HashiCorp Vault Vault Auth Methods API

naftiko: 1.0.0-alpha2
info:
  label: HashiCorp Vault Vault Auth Methods API
  description: APIs for authentication methods in HashiCorp Vault including Token, AppRole, Kubernetes, LDAP, JWT/OIDC, GitHub,
    Userpass, and AWS auth methods. These endpoints handle user and machine authentication to obtain Vault tokens.
  tags:
  - Hvault
  - API
  created: '2026-05-06'
  modified: '2026-05-06'
capability:
  consumes:
  - type: http
    namespace: hvault
    baseUri: https://vault.example.com/v1
    description: HashiCorp Vault Vault Auth Methods API HTTP API.
    authentication:
      type: apikey
      in: header
      name: X-Vault-Token
      value: '{{HVAULT_TOKEN}}'
    resources:
    - name: auth-token-create
      path: /auth/token/create
      operations:
      - name: createtoken
        method: POST
        description: HashiCorp Vault Create token
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auth-token-create-orphan
      path: /auth/token/create-orphan
      operations:
      - name: createorphantoken
        method: POST
        description: HashiCorp Vault Create orphan token
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auth-token-create-role-name
      path: /auth/token/create/{role_name}
      operations:
      - name: createtokenwithrole
        method: POST
        description: HashiCorp Vault Create token with role
        inputParameters:
        - name: role_name
          in: path
          type: string
          required: true
          description: Name of the token role
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auth-token-lookup
      path: /auth/token/lookup
      operations:
      - name: lookuptoken
        method: POST
        description: HashiCorp Vault Lookup token
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auth-token-lookup-self
      path: /auth/token/lookup-self
      operations:
      - name: lookupselftoken
        method: GET
        description: HashiCorp Vault Lookup self token
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auth-token-renew
      path: /auth/token/renew
      operations:
      - name: renewtoken
        method: POST
        description: HashiCorp Vault Renew token
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auth-token-renew-self
      path: /auth/token/renew-self
      operations:
      - name: renewselftoken
        method: POST
        description: HashiCorp Vault Renew self token
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auth-token-revoke
      path: /auth/token/revoke
      operations:
      - name: revoketoken
        method: POST
        description: HashiCorp Vault Revoke token
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auth-token-revoke-self
      path: /auth/token/revoke-self
      operations:
      - name: revokeselftoken
        method: POST
        description: HashiCorp Vault Revoke self token
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auth-token-roles-role-name
      path: /auth/token/roles/{role_name}
      operations:
      - name: readtokenrole
        method: GET
        description: HashiCorp Vault Read token role
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: createorupdatetokenrole
        method: POST
        description: HashiCorp Vault Create or update token role
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: deletetokenrole
        method: DELETE
        description: HashiCorp Vault Delete token role
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auth-approle-login
      path: /auth/approle/login
      operations:
      - name: loginwithapprole
        method: POST
        description: HashiCorp Vault Login with AppRole
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auth-approle-role-role-name
      path: /auth/approle/role/{role_name}
      operations:
      - name: readapprole
        method: GET
        description: HashiCorp Vault Read AppRole
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: createorupdateapprole
        method: POST
        description: HashiCorp Vault Create or update AppRole
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: deleteapprole
        method: DELETE
        description: HashiCorp Vault Delete AppRole
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auth-approle-role-role-name-role-id
      path: /auth/approle/role/{role_name}/role-id
      operations:
      - name: readapproleroleid
        method: GET
        description: HashiCorp Vault Read AppRole role ID
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auth-approle-role-role-name-secret-id
      path: /auth/approle/role/{role_name}/secret-id
      operations:
      - name: generateapprolesecretid
        method: POST
        description: HashiCorp Vault Generate AppRole secret ID
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auth-kubernetes-login
      path: /auth/kubernetes/login
      operations:
      - name: loginwithkubernetes
        method: POST
        description: HashiCorp Vault Login with Kubernetes
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auth-kubernetes-config
      path: /auth/kubernetes/config
      operations:
      - name: readkubernetesconfig
        method: GET
        description: HashiCorp Vault Read Kubernetes auth configuration
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: configurekubernetesauth
        method: POST
        description: HashiCorp Vault Configure Kubernetes auth
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auth-kubernetes-role-name
      path: /auth/kubernetes/role/{name}
      operations:
      - name: readkubernetesrole
        method: GET
        description: HashiCorp Vault Read Kubernetes role
        inputParameters:
        - name: name
          in: path
          type: string
          required: true
          description: Name of the role
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: createorupdatekubernetesrole
        method: POST
        description: HashiCorp Vault Create or update Kubernetes role
        inputParameters:
        - name: name
          in: path
          type: string
          required: true
          description: Name of the role
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: deletekubernetesrole
        method: DELETE
        description: HashiCorp Vault Delete Kubernetes role
        inputParameters:
        - name: name
          in: path
          type: string
          required: true
          description: Name of the role
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auth-ldap-login-username
      path: /auth/ldap/login/{username}
      operations:
      - name: loginwithldap
        method: POST
        description: HashiCorp Vault Login with LDAP
        inputParameters:
        - name: username
          in: path
          type: string
          required: true
          description: LDAP username
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auth-jwt-login
      path: /auth/jwt/login
      operations:
      - name: loginwithjwt
        method: POST
        description: HashiCorp Vault Login with JWT/OIDC
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auth-userpass-login-username
      path: /auth/userpass/login/{username}
      operations:
      - name: loginwithuserpass
        method: POST
        description: HashiCorp Vault Login with username and password
        inputParameters:
        - name: username
          in: path
          type: string
          required: true
          description: Username
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auth-userpass-users-username
      path: /auth/userpass/users/{username}
      operations:
      - name: readuserpassuser
        method: GET
        description: HashiCorp Vault Read userpass user
        inputParameters:
        - name: username
          in: path
          type: string
          required: true
          description: Username
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: createorupdateuserpassuser
        method: POST
        description: HashiCorp Vault Create or update userpass user
        inputParameters:
        - name: username
          in: path
          type: string
          required: true
          description: Username
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: deleteuserpassuser
        method: DELETE
        description: HashiCorp Vault Delete userpass user
        inputParameters:
        - name: username
          in: path
          type: string
          required: true
          description: Username
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auth-github-login
      path: /auth/github/login
      operations:
      - name: loginwithgithub
        method: POST
        description: HashiCorp Vault Login with GitHub
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
  exposes:
  - type: rest
    port: 8080
    namespace: hvault-rest
    description: REST adapter for HashiCorp Vault Vault Auth Methods API.
    resources:
    - path: /auth/token/create
      name: createtoken
      operations:
      - method: POST
        name: createtoken
        description: HashiCorp Vault Create token
        call: hvault.createtoken
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/token/create-orphan
      name: createorphantoken
      operations:
      - method: POST
        name: createorphantoken
        description: HashiCorp Vault Create orphan token
        call: hvault.createorphantoken
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/token/create/{role_name}
      name: createtokenwithrole
      operations:
      - method: POST
        name: createtokenwithrole
        description: HashiCorp Vault Create token with role
        call: hvault.createtokenwithrole
        with:
          role_name: rest.role_name
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/token/lookup
      name: lookuptoken
      operations:
      - method: POST
        name: lookuptoken
        description: HashiCorp Vault Lookup token
        call: hvault.lookuptoken
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/token/lookup-self
      name: lookupselftoken
      operations:
      - method: GET
        name: lookupselftoken
        description: HashiCorp Vault Lookup self token
        call: hvault.lookupselftoken
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/token/renew
      name: renewtoken
      operations:
      - method: POST
        name: renewtoken
        description: HashiCorp Vault Renew token
        call: hvault.renewtoken
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/token/renew-self
      name: renewselftoken
      operations:
      - method: POST
        name: renewselftoken
        description: HashiCorp Vault Renew self token
        call: hvault.renewselftoken
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/token/revoke
      name: revoketoken
      operations:
      - method: POST
        name: revoketoken
        description: HashiCorp Vault Revoke token
        call: hvault.revoketoken
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/token/revoke-self
      name: revokeselftoken
      operations:
      - method: POST
        name: revokeselftoken
        description: HashiCorp Vault Revoke self token
        call: hvault.revokeselftoken
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/token/roles/{role_name}
      name: readtokenrole
      operations:
      - method: GET
        name: readtokenrole
        description: HashiCorp Vault Read token role
        call: hvault.readtokenrole
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/token/roles/{role_name}
      name: createorupdatetokenrole
      operations:
      - method: POST
        name: createorupdatetokenrole
        description: HashiCorp Vault Create or update token role
        call: hvault.createorupdatetokenrole
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/token/roles/{role_name}
      name: deletetokenrole
      operations:
      - method: DELETE
        name: deletetokenrole
        description: HashiCorp Vault Delete token role
        call: hvault.deletetokenrole
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/approle/login
      name: loginwithapprole
      operations:
      - method: POST
        name: loginwithapprole
        description: HashiCorp Vault Login with AppRole
        call: hvault.loginwithapprole
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/approle/role/{role_name}
      name: readapprole
      operations:
      - method: GET
        name: readapprole
        description: HashiCorp Vault Read AppRole
        call: hvault.readapprole
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/approle/role/{role_name}
      name: createorupdateapprole
      operations:
      - method: POST
        name: createorupdateapprole
        description: HashiCorp Vault Create or update AppRole
        call: hvault.createorupdateapprole
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/approle/role/{role_name}
      name: deleteapprole
      operations:
      - method: DELETE
        name: deleteapprole
        description: HashiCorp Vault Delete AppRole
        call: hvault.deleteapprole
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/approle/role/{role_name}/role-id
      name: readapproleroleid
      operations:
      - method: GET
        name: readapproleroleid
        description: HashiCorp Vault Read AppRole role ID
        call: hvault.readapproleroleid
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/approle/role/{role_name}/secret-id
      name: generateapprolesecretid
      operations:
      - method: POST
        name: generateapprolesecretid
        description: HashiCorp Vault Generate AppRole secret ID
        call: hvault.generateapprolesecretid
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/kubernetes/login
      name: loginwithkubernetes
      operations:
      - method: POST
        name: loginwithkubernetes
        description: HashiCorp Vault Login with Kubernetes
        call: hvault.loginwithkubernetes
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/kubernetes/config
      name: readkubernetesconfig
      operations:
      - method: GET
        name: readkubernetesconfig
        description: HashiCorp Vault Read Kubernetes auth configuration
        call: hvault.readkubernetesconfig
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/kubernetes/config
      name: configurekubernetesauth
      operations:
      - method: POST
        name: configurekubernetesauth
        description: HashiCorp Vault Configure Kubernetes auth
        call: hvault.configurekubernetesauth
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/kubernetes/role/{name}
      name: readkubernetesrole
      operations:
      - method: GET
        name: readkubernetesrole
        description: HashiCorp Vault Read Kubernetes role
        call: hvault.readkubernetesrole
        with:
          name: rest.name
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/kubernetes/role/{name}
      name: createorupdatekubernetesrole
      operations:
      - method: POST
        name: createorupdatekubernetesrole
        description: HashiCorp Vault Create or update Kubernetes role
        call: hvault.createorupdatekubernetesrole
        with:
          name: rest.name
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/kubernetes/role/{name}
      name: deletekubernetesrole
      operations:
      - method: DELETE
        name: deletekubernetesrole
        description: HashiCorp Vault Delete Kubernetes role
        call: hvault.deletekubernetesrole
        with:
          name: rest.name
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/ldap/login/{username}
      name: loginwithldap
      operations:
      - method: POST
        name: loginwithldap
        description: HashiCorp Vault Login with LDAP
        call: hvault.loginwithldap
        with:
          username: rest.username
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/jwt/login
      name: loginwithjwt
      operations:
      - method: POST
        name: loginwithjwt
        description: HashiCorp Vault Login with JWT/OIDC
        call: hvault.loginwithjwt
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/userpass/login/{username}
      name: loginwithuserpass
      operations:
      - method: POST
        name: loginwithuserpass
        description: HashiCorp Vault Login with username and password
        call: hvault.loginwithuserpass
        with:
          username: rest.username
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/userpass/users/{username}
      name: readuserpassuser
      operations:
      - method: GET
        name: readuserpassuser
        description: HashiCorp Vault Read userpass user
        call: hvault.readuserpassuser
        with:
          username: rest.username
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/userpass/users/{username}
      name: createorupdateuserpassuser
      operations:
      - method: POST
        name: createorupdateuserpassuser
        description: HashiCorp Vault Create or update userpass user
        call: hvault.createorupdateuserpassuser
        with:
          username: rest.username
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/userpass/users/{username}
      name: deleteuserpassuser
      operations:
      - method: DELETE
        name: deleteuserpassuser
        description: HashiCorp Vault Delete userpass user
        call: hvault.deleteuserpassuser
        with:
          username: rest.username
        outputParameters:
        - type: object
          mapping: $.
    - path: /auth/github/login
      name: loginwithgithub
      operations:
      - method: POST
        name: loginwithgithub
        description: HashiCorp Vault Login with GitHub
        call: hvault.loginwithgithub
        outputParameters:
        - type: object
          mapping: $.
  - type: mcp
    port: 9090
    namespace: hvault-mcp
    transport: http
    description: MCP adapter for HashiCorp Vault Vault Auth Methods API for AI agent use.
    tools:
    - name: createtoken
      description: HashiCorp Vault Create token
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: hvault.createtoken
      outputParameters:
      - type: object
        mapping: $.
    - name: createorphantoken
      description: HashiCorp Vault Create orphan token
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: hvault.createorphantoken
      outputParameters:
      - type: object
        mapping: $.
    - name: createtokenwithrole
      description: HashiCorp Vault Create token with role
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: hvault.createtokenwithrole
      with:
        role_name: tools.role_name
      inputParameters:
      - name: role_name
        type: string
        description: Name of the token role
        required: true
      outputParameters:
      - type: object
        mapping: $.
    - name: lookuptoken
      description: HashiCorp Vault Lookup token
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: hvault.lookuptoken
      outputParameters:
      - type: object
        mapping: $.
    - name: lookupselftoken
      description: HashiCorp Vault Lookup self token
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: hvault.lookupselftoken
      outputParameters:
      - type: object
        mapping: $.
    - name: renewtoken
      description: HashiCorp Vault Renew token
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: hvault.renewtoken
      outputParameters:
      - type: object
        mapping: $.
    - name: renewselftoken
      description: HashiCorp Vault Renew self token
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: hvault.renewselftoken
      outputParameters:
      - type: object
        mapping: $.
    - name: revoketoken
      description: HashiCorp Vault Revoke token
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: hvault.revoketoken
      outputParameters:
      - type: object
        mapping: $.
    - name: revokeselftoken
      description: HashiCorp Vault Revoke self token
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: hvault.revokeselftoken
      outputParameters:
      - type: object
        mapping: $.
    - name: readtokenrole
      description: HashiCorp Vault Read token role
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: hvault.readtokenrole
      outputParameters:
      - type: object
        mapping: $.
    - name: createorupdatetokenrole
      description: HashiCorp Vault Create or update token role
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: hvault.createorupdatetokenrole
      outputParameters:
      - type: object
        mapping: $.
    - name: deletetokenrole
      description: HashiCorp Vault Delete token role
      hints:
        readOnly: false
        destructive: true
        idempotent: true
      call: hvault.deletetokenrole
      outputParameters:
      - type: object
        mapping: $.
    - name: loginwithapprole
      description: HashiCorp Vault Login with AppRole
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: hvault.loginwithapprole
      outputParameters:
      - type: object
        mapping: $.
    - name: readapprole
      description: HashiCorp Vault Read AppRole
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: hvault.readapprole
      outputParameters:
      - type: object
        mapping: $.
    - name: createorupdateapprole
      description: HashiCorp Vault Create or update AppRole
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: hvault.createorupdateapprole
      outputParameters:
      - type: object
        mapping: $.
    - name: deleteapprole
      description: HashiCorp Vault Delete AppRole
      hints:
        readOnly: false
        destructive: true
        idempotent: true
      call: hvault.deleteapprole
      outputParameters:
      - type: object
        mapping: $.
    - name: readapproleroleid
      description: HashiCorp Vault Read AppRole role ID
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: hvault.readapproleroleid
      outputParameters:
      - type: object
        mapping: $.
    - name: generateapprolesecretid
      description: HashiCorp Vault Generate AppRole secret ID
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: hvault.generateapprolesecretid
      outputParameters:
      - type: object
        mapping: $.
    - name: loginwithkubernetes
      description: HashiCorp Vault Login with Kubernetes
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: hvault.loginwithkubernetes
      outputParameters:
      - type: object
        mapping: $.
    - name: readkubernetesconfig
      description: HashiCorp Vault Read Kubernetes auth configuration
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: hvault.readkubernetesconfig
      outputParameters:
      - type: object
        mapping: $.
    - name: configurekubernetesauth
      description: HashiCorp Vault Configure Kubernetes auth
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: hvault.configurekubernetesauth
      outputParameters:
      - type: object
        mapping: $.
    - name: readkubernetesrole
      description: HashiCorp Vault Read Kubernetes role
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: hvault.readkubernetesrole
      with:
        name: tools.name
      inputParameters:
      - name: name
        type: string
        description: Name of the role
        required: true
      outputParameters:
      - type: object
        mapping: $.
    - name: createorupdatekubernetesrole
      description: HashiCorp Vault Create or update Kubernetes role
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: hvault.createorupdatekubernetesrole
      with:
        name: tools.name
      inputParameters:
      - name: name
        type: string
        description: Name of the role
        required: true
      outputParameters:
      - type: object
        mapping: $.
    - name: deletekubernetesrole
      description: HashiCorp Vault Delete Kubernetes role
      hints:
        readOnly: false
        destructive: true
        idempotent: true
      call: hvault.deletekubernetesrole
      with:
        name: tools.name
      inputParameters:
      - name: name
        type: string
        description: Name of the role
        required: true
      outputParameters:
      - type: object
        mapping: $.
    - name: loginwithldap
      description: HashiCorp Vault Login with LDAP
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: hvault.loginwithldap
      with:
        username: tools.username
      inputParameters:
      - name: username
        type: string
        description: LDAP username
        required: true
      outputParameters:
      - type: object
        mapping: $.
    - name: loginwithjwt
      description: HashiCorp Vault Login with JWT/OIDC
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: hvault.loginwithjwt
      outputParameters:
      - type: object
        mapping: $.
    - name: loginwithuserpass
      description: HashiCorp Vault Login with username and password
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: hvault.loginwithuserpass
      with:
        username: tools.username
      inputParameters:
      - name: username
        type: string
        description: Username
        required: true
      outputParameters:
      - type: object
        mapping: $.
    - name: readuserpassuser
      description: HashiCorp Vault Read userpass user
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: hvault.readuserpassuser
      with:
        username: tools.username
      inputParameters:
      - name: username
        type: string
        description: Username
        required: true
      outputParameters:
      - type: object
        mapping: $.
    - name: createorupdateuserpassuser
      description: HashiCorp Vault Create or update userpass user
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: hvault.createorupdateuserpassuser
      with:
        username: tools.username
      inputParameters:
      - name: username
        type: string
        description: Username
        required: true
      outputParameters:
      - type: object
        mapping: $.
    - name: deleteuserpassuser
      description: HashiCorp Vault Delete userpass user
      hints:
        readOnly: false
        destructive: true
        idempotent: true
      call: hvault.deleteuserpassuser
      with:
        username: tools.username
      inputParameters:
      - name: username
        type: string
        description: Username
        required: true
      outputParameters:
      - type: object
        mapping: $.
    - name: loginwithgithub
      description: HashiCorp Vault Login with GitHub
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: hvault.loginwithgithub
      outputParameters:
      - type: object
        mapping: $.
binds:
- namespace: env
  keys:
    HVAULT_TOKEN: HVAULT_TOKEN