--- layout: commands page_title: 'Commands: ACL Bootstrap' description: >- The `consul acl bootstrap` command generates a new token with unlimited privileges to use for management purposes and outputs the token's details. --- # Consul ACL Bootstrap Command: `consul acl bootstrap` Corresponding HTTP API Endpoint: [\[PUT\] /v1/acl/bootstrap](/consul/api-docs/acl#bootstrap-acls) The `acl bootstrap` command generates a new token with unlimited privileges to use for management purposes and outputs the token's details. Optionally, you can provide a Secret ID to use instead of generating a completely new token. You can create this bootstrapping token only once and afterwards bootstrapping will be disabled. If all tokens are lost and you need to bootstrap again you can follow the bootstrap [reset procedure](https://learn.hashicorp.com/consul/security-networking/acl-troubleshooting?utm_source=docs). The table below shows this command's [required ACLs](/consul/api-docs/api-structure#authentication). Configuration of [blocking queries](/consul/api-docs/features/blocking) and [agent caching](/consul/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | | ------------ | | `none` | ## Usage Usage: `consul acl bootstrap [options] [FILE]` If a file is supplied (or `-` for standard input), the new token's Secret ID is read from the file. Otherwise, Consul creates a new one. #### Command Options - `-format={pretty|json}` - Command output format. The default value is `pretty`. The output looks like this: ```text AccessorID: 4d123dff-f460-73c3-02c4-8dd64d136e01 SecretID: 86cddfb9-2760-d947-358d-a2811156bf31 Description: Bootstrap Token (Global Management) Local: false Create Time: 2018-10-22 11:27:04.479026 -0400 EDT Policies: 00000000-0000-0000-0000-000000000001 - global-management ``` #### API Options @include 'http_api_options_client.mdx' @include 'http_api_options_server.mdx'