HashiConf 2025 Don't miss the live stream of HashiConf Day 2 happening now View live stream
Vault
Vault Home

You are viewing documentation for version v1.19.x. View latest version.

/sys/seal

Restricted endpoint

Clients must call the API path from the root namespace.

The /sys/seal endpoint seals the Vault.

Seal

This endpoint seals the Vault. In HA mode, only an active node can be sealed. Standby nodes should be restarted to get the same effect. Requires a token with root policy or sudo capability on the path.

MethodPath
POST/sys/seal

Sample request

$ curl \
    --header "X-Vault-Token: ..." \
    --request POST \
    http://127.0.0.1:8200/v1/sys/seal
Edit this page on GitHub