Introduction
It may happen, so when you try to access HCP Vault via the web UI, you end up with an error: "403 Not authorized" as in the screenshot above.
This would usually happen when logging in to the HCP Vault using a token generated from the HashiCorp Cloud Platform >> Vault >> New admin token >> Generate token.
Problem
The main reason for the error to occur would be that the token you are using had expired.
Cause
When you initially login to the HCP Vault web UI, it creates a localStorage read-only property within your browser with a few key-value pairs:
Key:
vault-token
Value:
{"userRootNamespace":"admin","displayName":"token-hcp-root","backend":{"type":"token","typeDisplay":"Token","description":"Token authentication.","tokenPath":"id","displayNamePath":"display_name","formAttributes":["token"]},"token":"hvs.secret","policies":["default","hcp-root"],"renewable":false,"entity_id":"secret"}
While the Vault Token generated via the HCP has a TTL of six hours, the localStorage data has no expiration time. You will need to either Sign out as explained above to invalidate the session, clear the pair manually, or clear the browser's cache and cookies.
Solution
To log in to HCP Vault again, you need to:
1. Sign out of the current HCP Vault web UI session:
2. Generate a new token: HashiCorp Cloud Platform >> Vault >> New admin token >> Generate token >> and use it to login instead.
If you need further assistance with this or any other issue, please do not hesitate to contact us!