mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-09-07 06:51:07 +02:00
Code Issues Projects Releases Wiki Activity
vault/website/content/api-docs/system/unseal.mdx
Erica Thompson 0660ea6fac
Update README (#31244) 
* Update README

Let contributors know that docs will now be located in UDR

* Add comments to each mdx doc

Comment has been added to all mdx docs that are not partials

* chore: added changelog

changelog check failure

* wip: removed changelog

* Fix content errors

* Doc spacing

* Update website/content/docs/deploy/kubernetes/vso/helm.mdx

Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>

---------

Co-authored-by: jonathanfrappier <92055993+jonathanfrappier@users.noreply.github.com>
Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
2025-07-22 08:12:22 -07:00

85 lines
2.2 KiB
Plaintext
Raw Permalink Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
layout: api
page_title: /sys/unseal - HTTP API
description: The `/sys/unseal` endpoint is used to unseal the Vault.
---
> [!IMPORTANT]
> **Documentation Update:** Product documentation, which were located in this repository under `/website`, are now located in [`hashicorp/web-unified-docs`](https://github.com/hashicorp/web-unified-docs), colocated with all other product documentation. Contributions to this content should be done in the `web-unified-docs` repo, and not this one. Changes made to `/website` content in this repo will not be reflected on the developer.hashicorp.com website.
# `/sys/unseal`
@include 'alerts/restricted-root.mdx'
The `/sys/unseal` endpoint is used to unseal the Vault.
## Submit unseal key
This endpoint is used to enter a single root key share to progress the
unsealing of the Vault. If the threshold number of root key shares is reached,
Vault will attempt to unseal the Vault. Otherwise, this API must be called
multiple times until that threshold is met.
Either the `key` or `reset` parameter must be provided; if both are provided,
`reset` takes precedence.
| Method | Path |
| :----- | :------------ |
| `POST` | `/sys/unseal` |
### Parameters
- `key` `(string: "")` Specifies a single root key share. This is required
unless `reset` is true.
- `reset` `(bool: false)`  Specifies if previously-provided unseal keys are
discarded and the unseal process is reset.
- `migrate` `(bool: false)` - Used to migrate the seal from shamir to autoseal
or autoseal to shamir. Must be provided on all unseal key calls.
### Sample payload
```json
{
"key": "abcd1234..."
}
```
### Sample request
```shell-session
$ curl \
--request POST \
--data @payload.json \
http://127.0.0.1:8200/v1/sys/unseal
```
### Sample response
The "t" parameter is the threshold, and "n" is the number of shares.
```json
{
"sealed": true,
"t": 3,
"n": 5,
"progress": 2,
"version": "0.6.2"
}
```
Sample response when Vault is unsealed.
```json
{
"sealed": false,
"t": 3,
"n": 5,
"progress": 0,
"version": "0.6.2",
"cluster_name": "vault-cluster-d6ec3c7f",
"cluster_id": "3e8b3fec-3749-e056-ba41-b62a63b997e8"
}
```
Reference in New Issue View Git Blame Copy Permalink