Integrating HashiCorp Vault Authentication to a Website

1 hour
  • 3 Learning Objectives

About this Hands-on Lab

In this lab, we will need to set up a web application and configure it to use HashiCorp vault for authentication, without storing user credentials to a local database.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Unseal the Vault and Login with the Root Token
  1. In the Vault Server, retrieve the vault keys.
  2. Unseal the vault.
  3. Log in with the Initial Root Token.
Enable Kv Secrets Engine and Create a Token with a Policy That Allows Access to It
  1. Enable kv secrets engine.
  2. Start python3.6.
  3. In the Python Interactive Console, create a hash.
  4. Copy the hash.
  5. Write a key-value secret using the email and hash.
  6. Create a policy file named web-policy.hcl, and give it read permissions.
  7. Write the policy.
  8. Create a token with the new policy.
  9. Copy the client_token
  10. Test out the token.
Install `pip for python3`, the `Django` framework, and Allow the Web Server to Access the App
  1. Clone the Git repository.
  2. Install python3-pip.
  3. Using pip3, install the Django framework.
  4. Open the file.
  5. Add the Web Server public IP address to the ALLOWED_HOSTS.
  6. Save the file.
  7. Open the file.
  8. In the get_hashed_vault_creds() function, change the url and hdr.
  9. Save the file.
  10. Change to the HashiCorp-Vault/ directory.
  11. Run the django app.
  12. Open a web browser, go to, and test the login.

Additional Resources

  1. Use dig to get the domain name of the server or open the Domain file:
    dig -x <SERVER_PUBLIC_IP>
    cat /home/cloud_user/Domain
  2. Vault keys and root token are located at:
  3. GitHub repository:

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?