Demo UserPass Auth Method

Prerequisites
1. Verify Existing Auth Methods
2. Enable the Userpass Auth Method
3. Create Userpass Users
3.1 Create User “frank”
3.2 Create User “jamie”
4. List and Inspect User Configurations
4.1 List All Users
4.2 Read a User’s Settings
5. Authenticate with Userpass
5.1 Login as “jamie”
5.2 Login as “frank”
References

In this tutorial, you’ll learn how to enable and use the userpass authentication method in HashiCorp Vault. This approach is ideal for simple username/password scenarios.

Prerequisites

Vault CLI installed and configured
Vault server unsealed and reachable
A Vault token with root or sudo privileges

For more details on installing Vault, see the Vault Installation Guide.

1. Verify Existing Auth Methods

Before enabling new methods, check which authentication backends are active:

vault auth list

Example output:

Path	Type	Description
token/	token	default token-based credentials

The token method is enabled by default and provides basic token authentication.

2. Enable the Userpass Auth Method

Activate the userpass backend at its default path:

vault auth enable userpass

Expected response:

Success! Enabled userpass auth method at: userpass/

3. Create Userpass Users

Add individual users under auth/userpass/users. Each user can be assigned one or more policies.

Username	Password	Policies
frank	vault	bryan
jamie	cloud	bryan

3.1 Create User “frank”

vault write auth/userpass/users/frank \
    password=vault \
    policies=bryan

3.2 Create User “jamie”

vault write auth/userpass/users/jamie \
    password=cloud \
    policies=bryan

Storing plaintext passwords in scripts can be insecure. Consider using environment variables or a secure secrets store.

4. List and Inspect User Configurations

4.1 List All Users

vault list auth/userpass/users

Example output:

Keys
----
frank
jamie

4.2 Read a User’s Settings

Inspect configuration for user jamie:

vault read auth/userpass/users/jamie

Key settings include token TTLs, policies, and CIDR restrictions.

5. Authenticate with Userpass

After creating users, log in using the userpass method. Each login issues a distinct Vault token.

vault login -method=userpass username=jamie

Enter password when prompted:

Password (will be hidden): cloud
Success! You are now authenticated.

vault login -method=userpass username=frank

Enter password:

Password (will be hidden): vault
Success! You are now authenticated.

Each session returns token details:

Field	Description
`token`	Your Vault token
`token_policies`	Applied policies (`bryan`, `default`)
`token_duration`	Token TTL
`token_meta_username`	Username metadata

References

Watch Video

Practice Lab

Demo Okta Auth Method

Exam Tips for Objective 1

⌘I

Introduction

Introduction to Vault

Learning the Vault Architecture

Installing Vault

Compare Authentication Methods

Create Vault Policies

Assess Vault Tokens

Compare and Configure Secrets Engines

Vault Agent

Vault Replication

Demo UserPass Auth Method

Prerequisites

1. Verify Existing Auth Methods

2. Enable the Userpass Auth Method

3. Create Userpass Users

3.1 Create User “frank”

3.2 Create User “jamie”

4. List and Inspect User Configurations

4.1 List All Users

4.2 Read a User’s Settings

5. Authenticate with Userpass

References

Watch Video

Practice Lab

Introduction

Introduction to Vault

Learning the Vault Architecture

Installing Vault

Compare Authentication Methods

Create Vault Policies

Assess Vault Tokens

Compare and Configure Secrets Engines

Vault Agent

Vault Replication

​Prerequisites

​1. Verify Existing Auth Methods

​2. Enable the Userpass Auth Method

​3. Create Userpass Users

​3.1 Create User “frank”

​3.2 Create User “jamie”

​4. List and Inspect User Configurations

​4.1 List All Users

​4.2 Read a User’s Settings

​5. Authenticate with Userpass

​5.1 Login as “jamie”

​5.2 Login as “frank”

​References

Watch Video

Practice Lab

Prerequisites

1. Verify Existing Auth Methods

2. Enable the Userpass Auth Method

3. Create Userpass Users

3.1 Create User “frank”

3.2 Create User “jamie”

4. List and Inspect User Configurations

4.1 List All Users

4.2 Read a User’s Settings

5. Authenticate with Userpass

5.1 Login as “jamie”

5.2 Login as “frank”

References