c0b466d920
Co-authored-by: Paul Glass <pglass@hashicorp.com> Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com> Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>
23 lines
982 B
Plaintext
23 lines
982 B
Plaintext
### Authentication
|
|
|
|
You must provide an ACL token linked to a policy with `acl:write` permissions to create and modify ACL tokens and policies using the CLI or API.
|
|
|
|
You can provide the token manually using the `-token` option on the command line, but we recommend setting the `CONSUL_HTTP_TOKEN` environment variable to simplify your workflow:
|
|
|
|
```shell-session
|
|
$ export CONSUL_HTTP_TOKEN=<acl-token-secret-id>
|
|
```
|
|
|
|
The Consul CLI automatically reads the `CONSUL_HTTP_TOKEN` environment variable so that you do not have to pass the token to every Consul CLI command.
|
|
|
|
To authenticate calls to the Consul HTTP API, you must provide the token in the `X-Consul-Token` header for each call:
|
|
|
|
```shell-session
|
|
$ curl --header "X-Consul-Token: $CONSUL_HTTP_TOKEN" ...
|
|
```
|
|
|
|
To learn about alternative ways to authenticate, refer to the following documentation:
|
|
|
|
* [CLI Authentication](/consul/commands#authentication)
|
|
* [API Authentication](/consul/api-docs/api-structure#authentication)
|