Policy parameters template rendering

[axi92]

Is your feature request related to a problem? Please describe. I tried to setup MFA the setup permission was working fine with:

path "/identity/mfa/method/totp/generate" {
  capabilities = ["create", "read", "list", "update"]
  required_parameters = ["method_id"]
}

But then I came accross the usecase that a user want to renew his OTP because he lost his phone or what ever and I tried this: https://developer.hashicorp.com/vault/docs/concepts/policies#templated-policies

path "/identity/mfa/method/totp/admin-destroy" {
  capabilities = ["delete", "read", "list", "update"]
  required_parameters = ["entity_id", "method_id"]
  allowed_parameters = {
    "entity_id" = ["{{identity.entity.id}}"]
    "method_id" = []
  }
}

But that does not work for me. Am I doing something wrong?

Describe the solution you'd like I checked the docs and found out only path templates are implemented.

Describe alternatives you've considered I dont know if it is possible to manage it on a path base / per user path based policy so I have not tried that.

Explain any additional use-cases Renew the OTP in you Authenticator App, if you lost it, uninstalled it or something else happens that when you are still signed in that you want to renew your OTP.

Additional context I used this setup on my local machine with a vault in dev mode and followed this tutorial: https://developer.hashicorp.com/vault/tutorials/auth-methods/active-directory-mfa-login-totp

[Syoc]

I read #6202 as saying that you cannot use templating inside the path braces of a policy.