diff --git a/api/sys_rekey.go b/api/sys_rekey.go
new file mode 100644
index 0000000000..29a74a9194
--- /dev/null
+++ b/api/sys_rekey.go
@@ -0,0 +1,73 @@
+package api
+
+func (c *Sys) RekeyStatus() (*RekeyStatusResponse, error) {
+	r := c.c.NewRequest("GET", "/v1/sys/rekey/init")
+	resp, err := c.c.RawRequest(r)
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+
+	var result RekeyStatusResponse
+	err = resp.DecodeJSON(&result)
+	return &result, err
+}
+
+func (c *Sys) RekeyInit(config *RekeyInitRequest) error {
+	r := c.c.NewRequest("PUT", "/v1/sys/rekey/init")
+	if err := r.SetJSONBody(config); err != nil {
+		return err
+	}
+
+	resp, err := c.c.RawRequest(r)
+	if err == nil {
+		defer resp.Body.Close()
+	}
+	return err
+}
+
+func (c *Sys) RekeyCancel() error {
+	r := c.c.NewRequest("DELETE", "/v1/sys/rekey/init")
+	resp, err := c.c.RawRequest(r)
+	if err == nil {
+		defer resp.Body.Close()
+	}
+	return err
+}
+
+func (c *Sys) RekeyUpdate(shard string) (*RekeyUpdateResponse, error) {
+	body := map[string]interface{}{"key": shard}
+
+	r := c.c.NewRequest("PUT", "/v1/sys/rekey/update")
+	if err := r.SetJSONBody(body); err != nil {
+		return nil, err
+	}
+
+	resp, err := c.c.RawRequest(r)
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+
+	var result RekeyUpdateResponse
+	err = resp.DecodeJSON(&result)
+	return &result, err
+}
+
+type RekeyInitRequest struct {
+	SecretShares    int `json:"secret_shares"`
+	SecretThreshold int `json:"secret_threshold"`
+}
+
+type RekeyStatusResponse struct {
+	Started  bool
+	T        int
+	N        int
+	Progress int
+	Required int
+}
+
+type RekeyUpdateResponse struct {
+	Complete bool
+	Keys     []string
+}