BetterCloud
diff --git a/‎src/main/java/com/bettercloud/vault/Vault.java‎
Lines changed: 1 addition & 0 deletions b/‎src/main/java/com/bettercloud/vault/Vault.java‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/main/java/com/bettercloud/vault/VaultConfig.java‎
Lines changed: 16 additions & 0 deletions b/‎src/main/java/com/bettercloud/vault/VaultConfig.java‎
Lines changed: 16 additions & 0 deletions
diff --git a/‎src/main/java/com/bettercloud/vault/api/Auth.java‎
Lines changed: 63 additions & 164 deletions b/‎src/main/java/com/bettercloud/vault/api/Auth.java‎
Lines changed: 63 additions & 164 deletions
diff --git a/‎src/main/java/com/bettercloud/vault/api/Debug.java‎
Lines changed: 4 additions & 3 deletions b/‎src/main/java/com/bettercloud/vault/api/Debug.java‎
Lines changed: 4 additions & 3 deletions
diff --git a/‎src/main/java/com/bettercloud/vault/api/Leases.java‎
Lines changed: 19 additions & 44 deletions b/‎src/main/java/com/bettercloud/vault/api/Leases.java‎
Lines changed: 19 additions & 44 deletions
@@ -224,6 +224,7 @@ private Map<String, String> collectSecretEngineVersions() {
             final RestResponse restResponse = new Rest()//NOPMD
                     .url(vaultConfig.getAddress() + "/v1/sys/mounts")
                     .header("X-Vault-Token", vaultConfig.getToken())
+                    .optionalHeader("X-Vault-Namespace", this.vaultConfig.getNameSpace())
                     .connectTimeoutSeconds(vaultConfig.getOpenTimeout())
                     .readTimeoutSeconds(vaultConfig.getReadTimeout())
                     .sslVerification(vaultConfig.getSslConfig().isVerify())
 
@@ -50,6 +50,8 @@ public class VaultConfig implements Serializable {
     private int retryIntervalMilliseconds;
     @Getter
     private Integer globalEngineVersion;
+    @Getter
+    private String nameSpace;
     private EnvironmentLoader environmentLoader;
 
     /**
@@ -73,6 +75,20 @@ public VaultConfig environmentLoader(final EnvironmentLoader environmentLoader)
         return this;
     }
 
+    /**
+     * <p>Optional. Sets a global namespace to the Vault server instance, if desired. Otherwise, namespace can be applied individually to any read / write / auth call.
+     *
+     * <p>Namespace support requires Vault Enterprise Pro, please see https://learn.hashicorp.com/vault/operations/namespaces</p>
+     *
+     * @param nameSpace The namespace to use globally in this VaultConfig instance.
+     * @return This object, with the namespace populated, ready for additional builder-pattern method calls or else
+     * finalization with the build() method
+     */
+    public VaultConfig nameSpace(final String nameSpace) {
+        this.nameSpace = nameSpace;
+        return this;
+    }
+
     /**
      * <p>Sets the KV Secrets Engine version of the Vault server instance.
      *
 
@@ -27,6 +27,9 @@ public class Debug {
 
     public Debug(final VaultConfig config) {
         this.config = config;
+        if (this.config.getNameSpace() != null && !this.config.getNameSpace().isEmpty()) {
+            this.nameSpace = this.config.getNameSpace();
+        }
     }
 
     public Debug withNameSpace(final String nameSpace) {
@@ -96,9 +99,7 @@ public HealthResponse health(
                 if (config.getToken() != null) {
                     rest.header("X-Vault-Token", config.getToken());
                 }
-                if (this.nameSpace != null && !this.nameSpace.isEmpty()) {
-                    rest.header("X-Vault-Namespace", this.nameSpace);
-                }
+                rest.optionalHeader("X-Vault-Namespace", this.nameSpace);
                 // Add params if present
                 if (standbyOk != null) rest.parameter("standbyok", standbyOk.toString());
                 if (activeCode != null) rest.parameter("activecode", activeCode.toString());
 
@@ -26,6 +26,9 @@ public class Leases {
 
     public Leases(final VaultConfig config) {
         this.config = config;
+        if (this.config.getNameSpace() != null && !this.config.getNameSpace().isEmpty()) {
+            this.nameSpace = this.config.getNameSpace();
+        }
     }
 
     public Leases withNameSpace(final String nameSpace) {
@@ -51,22 +54,15 @@ public VaultResponse revoke(final String leaseId) throws VaultException {
         int retryCount = 0;
         while (true) {
             try {
-                final RestResponse restResponse;
-                final Rest rest = new Rest()//NOPMD
+                final RestResponse restResponse = new Rest()//NOPMD
                         .url(config.getAddress() + "/v1/sys/revoke/" + leaseId)
                         .header("X-Vault-Token", config.getToken())
+                        .optionalHeader("X-Vault-Namespace", this.nameSpace)
                         .connectTimeoutSeconds(config.getOpenTimeout())
                         .readTimeoutSeconds(config.getReadTimeout())
                         .sslVerification(config.getSslConfig().isVerify())
-                        .sslContext(config.getSslConfig().getSslContext());
-
-                if (this.nameSpace != null && !this.nameSpace.isEmpty()) {
-                    restResponse = rest
-                            .header("X-Vault-Namespace", this.nameSpace)
-                            .put();
-                } else {
-                    restResponse = rest.put();
-                }
+                        .sslContext(config.getSslConfig().getSslContext())
+                        .put();
 
                 // Validate response
                 if (restResponse.getStatus() != 204) {
@@ -113,22 +109,15 @@ public VaultResponse revokePrefix(final String prefix) throws VaultException {
         int retryCount = 0;
         while (true) {
             try {
-                final RestResponse restResponse;
-                final Rest rest = new Rest()//NOPMD
+                final RestResponse restResponse = new Rest()//NOPMD
                         .url(config.getAddress() + "/v1/sys/revoke-prefix/" + prefix)
                         .header("X-Vault-Token", config.getToken())
+                        .optionalHeader("X-Vault-Namespace", this.nameSpace)
                         .connectTimeoutSeconds(config.getOpenTimeout())
                         .readTimeoutSeconds(config.getReadTimeout())
                         .sslVerification(config.getSslConfig().isVerify())
-                        .sslContext(config.getSslConfig().getSslContext());
-
-                if (this.nameSpace != null && !this.nameSpace.isEmpty()) {
-                    restResponse = rest
-                            .header("X-Vault-Namespace", this.nameSpace)
-                            .put();
-                } else {
-                    restResponse = rest.put();
-                }
+                        .sslContext(config.getSslConfig().getSslContext())
+                        .put();
 
                 // Validate response
                 if (restResponse.getStatus() != 204) {
@@ -178,22 +167,15 @@ public VaultResponse revokeForce(final String prefix) throws VaultException {
         int retryCount = 0;
         while (true) {
             try {
-                final RestResponse restResponse;
-                final Rest rest = new Rest()//NOPMD
+                final RestResponse restResponse = new Rest()//NOPMD
                         .url(config.getAddress() + "/v1/sys/revoke-force/" + prefix)
                         .header("X-Vault-Token", config.getToken())
+                        .optionalHeader("X-Vault-Namespace", this.nameSpace)
                         .connectTimeoutSeconds(config.getOpenTimeout())
                         .readTimeoutSeconds(config.getReadTimeout())
                         .sslVerification(config.getSslConfig().isVerify())
-                        .sslContext(config.getSslConfig().getSslContext());
-
-                if (this.nameSpace != null && !this.nameSpace.isEmpty()) {
-                    restResponse = rest
-                            .header("X-Vault-Namespace", this.nameSpace)
-                            .put();
-                } else {
-                    restResponse = rest.put();
-                }
+                        .sslContext(config.getSslConfig().getSslContext())
+                        .put();
 
                 // Validate response
                 if (restResponse.getStatus() != 204) {
@@ -248,23 +230,16 @@ public VaultResponse renew(final String leaseId, final long increment) throws Va
         while (true) {
             try {
                 final String requestJson = Json.object().add("increment", increment).toString();
-                final RestResponse restResponse;
-                final Rest rest = new Rest()//NOPMD
+                final RestResponse restResponse = new Rest()//NOPMD
                         .url(config.getAddress() + "/v1/sys/renew/" + leaseId)
                         .header("X-Vault-Token", config.getToken())
+                        .optionalHeader("X-Vault-Namespace", this.nameSpace)
                         .body(increment < 0 ? null : requestJson.getBytes(StandardCharsets.UTF_8))
                         .connectTimeoutSeconds(config.getOpenTimeout())
                         .readTimeoutSeconds(config.getReadTimeout())
                         .sslVerification(config.getSslConfig().isVerify())
-                        .sslContext(config.getSslConfig().getSslContext());
-
-                if (this.nameSpace != null && !this.nameSpace.isEmpty()) {
-                    restResponse = rest
-                            .header("X-Vault-Namespace", this.nameSpace)
-                            .post();
-                } else {
-                    restResponse = rest.post();
-                }
+                        .sslContext(config.getSslConfig().getSslContext())
+                        .post();
 
                 // Validate response
                 if (restResponse.getStatus() != 200) {