Retrieves the configuration of one key vault.
Required Roles
You can successfully call this endpoint with any of the following assigned roles:
Base URL: https://{OPSMANAGER-HOST}:{PORT}/api/public/v1.0/admin
Resource
GET /keyVault/{KEY-VAULT-ID}
Request Path Parameters
Name | Type | Description |
|---|---|---|
KEY-VAULT-ID | string | Unique identifier of the key vault configuration to retrieve. |
Request Query Parameters
The following query parameters are optional:
Name | Type | Necessity | Description | Default |
|---|---|---|---|---|
pretty | boolean | Optional | Flag indicating whether the response body is in a prettyprint format. |
|
envelope | boolean | Optional | Flag that indicates whether to wrap the response in an envelope. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. For endpoints that return one result, the response body includes:
|
|
Request Body Parameters
This endpoint doesn't use HTTP request body parameters.
Response
Name | Type | Description |
|---|---|---|
id | string | Unique identifier that Ops Manager generates for this key vault
configuration. Use this value as the |
friendlyName | string | Human-readable label that identifies this key vault configuration. |
type | string | Key vault provider type. Ops Manager returns |
url | string | Address of the HashiCorp Vault server that Ops Manager connects to. |
auth | object | Authentication details that Ops Manager uses to connect to HashiCorp Vault. |
auth.mechanism | string | Authentication method that Ops Manager uses to connect to HashiCorp Vault. Ops Manager returns one of the following values:
|
auth.secret | string | Credential that Ops Manager uses to authenticate to HashiCorp
Vault. Ops Manager encrypts this value at rest and returns
|
auth.jwtClaims | object | Claims that Ops Manager sends when it requests a JWT login from
HashiCorp Vault. Ops Manager returns this object only when
|
customCertificates | array | List of custom Certificate Authority certificates that Ops Manager uses for TLS verification when it connects to the HashiCorp Vault server. |
customCertificates[n].filename | string | Name that identifies the Certificate Authority PEM file. |
customCertificates[n].certString | string | Contents of the Certificate Authority PEM file. Ops Manager returns
|
links | object array | One or more links to sub-resources or related resources. All
|
Example Request
curl --user '{PUBLIC-KEY}:{PRIVATE-KEY}' --digest \ --header 'Accept: application/json' \ --include \ --request GET 'https://<OpsManagerHost>:<Port>/api/public/v1.0/admin/keyVault/{KEY-VAULT-ID}?pretty=true'
Example Response
Response Header
401 Unauthorized Content-Type: application/json;charset=ISO-8859-1 Date: {dateInUnixFormat} WWW-Authenticate: Digest realm="MMS Public API", domain="", nonce="{nonce}", algorithm=MD5, op="auth", stale=false Content-Length: {requestLengthInBytes} Connection: keep-alive
200 OK Vary: Accept-Encoding Content-Type: application/json Strict-Transport-Security: max-age=300 Date: {dateInUnixFormat} Connection: keep-alive Content-Length: {requestLengthInBytes} X-MongoDB-Service-Version: gitHash={gitHash}; versionString={ApplicationVersion}
Response Body
{ "id": "{KEY-VAULT-ID}", "friendlyName": "myVault", "type": "HASHI_CORP", "url": "https://localhost:8200/", "auth": { "mechanism": "TOKEN", "secret": "[REDACTED]" }, "links": [ { "href": "https://<OpsManagerHost>:<Port>/api/public/v1.0/admin/keyVault/{KEY-VAULT-ID}", "rel": "self" } ] }