# Allow tokens to query themselves
---
rules:
  - path: "auth/token/lookup-self"
    capabilities:
      - read
  - path: "auth/token/renew-self"
    capabilities:
      - update
  - path: "auth/token/revoke-self"
    capabilities:
      - update

auth:
  approle:
    - tf_vault