---
layout: commands
page_title: 'Commands: ACL Bootstrap'
description: >-
  The `consul acl bootstrap` command generates a new token with unlimited privileges to use for management purposes and outputs the token's details.
---

# Consul ACL Bootstrap

Command: `consul acl bootstrap`

Corresponding HTTP API Endpoint: [\[PUT\] /v1/acl/bootstrap](/consul/api-docs/acl#bootstrap-acls)

The `acl bootstrap` command  generates a new token with unlimited privileges to use
for management purposes and outputs the token's details. Optionally, you can provide a Secret ID to use instead of generating a completely new token. You can create this bootstrapping token only once and afterwards bootstrapping
will be disabled. If all tokens are lost and you need to bootstrap again you can follow the bootstrap
[reset procedure](/consul/tutorials/security/access-control-troubleshoot).

The table below shows this command's [required ACLs](/consul/api-docs/api-structure#authentication). Configuration of
[blocking queries](/consul/api-docs/features/blocking) and [agent caching](/consul/api-docs/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.

| ACL Required |
| ------------ |
| `none`       |

## Usage

Usage: `consul acl bootstrap [options] [FILE]`

If a file is supplied (or `-` for standard input), the new token's Secret ID is read from the file.
Otherwise, Consul creates a new one.

#### Command Options

- `-format={pretty|json}` - Command output format. The default value is `pretty`.

The output looks like this:

```text
AccessorID:   4d123dff-f460-73c3-02c4-8dd64d136e01
SecretID:     86cddfb9-2760-d947-358d-a2811156bf31
Description:  Bootstrap Token (Global Management)
Local:        false
Create Time:  2018-10-22 11:27:04.479026 -0400 EDT
Policies:
   00000000-0000-0000-0000-000000000001 - global-management
```

#### API Options

@include 'http_api_options_client.mdx'

@include 'http_api_options_server.mdx'