HashiCorp · Capability

HashiCorp Vault API

HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.

Run with Naftiko HashicorpAPI

What You Can Do

GET
Getauthtokenaccessors — HashiCorp List token accessors, which can then be be used to iterate and discover their properties or revoke them. Because this can be used to cause a denial of service, this endpoint requires 'sudo' capability in addition to 'list'.
/auth/token/accessors/
POST
Postauthtokencreate — HashiCorp The token create path is used to create new tokens.
/auth/token/create
POST
Postauthtokencreateorphan — HashiCorp The token create path is used to create new orphan tokens.
/auth/token/create-orphan
POST
Postauthtokencreaterole name — HashiCorp This token create path is used to create new tokens adhering to the given role.
/auth/token/create/{role_name}
GET
Getauthtokenlookup — HashiCorp This endpoint will lookup a token and its properties.
/auth/token/lookup
POST
Postauthtokenlookup — HashiCorp This endpoint will lookup a token and its properties.
/auth/token/lookup
POST
Postauthtokenlookupaccessor — HashiCorp This endpoint will lookup a token associated with the given accessor and its properties. Response will not contain the token ID.
/auth/token/lookup-accessor
GET
Getauthtokenlookupself — HashiCorp This endpoint will lookup a token and its properties.
/auth/token/lookup-self
POST
Postauthtokenlookupself — HashiCorp This endpoint will lookup a token and its properties.
/auth/token/lookup-self
POST
Postauthtokenrenew — HashiCorp This endpoint will renew the given token and prevent expiration.
/auth/token/renew
POST
Postauthtokenrenewaccessor — HashiCorp This endpoint will renew a token associated with the given accessor and its properties. Response will not contain the token ID.
/auth/token/renew-accessor
POST
Postauthtokenrenewself — HashiCorp This endpoint will renew the token used to call it and prevent expiration.
/auth/token/renew-self
POST
Postauthtokenrevoke — HashiCorp This endpoint will delete the given token and all of its child tokens.
/auth/token/revoke
POST
Postauthtokenrevokeaccessor — HashiCorp This endpoint will delete the token associated with the accessor and all of its child tokens.
/auth/token/revoke-accessor
POST
Postauthtokenrevokeorphan — HashiCorp This endpoint will delete the token and orphan its child tokens.
/auth/token/revoke-orphan
POST
Postauthtokenrevokeself — HashiCorp This endpoint will delete the token used to call it and all of its child tokens.
/auth/token/revoke-self
GET
Getauthtokenroles — HashiCorp This endpoint lists configured roles.
/auth/token/roles
GET
Getauthtokenrolesrole name — GET /auth/token/roles/{role_name}
/auth/token/roles/{role_name}
POST
Postauthtokenrolesrole name — POST /auth/token/roles/{role_name}
/auth/token/roles/{role_name}
DELETE
Deleteauthtokenrolesrole name — DELETE /auth/token/roles/{role_name}
/auth/token/roles/{role_name}
POST
Postauthtokentidy — HashiCorp This endpoint performs cleanup tasks that can be run if certain error conditions have occurred.
/auth/token/tidy
GET
Getcubbyholepath — HashiCorp Retrieve the secret at the specified location.
/cubbyhole/{path}
POST
Postcubbyholepath — HashiCorp Store a secret at the specified location.
/cubbyhole/{path}
DELETE
Deletecubbyholepath — HashiCorp Deletes the secret at the specified location.
/cubbyhole/{path}
POST
Postidentityalias — HashiCorp Create a new alias.
/identity/alias
GET
Getidentityaliasid — HashiCorp List all the alias IDs.
/identity/alias/id
GET
Getidentityaliasidid — HashiCorp Update, read or delete an alias ID.
/identity/alias/id/{id}
POST
Postidentityaliasidid — HashiCorp Update, read or delete an alias ID.
/identity/alias/id/{id}
DELETE
Deleteidentityaliasidid — HashiCorp Update, read or delete an alias ID.
/identity/alias/id/{id}
POST
Postidentityentity — HashiCorp Create a new entity
/identity/entity
POST
Postidentityentityalias — HashiCorp Create a new alias.
/identity/entity-alias
GET
Getidentityentityaliasid — HashiCorp List all the alias IDs.
/identity/entity-alias/id
GET
Getidentityentityaliasidid — HashiCorp Update, read or delete an alias ID.
/identity/entity-alias/id/{id}
POST
Postidentityentityaliasidid — HashiCorp Update, read or delete an alias ID.
/identity/entity-alias/id/{id}
DELETE
Deleteidentityentityaliasidid — HashiCorp Update, read or delete an alias ID.
/identity/entity-alias/id/{id}
POST
Postidentityentitybatchdelete — HashiCorp Delete all of the entities provided
/identity/entity/batch-delete
GET
Getidentityentityid — HashiCorp List all the entity IDs
/identity/entity/id
GET
Getidentityentityidid — HashiCorp Update, read or delete an entity using entity ID
/identity/entity/id/{id}
POST
Postidentityentityidid — HashiCorp Update, read or delete an entity using entity ID
/identity/entity/id/{id}
DELETE
Deleteidentityentityidid — HashiCorp Update, read or delete an entity using entity ID
/identity/entity/id/{id}
POST
Postidentityentitymerge — HashiCorp Merge two or more entities together
/identity/entity/merge
GET
Getidentityentityname — HashiCorp List all the entity names
/identity/entity/name
GET
Getidentityentitynamename — HashiCorp Update, read or delete an entity using entity name
/identity/entity/name/{name}
POST
Postidentityentitynamename — HashiCorp Update, read or delete an entity using entity name
/identity/entity/name/{name}
DELETE
Deleteidentityentitynamename — HashiCorp Update, read or delete an entity using entity name
/identity/entity/name/{name}
POST
Postidentitygroup — HashiCorp Create a new group.
/identity/group
POST
Postidentitygroupalias — HashiCorp Creates a new group alias, or updates an existing one.
/identity/group-alias
GET
Getidentitygroupaliasid — HashiCorp List all the group alias IDs.
/identity/group-alias/id
GET
Getidentitygroupaliasidid — GET /identity/group-alias/id/{id}
/identity/group-alias/id/{id}
POST
Postidentitygroupaliasidid — POST /identity/group-alias/id/{id}
/identity/group-alias/id/{id}
DELETE
Deleteidentitygroupaliasidid — DELETE /identity/group-alias/id/{id}
/identity/group-alias/id/{id}
GET
Getidentitygroupid — HashiCorp List all the group IDs.
/identity/group/id
GET
Getidentitygroupidid — HashiCorp Update or delete an existing group using its ID.
/identity/group/id/{id}
POST
Postidentitygroupidid — HashiCorp Update or delete an existing group using its ID.
/identity/group/id/{id}
DELETE
Deleteidentitygroupidid — HashiCorp Update or delete an existing group using its ID.
/identity/group/id/{id}
GET
Getidentitygroupname — GET /identity/group/name
/identity/group/name
GET
Getidentitygroupnamename — GET /identity/group/name/{name}
/identity/group/name/{name}
POST
Postidentitygroupnamename — POST /identity/group/name/{name}
/identity/group/name/{name}
DELETE
Deleteidentitygroupnamename — DELETE /identity/group/name/{name}
/identity/group/name/{name}
POST
Postidentitylookupentity — HashiCorp Query entities based on various properties.
/identity/lookup/entity

MCP Tools

getauthtokenaccessors

HashiCorp List token accessors, which can then be be used to iterate and discover their properties or revoke them. Because this can be used to cause a denial of service, this endpoint requires 'sudo' capability in addition to 'list'.

read-only idempotent
postauthtokencreate

HashiCorp The token create path is used to create new tokens.

postauthtokencreateorphan

HashiCorp The token create path is used to create new orphan tokens.

postauthtokencreaterole-name

HashiCorp This token create path is used to create new tokens adhering to the given role.

getauthtokenlookup

HashiCorp This endpoint will lookup a token and its properties.

read-only idempotent
postauthtokenlookup

HashiCorp This endpoint will lookup a token and its properties.

postauthtokenlookupaccessor

HashiCorp This endpoint will lookup a token associated with the given accessor and its properties. Response will not contain the token ID.

getauthtokenlookupself

HashiCorp This endpoint will lookup a token and its properties.

read-only idempotent
postauthtokenlookupself

HashiCorp This endpoint will lookup a token and its properties.

postauthtokenrenew

HashiCorp This endpoint will renew the given token and prevent expiration.

postauthtokenrenewaccessor

HashiCorp This endpoint will renew a token associated with the given accessor and its properties. Response will not contain the token ID.

postauthtokenrenewself

HashiCorp This endpoint will renew the token used to call it and prevent expiration.

postauthtokenrevoke

HashiCorp This endpoint will delete the given token and all of its child tokens.

postauthtokenrevokeaccessor

HashiCorp This endpoint will delete the token associated with the accessor and all of its child tokens.

postauthtokenrevokeorphan

HashiCorp This endpoint will delete the token and orphan its child tokens.

postauthtokenrevokeself

HashiCorp This endpoint will delete the token used to call it and all of its child tokens.

getauthtokenroles

HashiCorp This endpoint lists configured roles.

read-only idempotent
getauthtokenrolesrole-name

GET /auth/token/roles/{role_name}

read-only idempotent
postauthtokenrolesrole-name

POST /auth/token/roles/{role_name}

deleteauthtokenrolesrole-name

DELETE /auth/token/roles/{role_name}

idempotent
postauthtokentidy

HashiCorp This endpoint performs cleanup tasks that can be run if certain error conditions have occurred.

getcubbyholepath

HashiCorp Retrieve the secret at the specified location.

read-only idempotent
postcubbyholepath

HashiCorp Store a secret at the specified location.

deletecubbyholepath

HashiCorp Deletes the secret at the specified location.

idempotent
postidentityalias

HashiCorp Create a new alias.

getidentityaliasid

HashiCorp List all the alias IDs.

read-only idempotent
getidentityaliasidid

HashiCorp Update, read or delete an alias ID.

read-only idempotent
postidentityaliasidid

HashiCorp Update, read or delete an alias ID.

deleteidentityaliasidid

HashiCorp Update, read or delete an alias ID.

idempotent
postidentityentity

HashiCorp Create a new entity

postidentityentityalias

HashiCorp Create a new alias.

getidentityentityaliasid

HashiCorp List all the alias IDs.

read-only idempotent
getidentityentityaliasidid

HashiCorp Update, read or delete an alias ID.

read-only idempotent
postidentityentityaliasidid

HashiCorp Update, read or delete an alias ID.

deleteidentityentityaliasidid

HashiCorp Update, read or delete an alias ID.

idempotent
postidentityentitybatchdelete

HashiCorp Delete all of the entities provided

getidentityentityid

HashiCorp List all the entity IDs

read-only idempotent
getidentityentityidid

HashiCorp Update, read or delete an entity using entity ID

read-only idempotent
postidentityentityidid

HashiCorp Update, read or delete an entity using entity ID

deleteidentityentityidid

HashiCorp Update, read or delete an entity using entity ID

idempotent
postidentityentitymerge

HashiCorp Merge two or more entities together

getidentityentityname

HashiCorp List all the entity names

read-only idempotent
getidentityentitynamename

HashiCorp Update, read or delete an entity using entity name

read-only idempotent
postidentityentitynamename

HashiCorp Update, read or delete an entity using entity name

deleteidentityentitynamename

HashiCorp Update, read or delete an entity using entity name

idempotent
postidentitygroup

HashiCorp Create a new group.

postidentitygroupalias

HashiCorp Creates a new group alias, or updates an existing one.

getidentitygroupaliasid

HashiCorp List all the group alias IDs.

read-only idempotent
getidentitygroupaliasidid

GET /identity/group-alias/id/{id}

read-only idempotent
postidentitygroupaliasidid

POST /identity/group-alias/id/{id}

deleteidentitygroupaliasidid

DELETE /identity/group-alias/id/{id}

idempotent
getidentitygroupid

HashiCorp List all the group IDs.

read-only idempotent
getidentitygroupidid

HashiCorp Update or delete an existing group using its ID.

read-only idempotent
postidentitygroupidid

HashiCorp Update or delete an existing group using its ID.

deleteidentitygroupidid

HashiCorp Update or delete an existing group using its ID.

idempotent
getidentitygroupname

GET /identity/group/name

read-only idempotent
getidentitygroupnamename

GET /identity/group/name/{name}

read-only idempotent
postidentitygroupnamename

POST /identity/group/name/{name}

deleteidentitygroupnamename

DELETE /identity/group/name/{name}

idempotent
postidentitylookupentity

HashiCorp Query entities based on various properties.

Capability Spec

hashicorp-capability.yaml Raw ↑ 
naftiko: 1.0.0-alpha2
info:
  label: HashiCorp Vault API
  description: HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
  tags:
  - Hashicorp
  - API
  created: '2026-05-06'
  modified: '2026-05-06'
capability:
  consumes:
  - type: http
    namespace: hashicorp
    baseUri: https://api.example.com
    description: HashiCorp Vault API HTTP API.
    resources:
    - name: auth-token-accessors
      path: /auth/token/accessors/
      operations:
      - name: getauthtokenaccessors
        method: GET
        description: HashiCorp List token accessors, which can then be be used to iterate and discover their properties or
          revoke them. Because this can be used to cause a denial of service, this endpoint requires 'sudo' capability in
          addition to 'list'.
        inputParameters:
        - name: list
          in: query
          type: string
          description: Return a list if `true`
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auth-token-create
      path: /auth/token/create
      operations:
      - name: postauthtokencreate
        method: POST
        description: HashiCorp The token create path is used to create new tokens.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auth-token-create-orphan
      path: /auth/token/create-orphan
      operations:
      - name: postauthtokencreateorphan
        method: POST
        description: HashiCorp The token create path is used to create new orphan tokens.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auth-token-create-role-name
      path: /auth/token/create/{role_name}
      operations:
      - name: postauthtokencreaterole-name
        method: POST
        description: HashiCorp This token create path is used to create new tokens adhering to the given role.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auth-token-lookup
      path: /auth/token/lookup
      operations:
      - name: getauthtokenlookup
        method: GET
        description: HashiCorp This endpoint will lookup a token and its properties.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: postauthtokenlookup
        method: POST
        description: HashiCorp This endpoint will lookup a token and its properties.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auth-token-lookup-accessor
      path: /auth/token/lookup-accessor
      operations:
      - name: postauthtokenlookupaccessor
        method: POST
        description: HashiCorp This endpoint will lookup a token associated with the given accessor and its properties. Response
          will not contain the token ID.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auth-token-lookup-self
      path: /auth/token/lookup-self
      operations:
      - name: getauthtokenlookupself
        method: GET
        description: HashiCorp This endpoint will lookup a token and its properties.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: postauthtokenlookupself
        method: POST
        description: HashiCorp This endpoint will lookup a token and its properties.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auth-token-renew
      path: /auth/token/renew
      operations:
      - name: postauthtokenrenew
        method: POST
        description: HashiCorp This endpoint will renew the given token and prevent expiration.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auth-token-renew-accessor
      path: /auth/token/renew-accessor
      operations:
      - name: postauthtokenrenewaccessor
        method: POST
        description: HashiCorp This endpoint will renew a token associated with the given accessor and its properties. Response
          will not contain the token ID.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auth-token-renew-self
      path: /auth/token/renew-self
      operations:
      - name: postauthtokenrenewself
        method: POST
        description: HashiCorp This endpoint will renew the token used to call it and prevent expiration.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auth-token-revoke
      path: /auth/token/revoke
      operations:
      - name: postauthtokenrevoke
        method: POST
        description: HashiCorp This endpoint will delete the given token and all of its child tokens.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auth-token-revoke-accessor
      path: /auth/token/revoke-accessor
      operations:
      - name: postauthtokenrevokeaccessor
        method: POST
        description: HashiCorp This endpoint will delete the token associated with the accessor and all of its child tokens.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auth-token-revoke-orphan
      path: /auth/token/revoke-orphan
      operations:
      - name: postauthtokenrevokeorphan
        method: POST
        description: HashiCorp This endpoint will delete the token and orphan its child tokens.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auth-token-revoke-self
      path: /auth/token/revoke-self
      operations:
      - name: postauthtokenrevokeself
        method: POST
        description: HashiCorp This endpoint will delete the token used to call it and all of its child tokens.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auth-token-roles
      path: /auth/token/roles
      operations:
      - name: getauthtokenroles
        method: GET
        description: HashiCorp This endpoint lists configured roles.
        inputParameters:
        - name: list
          in: query
          type: string
          description: Return a list if `true`
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auth-token-roles-role-name
      path: /auth/token/roles/{role_name}
      operations:
      - name: getauthtokenrolesrole-name
        method: GET
        description: GET /auth/token/roles/{role_name}
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: postauthtokenrolesrole-name
        method: POST
        description: POST /auth/token/roles/{role_name}
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: deleteauthtokenrolesrole-name
        method: DELETE
        description: DELETE /auth/token/roles/{role_name}
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auth-token-tidy
      path: /auth/token/tidy
      operations:
      - name: postauthtokentidy
        method: POST
        description: HashiCorp This endpoint performs cleanup tasks that can be run if certain error conditions have occurred.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: cubbyhole-path
      path: /cubbyhole/{path}
      operations:
      - name: getcubbyholepath
        method: GET
        description: HashiCorp Retrieve the secret at the specified location.
        inputParameters:
        - name: list
          in: query
          type: string
          description: Return a list if `true`
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: postcubbyholepath
        method: POST
        description: HashiCorp Store a secret at the specified location.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: deletecubbyholepath
        method: DELETE
        description: HashiCorp Deletes the secret at the specified location.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: identity-alias
      path: /identity/alias
      operations:
      - name: postidentityalias
        method: POST
        description: HashiCorp Create a new alias.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: identity-alias-id
      path: /identity/alias/id
      operations:
      - name: getidentityaliasid
        method: GET
        description: HashiCorp List all the alias IDs.
        inputParameters:
        - name: list
          in: query
          type: string
          description: Return a list if `true`
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: identity-alias-id-id
      path: /identity/alias/id/{id}
      operations:
      - name: getidentityaliasidid
        method: GET
        description: HashiCorp Update, read or delete an alias ID.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: postidentityaliasidid
        method: POST
        description: HashiCorp Update, read or delete an alias ID.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: deleteidentityaliasidid
        method: DELETE
        description: HashiCorp Update, read or delete an alias ID.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: identity-entity
      path: /identity/entity
      operations:
      - name: postidentityentity
        method: POST
        description: HashiCorp Create a new entity
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: identity-entity-alias
      path: /identity/entity-alias
      operations:
      - name: postidentityentityalias
        method: POST
        description: HashiCorp Create a new alias.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: identity-entity-alias-id
      path: /identity/entity-alias/id
      operations:
      - name: getidentityentityaliasid
        method: GET
        description: HashiCorp List all the alias IDs.
        inputParameters:
        - name: list
          in: query
          type: string
          description: Return a list if `true`
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: identity-entity-alias-id-id
      path: /identity/entity-alias/id/{id}
      operations:
      - name: getidentityentityaliasidid
        method: GET
        description: HashiCorp Update, read or delete an alias ID.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: postidentityentityaliasidid
        method: POST
        description: HashiCorp Update, read or delete an alias ID.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: deleteidentityentityaliasidid
        method: DELETE
        description: HashiCorp Update, read or delete an alias ID.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: identity-entity-batch-delete
      path: /identity/entity/batch-delete
      operations:
      - name: postidentityentitybatchdelete
        method: POST
        description: HashiCorp Delete all of the entities provided
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: identity-entity-id
      path: /identity/entity/id
      operations:
      - name: getidentityentityid
        method: GET
        description: HashiCorp List all the entity IDs
        inputParameters:
        - name: list
          in: query
          type: string
          description: Return a list if `true`
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: identity-entity-id-id
      path: /identity/entity/id/{id}
      operations:
      - name: getidentityentityidid
        method: GET
        description: HashiCorp Update, read or delete an entity using entity ID
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: postidentityentityidid
        method: POST
        description: HashiCorp Update, read or delete an entity using entity ID
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: deleteidentityentityidid
        method: DELETE
        description: HashiCorp Update, read or delete an entity using entity ID
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: identity-entity-merge
      path: /identity/entity/merge
      operations:
      - name: postidentityentitymerge
        method: POST
        description: HashiCorp Merge two or more entities together
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: identity-entity-name
      path: /identity/entity/name
      operations:
      - name: getidentityentityname
        method: GET
        description: HashiCorp List all the entity names
        inputParameters:
        - name: list
          in: query
          type: string
          description: Return a list if `true`
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: identity-entity-name-name
      path: /identity/entity/name/{name}
      operations:
      - name: getidentityentitynamename
        method: GET
        description: HashiCorp Update, read or delete an entity using entity name
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: postidentityentitynamename
        method: POST
        description: HashiCorp Update, read or delete an entity using entity name
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: deleteidentityentitynamename
        method: DELETE
        description: HashiCorp Update, read or delete an entity using entity name
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: identity-group
      path: /identity/group
      operations:
      - name: postidentitygroup
        method: POST
        description: HashiCorp Create a new group.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: identity-group-alias
      path: /identity/group-alias
      operations:
      - name: postidentitygroupalias
        method: POST
        description: HashiCorp Creates a new group alias, or updates an existing one.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: identity-group-alias-id
      path: /identity/group-alias/id
      operations:
      - name: getidentitygroupaliasid
        method: GET
        description: HashiCorp List all the group alias IDs.
        inputParameters:
        - name: list
          in: query
          type: string
          description: Return a list if `true`
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: identity-group-alias-id-id
      path: /identity/group-alias/id/{id}
      operations:
      - name: getidentitygroupaliasidid
        method: GET
        description: GET /identity/group-alias/id/{id}
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: postidentitygroupaliasidid
        method: POST
        description: POST /identity/group-alias/id/{id}
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: deleteidentitygroupaliasidid
        method: DELETE
        description: DELETE /identity/group-alias/id/{id}
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: identity-group-id
      path: /identity/group/id
      operations:
      - name: getidentitygroupid
        method: GET
        description: HashiCorp List all the group IDs.
        inputParameters:
        - name: list
          in: query
          type: string
          description: Return a list if `true`
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: identity-group-id-id
      path: /identity/group/id/{id}
      operations:
      - name: getidentitygroupidid
        method: GET
        description: HashiCorp Update or delete an existing group using its ID.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: postidentitygroupidid
        method: POST
        description: HashiCorp Update or delete an existing group using its ID.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: deleteidentitygroupidid
        method: DELETE
        description: HashiCorp Update or delete an existing group using its ID.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: identity-group-name
      path: /identity/group/name
      operations:
      - name: getidentitygroupname
        method: GET
        description: GET /identity/group/name
        inputParameters:
        - name: list
          in: query
          type: string
          description: Return a list if `true`
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: identity-group-name-name
      path: /identity/group/name/{name}
      operations:
      - name: getidentitygroupnamename
        method: GET
        description: GET /identity/group/name/{name}
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: postidentitygroupnamename
        method: POST
        description: POST /identity/group/name/{name}
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: deleteidentitygroupnamename
        method: DELETE
        description: DELETE /identity/group/name/{name}
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: identity-lookup-entity
      path: /identity/lookup/entity
      operations:
      - name: postidentitylookupentity
        method: POST
        description: HashiCorp Query entities based on various properties.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
  exposes:
  - type: rest
    port: 8080
    namespace: hashicorp-rest
    description: REST adapter for HashiCorp Vault API.
    resources:
    - path: /auth/token/accessors/
      name: getauthtokenaccessors
      operations:
      - method: GET
        name: getauthtokenaccessors
        description: HashiCorp List token accessors, which can then be be used to iterate and discover their properties or
          revoke them. Because this can be used to cause a denial of service, this endpoint requires 'sudo' capability in
          addition to 'list'.
        call: hashicorp.getauthtokenaccessors
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/token/create
      name: postauthtokencreate
      operations:
      - method: POST
        name: postauthtokencreate
        description: HashiCorp The token create path is used to create new tokens.
        call: hashicorp.postauthtokencreate
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/token/create-orphan
      name: postauthtokencreateorphan
      operations:
      - method: POST
        name: postauthtokencreateorphan
        description: HashiCorp The token create path is used to create new orphan tokens.
        call: hashicorp.postauthtokencreateorphan
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/token/create/{role_name}
      name: postauthtokencreaterole-name
      operations:
      - method: POST
        name: postauthtokencreaterole-name
        description: HashiCorp This token create path is used to create new tokens adhering to the given role.
        call: hashicorp.postauthtokencreaterole-name
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/token/lookup
      name: getauthtokenlookup
      operations:
      - method: GET
        name: getauthtokenlookup
        description: HashiCorp This endpoint will lookup a token and its properties.
        call: hashicorp.getauthtokenlookup
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/token/lookup
      name: postauthtokenlookup
      operations:
      - method: POST
        name: postauthtokenlookup
        description: HashiCorp This endpoint will lookup a token and its properties.
        call: hashicorp.postauthtokenlookup
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/token/lookup-accessor
      name: postauthtokenlookupaccessor
      operations:
      - method: POST
        name: postauthtokenlookupaccessor
        description: HashiCorp This endpoint will lookup a token associated with the given accessor and its properties. Response
          will not contain the token ID.
        call: hashicorp.postauthtokenlookupaccessor
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/token/lookup-self
      name: getauthtokenlookupself
      operations:
      - method: GET
        name: getauthtokenlookupself
        description: HashiCorp This endpoint will lookup a token and its properties.
        call: hashicorp.getauthtokenlookupself
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/token/lookup-self
      name: postauthtokenlookupself
      operations:
      - method: POST
        name: postauthtokenlookupself
        description: HashiCorp This endpoint will lookup a token and its properties.
        call: hashicorp.postauthtokenlookupself
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/token/renew
      name: postauthtokenrenew
      operations:
      - method: POST
        name: postauthtokenrenew
        description: HashiCorp This endpoint will renew the given token and prevent expiration.
        call: hashicorp.postauthtokenrenew
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/token/renew-accessor
      name: postauthtokenrenewaccessor
      operations:
      - method: POST
        name: postauthtokenrenewaccessor
        description: HashiCorp This endpoint will renew a token associated with the given accessor and its properties. Response
          will not contain the token ID.
        call: hashicorp.postauthtokenrenewaccessor
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/token/renew-self
      name: postauthtokenrenewself
      operations:
      - method: POST
        name: postauthtokenrenewself
        description: HashiCorp This endpoint will renew the token used to call it and prevent expiration.
        call: hashicorp.postauthtokenrenewself
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/token/revoke
      name: postauthtokenrevoke
      operations:
      - method: POST
        name: postauthtokenrevoke
        description: HashiCorp This endpoint will delete the given token and all of its child tokens.
        call: hashicorp.postauthtokenrevoke
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/token/revoke-accessor
      name: postauthtokenrevokeaccessor
      operations:
      - method: POST
        name: postauthtokenrevokeaccessor
        description: HashiCorp This endpoint will delete the token associated with the accessor and all of its child tokens.
        call: hashicorp.postauthtokenrevokeaccessor
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/token/revoke-orphan
      name: postauthtokenrevokeorphan
      operations:
      - method: POST
        name: postauthtokenrevokeorphan
        description: HashiCorp This endpoint will delete the token and orphan its child tokens.
        call: hashicorp.postauthtokenrevokeorphan
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/token/revoke-self
      name: postauthtokenrevokeself
      operations:
      - method: POST
        name: postauthtokenrevokeself
        description: HashiCorp This endpoint will delete the token used to call it and all of its child tokens.
        call: hashicorp.postauthtokenrevokeself
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/token/roles
      name: getauthtokenroles
      operations:
      - method: GET
        name: getauthtokenroles
        description: HashiCorp This endpoint lists configured roles.
        call: hashicorp.getauthtokenroles
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/token/roles/{role_name}
      name: getauthtokenrolesrole-name
      operations:
      - method: GET
        name: getauthtokenrolesrole-name
        description: GET /auth/token/roles/{role_name}
        call: hashicorp.getauthtokenrolesrole-name
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/token/roles/{role_name}
      name: postauthtokenrolesrole-name
      operations:
      - method: POST
        name: postauthtokenrolesrole-name
        description: POST /auth/token/roles/{role_name}
        call: hashicorp.postauthtokenrolesrole-name
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/token/roles/{role_name}
      name: deleteauthtokenrolesrole-name
      operations:
      - method: DELETE
        name: deleteauthtokenrolesrole-name
        description: DELETE /auth/token/roles/{role_name}
        call: hashicorp.deleteauthtokenrolesrole-name
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/token/tidy
      name: postauthtokentidy
      operations:
      - method: POST
        name: postauthtokentidy
        description: HashiCorp This endpoint performs cleanup tasks that can be run if certain error conditions have occurred.
        call: hashicorp.postauthtokentidy
        outputParameters:
        - type: object
          mapping: $.
    - path: /cubbyhole/{path}
      name: getcubbyholepath
      operations:
      - method: GET
        name: getcubbyholepath
        description: HashiCorp Retrieve the secret at the specified location.
        call: hashicorp.getcubbyholepath
        outputParameters:
        - type: object
          mapping: $.
    - path: /cubbyhole/{path}
      name: postcubbyholepath
      operations:
      - method: POST
        name: postcubbyholepath
        description: HashiCorp Store a secret at the specified location.
        call: hashicorp.postcubbyholepath
        outputParameters:
        - type: object
          mapping: $.
    - path: /cubbyhole/{path}
      name: deletecubbyholepath
      operations:
      - method: DELETE
        name: deletecubbyholepath
        description: HashiCorp Deletes the secret at the specified location.
        call: hashicorp.deletecubbyholepath
        outputParameters:
        - type: object
          mapping: $.
    - path: /identity/alias
      name: postidentityalias
      operations:
      - method: POST
        name: postidentityalias
        description: HashiCorp Create a new alias.
        call: hashicorp.postidentityalias
        outputParameters:
        - type: object
          mapping: $.
    - path: /identity/alias/id
      name: getidentityaliasid
      operations:
      - method: GET
        name: getidentityaliasid
        description: HashiCorp List all the alias IDs.
        call: hashicorp.getidentityaliasid
        outputParameters:
        - type: object
          mapping: $.
    - path: /identity/alias/id/{id}
      name: getidentityaliasidid
      operations:
      - method: GET
        name: getidentityaliasidid
        description: HashiCorp Update, read or delete an alias ID.
        call: hashicorp.getidentityaliasidid
        outputParameters:
        - type: object
          mapping: $.
    - path: /identity/alias/id/{id}
      name: postidentityaliasidid
      operations:
      - method: POST
        name: postidentityaliasidid
        description: HashiCorp Update, read or delete an alias ID.
        call: hashicorp.postidentityaliasidid
        outputParameters:
        - type: object
          mapping: $.
    - path: /identity/alias/id/{id}
      name: deleteidentityaliasidid
      operations:
      - method: DELETE
        name: deleteidentityaliasidid
        description: HashiCorp Update, read or delete an alias ID.
        call: hashicorp.deleteidentityaliasidid
        outputParameters:
        - type: object
          mapping: $.
    - path: /identity/entity
      name: postidentityentity
      operations:
      - method: POST
        name: postidentityentity
        description: HashiCorp Create a new entity
        call: hashicorp.postidentityentity
        outputParameters:
        - type: object
          mapping: $.
    - path: /identity/entity-alias
      name: postidentityentityalias
      operations:
      - method: POST
        name: postidentityentityalias
        description: HashiCorp Create a new alias.
        call: hashicorp.postidentityentityalias
        outputParameters:
        - type: object
          mapping: $.
    - path: /identity/entity-alias/id
      name: getidentityentityaliasid
      operations:
      - method: GET
        name: getidentityentityaliasid
        description: HashiCorp List all the alias IDs.
        call: hashicorp.getidentityentityaliasid
        outputParameters:
        - type: object
          mapping: $.
    - path: /identity/entity-alias/id/{id}
      name: getidentityentityaliasidid
      operations:
      - method: GET
        name: getidentityentityaliasidid
        description: HashiCorp Update, read or delete an alias ID.
        call: hashicorp.getidentityentityaliasidid
        outputParameters:
        - type: object
          mapping: $.
    - path: /identity/entity-alias/id/{id}
   

# --- truncated at 32 KB (60 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/hashicorp/refs/heads/main/capabilities/hashicorp-capability.yaml