From 209bbd877df7c903bd58d4e6104043be34e18e0b Mon Sep 17 00:00:00 2001
From: hc-github-team-secure-vault-core
 <82990506+hc-github-team-secure-vault-core@users.noreply.github.com>
Date: Wed, 12 Apr 2023 16:38:30 -0400
Subject: [PATCH] backport of commit 5a4a7639d14890ebb21cfaa46044bab1f50b4717
 (#20075)

Co-authored-by: John-Michael Faircloth <fairclothjm@users.noreply.github.com>
---
 website/content/api-docs/secret/ldap.mdx | 29 ++++++++++++++++++++++++
 1 file changed, 29 insertions(+)

diff --git a/website/content/api-docs/secret/ldap.mdx b/website/content/api-docs/secret/ldap.mdx
index bd93acc5d4ac..1bc96a1feacb 100644
--- a/website/content/api-docs/secret/ldap.mdx
+++ b/website/content/api-docs/secret/ldap.mdx
@@ -547,6 +547,35 @@ The username template cannot use this function.
 `utf16le` - Encodes the provided value into UTF16-LE.<br />
 **Example:** `{{.FieldName | utf16le}}`
 
+## Dynamic Role Passwords
+
+The `creds` endpoint offers the credential information for a given dynamic role.
+
+| Method | Path                               |
+| :----- | :--------------------------------- |
+| `GET`  | `/ldap/creds/:role_name` |
+
+#### Sample Get Request
+
+```shell-session
+$ curl \
+    --header "X-Vault-Token: ..." \
+    --request GET \
+    http://127.0.0.1:8200/v1/ldap/creds/dynamic-role
+```
+
+#### Sample Get Response
+
+```json
+{
+  "distinguished_names": [
+    "cn=v_token-dispname_testrole_jmZMnjS42a_1680580467,ou=users,dc=hashicorp,dc=com"
+  ],
+  "password": "OWexB3OzYYLFiotWxUS2EheGpriwR20fa2yA7JGTsnBREcxyqpwf73htofMihxcC",
+  "username": "v_token-dispname_testrole_jmZMnjS42a_1680580467"
+}
+```
+
 ## Library Set Management
 
 The `library` endpoint configures the sets of service accounts that Vault will offer for check-out.