Approle Login is the way an application/container authenticate
towards the system. The approle login is similar to a regular
login but in place of a username and a password, a role-id and a
secret-id is provided.
The role-id is provided by the system after configuring an
approle id. It should be compiled into the application, e.g.,
fetched during the build state. The secret-id is provided as
an environment variable when the container is started. This
ensures that a rogue container cannot authenticate with access
to just one of those components.
If weak-secret-id is configured, then the secret-id is
provided as both role-id and secret-id.
OK
Bad Request
Unauthorized
Forbidden
Not Found
Service Unavailable (strongbox sealed)
role-id: e29a0356-1901-4149-8304-5ce894c7b71b secret-id: 4133db5f-035c-4e95-8973-ff0b2752cc59
token: acd71235-18ec-4035-a4c0-7a79e1bd1ded expires-in: 2764800 expires: 2022-01-12T15:49:54.078484Z accessor: 601ab2f4-9e3a-4e1e-9a99-81aff088cf0e creation-time: 2022-01-11T15:49:54.078484Z renewal-time: 2022-01-11T15:49:54.078484Z jwt-svid: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InNpZ25pbmcta2V5LTEifQ.eyJzdWIiOiJzcGlmZmU6Ly9hY21lLmNvbS9hcHByb2xlLW15LWFwcCIsImF1ZCI6WyJzZXJ2aWNlLWEiXSwiZXhwIjoxNjQxOTg2NTk0LCJpYXQiOjE2NDE5MDAyMDAsImlzcyI6Imh0dHBzOi8vYWNtZS5jb20ifQ.MEUCIQCp2fVRGP1LSmX4v7Yd5U2wQdNlBtQwxlhZ3PjsqN8BjAIgAOT3fRY6mDPkqZFw4NlJi3VeRsqG1mXXYoQnBT4e7S4f x509-svid: cert: | -----BEGIN CERTIFICATE----- MIIBpzCCAU2gAwIBAgIRANp7Kf3R2+DbHVe5zGS6OmYwCgYIKoZIzj0EAwIwADAe Fw0yMjAxMTExNTQ5NTRaFw0yMjAxMTIxNTQ5NTRaMAAwWTATBgcqhkjOPQIBBggq hkjOPQMBBwNCAAREhc9BzLjDMhkFGQREFLPEklFWy8mEcvWHQ8MKrOhWMB8GA1Ud EQQYMBaGFHNwaWZmZTovL2FjbWUuY29tLw== -----END CERTIFICATE----- private-key: | -----BEGIN EC PRIVATE KEY----- MHQCAQEEIFyNL4ZVXNazJM+wy3kpKTrFYMoFGJ8SqLQ4pQ9VhJgnoAoGCCqGSM49 AwEHoWQDYgAERIXPQcy4wzIZBRkERBSzxJJRVsvJhHL1h0PDCqzoVjA= -----END EC PRIVATE KEY----- disabled: false