Skip to main content

List all actions


Lists built-in and custom actions.

The role performing this operation must have:

  • The CapActionReader capability.
  • At least one allowing policy and no denying policies for the read operation for all actions.

See identity and access management for more information about how capabilities are used to control access to operations and policies are used to control access to data.

Possible responses

The request is successful.

array of objects required*
Each object:

An action definition.

  • name - string required*

    The name of the action.

  • description - string

    A description of the action.

  • function - string required*

    The bundle and function name formatted as <bundle-name>.<function-name>.

  • role - string

    The IAM role for the action. The role determine the operations or data available to the action. For example, a role can allow an action to read the email address from any object but deny it from reading credit card numbers.

  • is_builtin - boolean

    Whether this action is built-in or user-defined. Sending a value for this field is ignored.

  • creation_time - string

    The time when the action was created.

  • modification_time - string

    The time when the action was last modified.

"name": "string",
"description": "string",
"function": "bundle1.function1",
"role": "string"

Try the API


Navigate to the docs of your local Vault installation to try the API directly from there.

Code examples