Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

400 error from resultant-acl endpoint #14097

Closed
candlerb opened this issue Feb 16, 2022 · 1 comment
Closed

400 error from resultant-acl endpoint #14097

candlerb opened this issue Feb 16, 2022 · 1 comment
Labels
bug Used to indicate a potential bug ui

Comments

@candlerb
Copy link
Contributor

Describe the bug
The Vault web UI is generating requests to /v1/sys/internal/ui/resultant-acl which are rejected by the server with error 400.

To Reproduce
Steps to reproduce the behavior:

  1. Open an incognito window
  2. Open the browser developer console, network tab
  3. Connect to Vault
  4. Look at network activity

image
image

I am using Chrome 98 under macOS 12.2.1

Expected behavior
This isn't causing any problems that I can tell, except that it confused me while debugging another login problem which turned out to be unrelated - i.e. this error led me down a blind alley.

The documentation says that "this ... is an unauthenticated endpoint", and therefore I was surprised to see these errors.

If a token is required to access this endpoint (as the response implies), then I think it would be better if the UI were not to submit the request in the first place, knowing that it doesn't have one.

Environment:

  • Vault Server Version (retrieve with vault status): 1.9.3
  • Vault CLI Version (retrieve with vault version): N/A
  • Server Operating System/Architecture: Ubuntu 20.04 x86_64
@zofskeez
Copy link
Contributor

@candlerb thanks for reporting this! #17139 updates the documentation and the UI no longer sends requests to that endpoint when unauthenticated.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Used to indicate a potential bug ui
Projects
None yet
Development

No branches or pull requests

4 participants