: false destructive: false idempotent: false call: hashicorp.postauthtokenrevokeself outputParameters: - type: object mapping: $. - name: getauthtokenroles description: HashiCorp This endpoint lists configured roles. hints: readOnly: true destructive: false idempotent: true call: hashicorp.getauthtokenroles with: list: tools.list inputParameters: - name: list type: string description: Return a list if `true` outputParameters: - type: object mapping: $. - name: getauthtokenrolesrole-name description: GET /auth/token/roles/{role_name} hints: readOnly: true destructive: false idempotent: true call: hashicorp.getauthtokenrolesrole-name outputParameters: - type: object mapping: $. - name: postauthtokenrolesrole-name description: POST /auth/token/roles/{role_name} hints: readOnly: false destructive: false idempotent: false call: hashicorp.postauthtokenrolesrole-name outputParameters: - type: object mapping: $. - name: deleteauthtokenrolesrole-name description: DELETE /auth/token/roles/{role_name} hints: readOnly: false destructive: true idempotent: true call: hashicorp.deleteauthtokenrolesrole-name outputParameters: - type: object mapping: $. - name: postauthtokentidy description: HashiCorp This endpoint performs cleanup tasks that can be run if certain error conditions have occurred. hints: readOnly: false destructive: false idempotent: false call: hashicorp.postauthtokentidy outputParameters: - type: object mapping: $. - name: getcubbyholepath description: HashiCorp Retrieve the secret at the specified location. hints: readOnly: true destructive: false idempotent: true call: hashicorp.getcubbyholepath with: list: tools.list inputParameters: - name: list type: string description: Return a list if `true` outputParameters: - type: object mapping: $. - name: postcubbyholepath description: HashiCorp Store a secret at the specified location. hints: readOnly: false destructive: false idempotent: false call: hashicorp.postcubbyholepath outputParameters: - type: object mapping: $. - name: deletecubbyholepath description: HashiCorp Deletes the secret at the specified location. hints: readOnly: false destructive: true idempotent: true call: hashicorp.deletecubbyholepath outputParameters: - type: object mapping: $. - name: postidentityalias description: HashiCorp Create a new alias. hints: readOnly: false destructive: false idempotent: false call: hashicorp.postidentityalias outputParameters: - type: object mapping: $. - name: getidentityaliasid description: HashiCorp List all the alias IDs. hints: readOnly: true destructive: false idempotent: true call: hashicorp.getidentityaliasid with: list: tools.list inputParameters: - name: list type: string description: Return a list if `true` outputParameters: - type: object mapping: $. - name: getidentityaliasidid description: HashiCorp Update, read or delete an alias ID. hints: readOnly: true destructive: false idempotent: true call: hashicorp.getidentityaliasidid outputParameters: - type: object mapping: $. - name: postidentityaliasidid description: HashiCorp Update, read or delete an alias ID. hints: readOnly: false destructive: false idempotent: false call: hashicorp.postidentityaliasidid outputParameters: - type: object mapping: $. - name: deleteidentityaliasidid description: HashiCorp Update, read or delete an alias ID. hints: readOnly: false destructive: true idempotent: true call: hashicorp.deleteidentityaliasidid outputParameters: - type: object mapping: $. - name: postidentityentity description: HashiCorp Create a new entity hints: readOnly: false destructive: false idempotent: false call: hashicorp.postidentityentity outputParameters: - type: object mapping: $. - name: postidentityentityalias description: HashiCorp Create a new alias. hints: readOnly: false destructive: false idempotent: false call: hashicorp.postidentityentityalias outputParameters: - type: object mapping: $. - name: getidentityentityaliasid description: HashiCorp List all the alias IDs. hints: readOnly: true destructive: false idempotent: true call: hashicorp.getidentityentityaliasid with: list: tools.list inputParameters: - name: list type: string description: Return a list if `true` outputParameters: - type: object mapping: $. - name: getidentityentityaliasidid description: HashiCorp Update, read or delete an alias ID. hints: readOnly: true destructive: false idempotent: true call: hashicorp.getidentityentityaliasidid outputParameters: - type: object mapping: $. - name: postidentityentityaliasidid description: HashiCorp Update, read or delete an alias ID. hints: readOnly: false destructive: false idempotent: false call: hashicorp.postidentityentityaliasidid outputParameters: - type: object mapping: $. - name: deleteidentityentityaliasidid description: HashiCorp Update, read or delete an alias ID. hints: readOnly: false destructive: true idempotent: true call: hashicorp.deleteidentityentityaliasidid outputParameters: - type: object mapping: $. - name: postidentityentitybatchdelete description: HashiCorp Delete all of the entities provided hints: readOnly: false destructive: false idempotent: false call: hashicorp.postidentityentitybatchdelete outputParameters: - type: object mapping: $. - name: getidentityentityid description: HashiCorp List all the entity IDs hints: readOnly: true destructive: false idempotent: true call: hashicorp.getidentityentityid with: list: tools.list inputParameters: - name: list type: string description: Return a list if `true` outputParameters: - type: object mapping: $. - name: getidentityentityidid description: HashiCorp Update, read or delete an entity using entity ID hints: readOnly: true destructive: false idempotent: true call: hashicorp.getidentityentityidid outputParameters: - type: object mapping: $. - name: postidentityentityidid description: HashiCorp Update, read or delete an entity using entity ID hints: readOnly: false destructive: false idempotent: false call: hashicorp.postidentityentityidid outputParameters: - type: object mapping: $. - name: deleteidentityentityidid description: HashiCorp Update, read or delete an entity using entity ID hints: readOnly: false destructive: true idempotent: true call: hashicorp.deleteidentityentityidid outputParameters: - type: object mapping: $. - name: postidentityentitymerge description: HashiCorp Merge two or more entities together hints: readOnly: false destructive: false idempotent: false call: hashicorp.postidentityentitymerge outputParameters: - type: object mapping: $. - name: getidentityentityname description: HashiCorp List all the entity names hints: readOnly: true destructive: false idempotent: true call: hashicorp.getidentityentityname with: list: tools.list inputParameters: - name: list type: string description: Return a list if `true` outputParameters: - type: object mapping: $. - name: getidentityentitynamename description: HashiCorp Update, read or delete an entity using entity name hints: readOnly: true destructive: false idempotent: true call: hashicorp.getidentityentitynamename outputParameters: - type: object mapping: $. - name: postidentityentitynamename description: HashiCorp Update, read or delete an entity using entity name hints: readOnly: false destructive: false idempotent: false call: hashicorp.postidentityentitynamename outputParameters: - type: object mapping: $. - name: deleteidentityentitynamename description: HashiCorp Update, read or delete an entity using entity name hints: readOnly: false destructive: true idempotent: true call: hashicorp.deleteidentityentitynamename outputParameters: - type: object mapping: $. - name: postidentitygroup description: HashiCorp Create a new group. hints: readOnly: false destructive: false idempotent: false call: hashicorp.postidentitygroup outputParameters: - type: object mapping: $. - name: postidentitygroupalias description: HashiCorp Creates a new group alias, or updates an existing one. hints: readOnly: false destructive: false idempotent: false call: hashicorp.postidentitygroupalias outputParameters: - type: object mapping: $. - name: getidentitygroupaliasid description: HashiCorp List all the group alias IDs. hints: readOnly: true destructive: false idempotent: true call: hashicorp.getidentitygroupaliasid with: list: tools.list inputParameters: - name: list type: string description: Return a list if `true` outputParameters: - type: object mapping: $. - name: getidentitygroupaliasidid description: GET /identity/group-alias/id/{id} hints: readOnly: true destructive: false idempotent: true call: hashicorp.getidentitygroupaliasidid outputParameters: - type: object mapping: $. - name: postidentitygroupaliasidid description: POST /identity/group-alias/id/{id} hints: readOnly: false destructive: false idempotent: false call: hashicorp.postidentitygroupaliasidid outputParameters: - type: object mapping: $. - name: deleteidentitygroupaliasidid description: DELETE /identity/group-alias/id/{id} hints: readOnly: false destructive: true idempotent: true call: hashicorp.deleteidentitygroupaliasidid outputParameters: - type: object mapping: $. - name: getidentitygroupid description: HashiCorp List all the group IDs. hints: readOnly: true destructive: false idempotent: true call: hashicorp.getidentitygroupid with: list: tools.list inputParameters: - name: list type: string description: Return a list if `true` outputParameters: - type: object mapping: $. - name: getidentitygroupidid description: HashiCorp Update or delete an existing group using its ID. hints: readOnly: true destructive: false idempotent: true call: hashicorp.getidentitygroupidid outputParameters: - type: object mapping: $. - name: postidentitygroupidid description: HashiCorp Update or delete an existing group using its ID. hints: readOnly: false destructive: false idempotent: false call: hashicorp.postidentitygroupidid outputParameters: - type: object mapping: $. - name: deleteidentitygroupidid description: HashiCorp Update or delete an existing group using its ID. hints: readOnly: false destructive: true idempotent: true call: hashicorp.deleteidentitygroupidid outputParameters: - type: object mapping: $. - name: getidentitygroupname description: GET /identity/group/name hints: readOnly: true destructive: false idempotent: true call: hashicorp.getidentitygroupname with: list: tools.list inputParameters: - name: list type: string description: Return a list if `true` outputParameters: - type: object mapping: $. - name: getidentitygroupnamename description: GET /identity/group/name/{name} hints: readOnly: true destructive: false idempotent: true call: hashicorp.getidentitygroupnamename outputParameters: - type: object mapping: $. - name: postidentitygroupnamename description: POST /identity/group/name/{name} hints: readOnly: false destructive: false idempotent: false call: hashicorp.postidentitygroupnamename outputParameters: - type: object mapping: $. - name: deleteidentitygroupnamename description: DELETE /identity/group/name/{name} hints: readOnly: false destructive: true idempotent: true call: hashicorp.deleteidentitygroupnamename outputParameters: - type: object mapping: $. - name: postidentitylookupentity description: HashiCorp Query entities based on various properties. hints: readOnly: false destructive: false idempotent: false call: hashicorp.postidentitylookupentity outputParameters: - type: object mapping: $.