From 4bf07906e42afb9e1c91e2db0d7de527fe9a9bee Mon Sep 17 00:00:00 2001
From: Violet Hynes <violet.hynes@hashicorp.com>
Date: Fri, 20 May 2022 15:10:41 -0400
Subject: [PATCH 1/3] VAULT-6131 OpenAPI schema now includes /auth/token
 endpoints when explicit permission has been granted

---
 vault/logical_system.go | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/vault/logical_system.go b/vault/logical_system.go
index 7af2a737f884..a13bc6b46a1a 100644
--- a/vault/logical_system.go
+++ b/vault/logical_system.go
@@ -3711,7 +3711,11 @@ func (b *SystemBackend) pathInternalUIMountsRead(ctx context.Context, req *logic
 		}
 
 		if isAuthed {
-			return hasMountAccess(ctx, acl, me.Namespace().Path+me.Path)
+			if me.Table == "auth" {
+				return hasMountAccess(ctx, acl, me.Namespace().Path+me.Table+"/"+me.Path)
+			} else {
+				return hasMountAccess(ctx, acl, me.Namespace().Path+me.Path)
+			}
 		}
 
 		return false

From 2b474da010b10d1a0116126e1061e694f57f9aa6 Mon Sep 17 00:00:00 2001
From: Violet Hynes <violet.hynes@hashicorp.com>
Date: Fri, 20 May 2022 15:36:15 -0400
Subject: [PATCH 2/3] VAULT-6131 add changelog

---
 changelog/15552.txt | 3 +++
 1 file changed, 3 insertions(+)
 create mode 100644 changelog/15552.txt

diff --git a/changelog/15552.txt b/changelog/15552.txt
new file mode 100644
index 000000000000..97a68da36e63
--- /dev/null
+++ b/changelog/15552.txt
@@ -0,0 +1,3 @@
+```release-note:bug
+openapi: Fixed issue where information about /auth/token endpoints was not present with explicit policy permissions
+```

From 6ade6ebbf7741f74fe5656c1cd1d23f88d21fbc2 Mon Sep 17 00:00:00 2001
From: Violet Hynes <violet.hynes@hashicorp.com>
Date: Tue, 31 May 2022 10:45:53 -0400
Subject: [PATCH 3/3] VAULT-6131 Update changelog and fix related bug

---
 changelog/15552.txt     |  3 +++
 vault/logical_system.go | 14 +++++++++++---
 2 files changed, 14 insertions(+), 3 deletions(-)

diff --git a/changelog/15552.txt b/changelog/15552.txt
index 97a68da36e63..22d854bc54b4 100644
--- a/changelog/15552.txt
+++ b/changelog/15552.txt
@@ -1,3 +1,6 @@
 ```release-note:bug
 openapi: Fixed issue where information about /auth/token endpoints was not present with explicit policy permissions
 ```
+```release-note:bug
+api: Fixed issue with internal/ui/mounts and internal/ui/mounts/(?P<path>.+) endpoints where it was not properly handling /auth/
+```
\ No newline at end of file
diff --git a/vault/logical_system.go b/vault/logical_system.go
index a13bc6b46a1a..daeccb452823 100644
--- a/vault/logical_system.go
+++ b/vault/logical_system.go
@@ -3825,10 +3825,18 @@ func (b *SystemBackend) pathInternalUIMountRead(ctx context.Context, req *logica
 	}
 	resp.Data["path"] = me.Path
 
-	fullMountPath := ns.Path + me.Path
+	pathWithTable := ""
+
+	if me.Table == "auth" {
+		pathWithTable = me.Table + "/" + me.Path
+	} else {
+		pathWithTable = me.Path
+	}
+
+	fullMountPath := ns.Path + pathWithTable
 	if ns.ID != me.Namespace().ID {
-		resp.Data["path"] = me.Namespace().Path + me.Path
-		fullMountPath = ns.Path + me.Namespace().Path + me.Path
+		resp.Data["path"] = me.Namespace().Path + pathWithTable
+		fullMountPath = ns.Path + me.Namespace().Path + pathWithTable
 	}
 
 	if !hasMountAccess(ctx, acl, fullMountPath) {