Vault Playground

About Vault Playground

Predix Vault service runs in a controlled environment where connectivity can only be established from Predix applications. The Vault Playground provides you an environment to test the Predix Vault features from applications running outside of Predix, for example, your local environment. Using the Vault Playground, you can locally host applications and test them against the Predix Vault APIs.

Note: Secrets stored cannot be retrieved once the token is expired.

You can use the Predix Vault APIs to perform the following tasks:

Create a Vault Token

API	`/provision`
URL	US-WEST environments: `https://predix-vault-playground.run.aws-usw02-dev.ice.predix.io/provision` `https://predix-vault-playground.run.aws-usw02-pr.ice.predix.io/provision`
Description	Creates a Vault token that is valid for 32 days and returns the Vault URL.
Method	`POST`
Header	None
Parameters	None
Response	A `200` response is returned.
Example	`Request : curl -v --request POST https://predix-vault-playground.run.aws-usw02-dev.ice.predix.io/provision Response : { "vaultUrl": "https://predix-vault-playground.run.aws-usw02-dev.ice.predix.io/v1/cubbyhole/", "vaultToken": "f72a7ee7-63fe-fbe1-e6fe-e21e63e98011", "vaultAccessor": "ab19fc89-4aea-6e5e-630d-cde0c7ed8403", "renewTokenUrl": "https://predix-vault-playground.run.aws-usw02-dev.ice.predix.io/v1/auth/token/renew-self" }`

Store a Secret

API	`v1/cubbyhole/<path>`
URL	US-WEST environments: `https://predix-vault-playground.run.aws-usw02-dev.ice.predix.io/v1/cubbyhole/<path>` `https://predix-vault-playground.run.aws-usw02-pr.ice.predix.io/v1/cubbyhole/<path>` Where, `<path>` is the root path to your Vault service instance.
Description	Stores a secret at the specified location
Method	`POST/ PUT`
Request	Specify a key (in JSON format) name paired with an associated value to be stored at the given path.. You can specify multiple key/value pairs.
Header	`X-Vault-Token: <token>` Where, `<token>` is the token that you received when you create a vault token.
Parameters	None
Response	A `204` (No Content) response is returned.
Example	`Request: curl -v --header "X-Vault-Token:<token>" --request POST --data '{"zip":"zap","foo":"bar"}' https://predix-vault-playground.run.aws-usw02-dev.ice.predix.io/v1/cubbyhole/<path> Response: No content`

Retrieve a Secret

API	`v1/cubbyhole/<path>`
URL	US-WEST environments: `https://predix-vault-playground.run.aws-usw02-dev.ice.predix.io/v1/cubbyhole/<path>` `https://predix-vault-playground.run.aws-usw02-pr.ice.predix.io/v1/cubbyhole/<path>` Where, `<path>` is the root path to your Vault instance.
Description	Retrieve the secret at the specified location
Method	`GET`
Request	None
Header	`X-Vault-Token: <token>` Where, `<token>` is the toke that you received when you create a vault token.
Response	A `200` response is returned.
Example	`Request: curl -v --header "X-Vault-Token:<token>" --request GET https://predix-vault-playground.run.aws-usw02-dev.ice.predix.io/v1/cubbyhole/<Path> Response: { "request_id": "954416f9-af97-d266-722e-f68fc773a718", "lease_id": "", "renewable": false, "lease_duration": 0, "data": { "foo": "bar", "zip": "zap" }, "wrap_info": null, "warnings": null, "auth": null }`

Retrieve a List of Key Names

API	`v1/cubbyhole/<path>`
URL	US-WEST environments: `https://predix-vault-playground.run.aws-usw02-dev.ice.predix.io/v1/cubbyhole` `https://predix-vault-playground.run.aws-usw02-pr.ice.predix.io/v1/cubbyhole/<path>` Where, `<path>` is the root path to your vault instance.
Description	Returns a list of key names at the specified location.
Method	`LIST`
Request	None
Header	`X-Vault-Token: <token>` Where, `<token>` is the toke that you received when you create a vault token.
Response	A `200` response is returned.
Example	`Request: curl -v --header "X-Vault-Token:<token>" --request LIST https://predix-vault-playground.run.aws-usw02-dev.ice.predix.io/v1/cubbyhole The example below shows output for a query path of cubbyhole/ when there are secrets at cubbyhole/foo. Response: { "request_id": "a6affb42-30eb-64cc-4c62-2798aaf7bef6", "lease_id": "", "renewable": false, "lease_duration": 0, "data": { "keys": ["myfirstkey"] }, "wrap_info": null, "warnings": null, "auth": null }`

Delete a Secret

API	`v1/cubbyhole/<path>`
URL	US-WEST environments: `https://predix-vault-playground.run.aws-usw02-dev.ice.predix.io/v1/cubbyhole/<path>` `https://predix-vault-playground.run.aws-usw02-pr.ice.predix.io/v1/cubbyhole/<path>` Where, `<path>` is the root path to your Vault instance.
Description	Deletes a secret at the specified location.
Method	`Delete`
Request	None
Header	`X-Vault-Token: <token>` Where, `<token>` is the toke that you received when you create a vault token.
Parameter	None
Response	A `204 (No Content)` response is returned.
Example	`Request: curl -v --header "X-Vault-Token:<token>" --request DELETE https://predix-vault-playground.run.aws-usw02-dev.ice.predix.io/v1/cubbyhole/<path> Response: No content`