open-vault/website/content/api-docs/system/wrapping-unwrap.mdx

---
layout: api
page_title: /sys/wrapping/unwrap - HTTP API
description: The `/sys/wrapping/unwrap` endpoint unwraps a wrapped response.
---

# `/sys/wrapping/unwrap`

The `/sys/wrapping/unwrap` endpoint unwraps a wrapped response.

## Wrapping Unwrap

This endpoint returns the original response inside the given wrapping token.
Unlike simply reading `cubbyhole/response` (which is deprecated), this endpoint
provides additional validation checks on the token, returns the original value
on the wire rather than a JSON string representation of it, and ensures that the
response is properly audit-logged.

This endpoint can be used by using a wrapping token as the client token in the
API call, in which case the `token` parameter is not required; or, a different
token with permissions to access this endpoint can make the call and pass in the
wrapping token in the `token` parameter. Do _not_ use the wrapping token in both
locations; this will cause the wrapping token to be revoked but the value to be
unable to be looked up, as it will basically be a double-use of the token!

| Method | Path                   |
| :----- | :--------------------- |
| `POST` | `/sys/wrapping/unwrap` |

### Parameters

- `token` `(string: "")` – Specifies the wrapping token ID. This is required if
  the client token is not the wrapping token. Do not use the wrapping token in
  both locations.

### Sample Payload

```json
{
  "token": "abcd1234..."
}
```

### Sample Request

```shell-session
$ curl \
    --header "X-Vault-Token: ..." \
    --request POST \
    --data @payload.json \
    http://127.0.0.1:8200/v1/sys/wrapping/unwrap
```

### Sample Response

```json
{
  "request_id": "8e33c808-f86c-cff8-f30a-fbb3ac22c4a8",
  "lease_id": "",
  "lease_duration": 2592000,
  "renewable": false,
  "data": {
    "zip": "zap"
  },
  "warnings": null
}
```
-												Redo docs for system backend

This commit updates the API documentation for the system backend to
break things apart on a per-page basis and provide specific examples.
This pattern will give more flexibility for future documentation as
well.

											
										
										
											2017-03-15 06:40:33 +00:00
+								---
-												New Website! (#8154)

* new documentation website

* ci job adjustment

* update to latest version on downloads page

* remove transition-period scripts

* add netlify toml file

* fix docs patch

* fix ci config?

* revert go.mod changes

* a couple last markdown formatting fixes

											
										
										
											2020-01-18 00:18:09 +00:00
+								layout: api
 								page_title: /sys/wrapping/unwrap - HTTP API
 								description: The `/sys/wrapping/unwrap` endpoint unwraps a wrapped response.
-												Redo docs for system backend

This commit updates the API documentation for the system backend to
break things apart on a per-page basis and provide specific examples.
This pattern will give more flexibility for future documentation as
well.

											
										
										
											2017-03-15 06:40:33 +00:00
+								---
 								# `/sys/wrapping/unwrap`
 								The `/sys/wrapping/unwrap` endpoint unwraps a wrapped response.
 								## Wrapping Unwrap
 								This endpoint returns the original response inside the given wrapping token.
 								Unlike simply reading `cubbyhole/response` (which is deprecated), this endpoint
 								provides additional validation checks on the token, returns the original value
 								on the wire rather than a JSON string representation of it, and ensures that the
 								response is properly audit-logged.
 								This endpoint can be used by using a wrapping token as the client token in the
 								API call, in which case the `token` parameter is not required; or, a different
 								token with permissions to access this endpoint can make the call and pass in the
 								wrapping token in the `token` parameter. Do _not_ use the wrapping token in both
 								locations; this will cause the wrapping token to be revoked but the value to be
 								unable to be looked up, as it will basically be a double-use of the token!
-												New Website! (#8154)

* new documentation website

* ci job adjustment

* update to latest version on downloads page

* remove transition-period scripts

* add netlify toml file

* fix docs patch

* fix ci config?

* revert go.mod changes

* a couple last markdown formatting fixes

											
										
										
											2020-01-18 00:18:09 +00:00
+								| Method | Path                   |
 								| :----- | :--------------------- |
 								| `POST` | `/sys/wrapping/unwrap` |
-												Redo docs for system backend

This commit updates the API documentation for the system backend to
break things apart on a per-page basis and provide specific examples.
This pattern will give more flexibility for future documentation as
well.

											
										
										
											2017-03-15 06:40:33 +00:00
 								### Parameters
 								- `token` `(string: "")` – Specifies the wrapping token ID. This is required if
 								  the client token is not the wrapping token. Do not use the wrapping token in
 								  both locations.
 								### Sample Payload
 								```json
 								{
 								  "token": "abcd1234..."
 								}
 								```
 								### Sample Request
-												🌷 Docs Website Maintenance (#8985)

* website maintenance round
* improve docs, revert bug workaround as it was fixed
* boost memory
* remove unnecessary code

											
										
										
											2020-05-21 17:18:17 +00:00
+								```shell-session
-												Redo docs for system backend

This commit updates the API documentation for the system backend to
break things apart on a per-page basis and provide specific examples.
This pattern will give more flexibility for future documentation as
well.

											
										
										
											2017-03-15 06:40:33 +00:00
+								$ curl \
 								    --header "X-Vault-Token: ..." \
 								    --request POST \
 								    --data @payload.json \
-												Drop vault.rocks (#4186)


											
										
										
											2018-03-23 15:41:51 +00:00
+								    http://127.0.0.1:8200/v1/sys/wrapping/unwrap
-												Redo docs for system backend

This commit updates the API documentation for the system backend to
break things apart on a per-page basis and provide specific examples.
This pattern will give more flexibility for future documentation as
well.

											
										
										
											2017-03-15 06:40:33 +00:00
+								```
 								### Sample Response
 								```json
 								{
 								  "request_id": "8e33c808-f86c-cff8-f30a-fbb3ac22c4a8",
 								  "lease_id": "",
 								  "lease_duration": 2592000,
 								  "renewable": false,
 								  "data": {
 								    "zip": "zap"
 								  },
 								  "warnings": null
 								}
 								```