hashicorp · VioletHynes · Jan 25, 2023 · Jan 20, 2023 · Jan 20, 2023 · Jan 20, 2023
@@ -77,7 +77,7 @@ auto_auth {
 }
 
 
-cache {
+api_proxy {
   use_auto_auth_token = true
 }
 

@@ -0,0 +1,65 @@
+---
+layout: docs
+page_title: Vault Agent Auto-Auth Token File Method
+description: Token File Method for Vault Agent Auto-Auth
+---
+
+~> Note: This authentication method is tailored for the development experience.
+For production Agent installs, we recommend another authentication method.
+
+# Vault Agent Auto-Auth Token File Method
+
+The `token_file` method reads in an existing, valid Vault token from a file, and uses that
+token in lieu of authenticating itself. While it's a first class auto-auth method for all intents
+and purposes, it naturally doesn't authenticate itself, as it requires a token from elsewhere. Like
+other auto-auth methods, Agent will attempt to renew the token, as appropriate.
+
+This auto-auth method is especially useful when testing Vault Agent without needing to set up
+any authentication methods in Vault. For long-running Agent processes, we'd recommend another
+auto-auth method, such that Agent is issuing its own authentication requests to Vault.
+
+## Configuration
+
+- `token_file_path` `(string: required)` - The path to the file with the token inside. This token cannot be a wrapping token.
+
+## Example Configuration
+
+An example configuration, using the `token_file` method to enable [auto-auth](/docs/agent/autoauth), follows:
+
+```hcl
+pid_file = "./pidfile"
+
+vault {
+  address = "https://127.0.0.1:8200"
+}
+
+auto_auth {
+  method {
+    type      = "token_file"
+
+    config = {
+      token_file_path = "~/.vault-token"
+    }
+  }
+}
+
+
+api_proxy {
+  use_auto_auth_token = true
+}
+
+listener "tcp" {
+  address = "127.0.0.1:8100"
+  tls_disable = true
+}
+
+template {
+  source      = "/etc/vault/server.key.ctmpl"
+  destination = "/etc/vault/server.key"
+}
+
+template {
+  source      = "/etc/vault/server.crt.ctmpl"
+  destination = "/etc/vault/server.crt"
+}
+```
@@ -901,6 +901,10 @@
               {
                 "title": "Kubernetes",
                 "path": "agent/autoauth/methods/kubernetes"
+              },
+              {
+                "title": "Token File",
+                "path": "agent/autoauth/methods/token_file"
               }
             ]
           },
-Original file line number
+Diff line change
@@ Expand Up / @@ -77,7 +77,7 @@ auto_auth { @@
     }
-    cache {
+    api_proxy {
       use_auto_auth_token = true
     }
@@ Expand Down @@