I wanted to let users change their own password within HashiCorp's Vault (assuming, we're using userpass auth).
I don't find any way to do so. Can anyone Help?
I believe this link has your answer.
It would look something like this
# Allow updating the password via the `users/<username>` endpoint
path "auth/userpass/users/{{identity.entity.aliases.auth_userpass_6671d643.name}}" {
capabilities = [ "update" ]
allowed_parameters = {
"password" = []
}
}
# Allow updating the password via the `users/<username>/password` endpoint (used by the web UI)
path "auth/userpass/users/{{identity.entity.aliases.auth_userpass_6671d643.name}}/password" {
capabilities = [ "update" ]
}
where auth_userpass_6671d643 is the mount of your userpass authentication and can be retrieved via vault auth list command.