doc: explain permissions for Vault sys/capabilties-self

2026-01-05 09:55:44 +03:00 · 2022-07-06 10:01:30 -04:00
parent 154bb23d23
commit b9e084a4b7
1 changed files with 2 additions and 1 deletions
--- a/website/content/docs/integrations/vault-integration.mdx
+++ b/website/content/docs/integrations/vault-integration.mdx
@@ -102,7 +102,8 @@ path "auth/token/revoke-accessor" {
 }

 # Allow checking the capabilities of our own token. This is used to validate the
-# token upon startup.
+# token upon startup. Note this requires update permissions because the Vault API
+# is a POST
 path "sys/capabilities-self" {
  capabilities = ["update"]
 }