They are used to manage user roles in Vault.

They are the primary method of authentication in Vault.

They are used to encrypt data in Vault.

They are the only way to store data in Vault.

Service tokens are for internal use, while batch tokens are for external use.

Service tokens are long-lived, while batch tokens are short-lived.

Service tokens are used for authentication, while batch tokens are used for data storage.

Service tokens are temporary, while batch tokens are permanent.

To create new tokens.

To encrypt data.

To manage user permissions.

To perform administrative tasks.

To encrypt the token data.

To provide a way to look up and manage tokens without revealing the token itself.

To convert a batch token into a service token.

To extend the life of a token.

Based on the number of users accessing Vault.

Based on the size of the data being stored.

Based on the security level of the data.

Based on the specific needs and use cases.