open-vault/website/content/api-docs/system/namespaces.mdx

---
layout: api
page_title: /sys/namespaces - HTTP API
description: The `/sys/namespaces` endpoint is used manage namespaces in Vault.
---

# `/sys/namespaces`

The `/sys/namespaces` endpoint is used manage namespaces in Vault.

## List Namespaces

This endpoints lists all the namespaces.

| Method | Path              |
| :----- | :---------------- |
| `LIST` | `/sys/namespaces` |

### Sample Request

```shell-session
$ curl \
    --header "X-Vault-Token: ..." \
    -X LIST \
    http://127.0.0.1:8200/v1/sys/namespaces
```

### Sample Response

```json
["ns1/", "ns2/"]
```

## Create Namespace

This endpoint creates a namespace at the given path.

| Method | Path                    |
| :----- | :---------------------- |
| `POST` | `/sys/namespaces/:path` |

### Parameters

- `path` `(string: <required>)` – Specifies the path where the namespace
  will be created.

### Sample Request

```shell-session
$ curl \
    --header "X-Vault-Token: ..." \
    --request POST \
    http://127.0.0.1:8200/v1/sys/namespaces/ns1
```

## Delete Namespace

This endpoint deletes a namespace at the specified path.

| Method   | Path                    |
| :------- | :---------------------- |
| `DELETE` | `/sys/namespaces/:path` |

### Sample Request

```shell-session
$ curl \
    --header "X-Vault-Token: ..." \
    --request DELETE \
    http://127.0.0.1:8200/v1/sys/namespaces/ns1
```

## Read Namespace Information

This endpoint gets the metadata for the given namespace path.

| Method | Path                    |
| :----- | :---------------------- |
| `GET`  | `/sys/namespaces/:path` |

### Sample Request

```shell-session
$ curl \
    --header "X-Vault-Token: ..." \
    http://127.0.0.1:8200/v1/sys/namespaces/ns1
```

### Sample Response

```json
{
  "id": "gsudj",
  "path": "ns1/"
}
```

## Lock Namespace

This endpoint locks the API for the current namespace path or optional subpath.
The behavior when interacting with Vault from a locked namespace is described in
[API Locked Response](/docs/concepts/namespace-api-lock#api-locked-response).

| Method | Path                    |
| :----- | :---------------------- |
| `POST`  | `/sys/namespaces/api-lock/lock/:subpath` |

### Sample Request - Current Namespace

```shell-session
$ curl \
    --header "X-Vault-Token: ..." \
    --request POST \
    http://127.0.0.1:8200/v1/sys/namespaces/api-lock/lock
```

### Sample Response - Current Namespace

```json
{
    "unlock_key": "<unlock key for current/ns/path>"
}
```

### Sample Request - X-Vault-Namespace

```shell-session
$ curl \
    --header "X-Vault-Token: ..." \
    --header "X-Vault-Namespace: some/path
    --request POST \
    http://127.0.0.1:8200/v1/sys/namespaces/api-lock/lock
```

### Sample Response - X-Vault-Namespace

```json
{
    "unlock_key": "<unlock key for some/path>"
}
```

### Sample Request - Descendant of Current Namespace

```shell-session
$ curl \
    --header "X-Vault-Token: ..." \
    --request POST \
    http://127.0.0.1:8200/v1/sys/namespaces/api-lock/lock/some/descendant/subpath
```

### Sample Response - Descendant of Current Namespace

```json
{
    "unlock_key": "<unlock key for current/ns/path/some/descendant/subpath>"
}
```

## Unlock Namespace

This endpoint unlocks the api for the current namespace path or optional subpath.

| Method | Path                    |
| :----- | :---------------------- |
| `POST`  | `/sys/namespaces/api-lock/unlock/:subpath` |

### Sample Payload - Current Namespace Non-Root

```json
{
  "unlock_key": "<unlock key for current/ns/path>"
}
```

### Sample Request - Current Namespace Non-Root

```shell-session
$ curl \
    --header "X-Vault-Token: ..." \
    --request POST \
    --data @payload.json \
    http://127.0.0.1:8200/v1/sys/namespaces/api-lock/unlock
```

### Sample Request - Current Namespace Root

```shell-session
$ curl \
    --header "X-Vault-Token: <some root token>" \
    --request POST \
    http://127.0.0.1:8200/v1/sys/namespaces/api-lock/unlock
```

### Sample Payload - Descendant Namespace Non-Root

```json
{
  "unlock_key": "<unlock key for current/ns/path/some/descendant/subpath>"
}
```

### Sample Request - Descendant Namespace Non-Root

```shell-session
$ curl \
    --header "X-Vault-Token: ..." \
    --request POST \
    --data @payload.json \
    http://127.0.0.1:8200/v1/sys/namespaces/api-lock/unlock/some/descendant/path
```
-												adding namespace docs (#5133)


											
										
										
											2018-08-17 16:17:11 +00:00
+								---
-												New Website! (#8154)

* new documentation website

* ci job adjustment

* update to latest version on downloads page

* remove transition-period scripts

* add netlify toml file

* fix docs patch

* fix ci config?

* revert go.mod changes

* a couple last markdown formatting fixes

											
										
										
											2020-01-18 00:18:09 +00:00
+								layout: api
 								page_title: /sys/namespaces - HTTP API
 								description: The `/sys/namespaces` endpoint is used manage namespaces in Vault.
-												adding namespace docs (#5133)


											
										
										
											2018-08-17 16:17:11 +00:00
+								---
 								# `/sys/namespaces`
 								The `/sys/namespaces` endpoint is used manage namespaces in Vault.
 								## List Namespaces
 								This endpoints lists all the namespaces.
-												New Website! (#8154)

* new documentation website

* ci job adjustment

* update to latest version on downloads page

* remove transition-period scripts

* add netlify toml file

* fix docs patch

* fix ci config?

* revert go.mod changes

* a couple last markdown formatting fixes

											
										
										
											2020-01-18 00:18:09 +00:00
+								| Method | Path              |
 								| :----- | :---------------- |
 								| `LIST` | `/sys/namespaces` |
-												adding namespace docs (#5133)


											
										
										
											2018-08-17 16:17:11 +00:00
 								### Sample Request
-												🌷 Docs Website Maintenance (#8985)

* website maintenance round
* improve docs, revert bug workaround as it was fixed
* boost memory
* remove unnecessary code

											
										
										
											2020-05-21 17:18:17 +00:00
+								```shell-session
-												adding namespace docs (#5133)


											
										
										
											2018-08-17 16:17:11 +00:00
+								$ curl \
 								    --header "X-Vault-Token: ..." \
 								    -X LIST \
 								    http://127.0.0.1:8200/v1/sys/namespaces
 								```
 								### Sample Response
 								```json
-												New Website! (#8154)

* new documentation website

* ci job adjustment

* update to latest version on downloads page

* remove transition-period scripts

* add netlify toml file

* fix docs patch

* fix ci config?

* revert go.mod changes

* a couple last markdown formatting fixes

											
										
										
											2020-01-18 00:18:09 +00:00
+								["ns1/", "ns2/"]
-												adding namespace docs (#5133)


											
										
										
											2018-08-17 16:17:11 +00:00
+								```
 								## Create Namespace
-												Fix a couple of typos in the namespace api docs. (#12593)


											
										
										
											2021-09-21 13:15:51 +00:00
+								This endpoint creates a namespace at the given path.
-												adding namespace docs (#5133)


											
										
										
											2018-08-17 16:17:11 +00:00
-												New Website! (#8154)

* new documentation website

* ci job adjustment

* update to latest version on downloads page

* remove transition-period scripts

* add netlify toml file

* fix docs patch

* fix ci config?

* revert go.mod changes

* a couple last markdown formatting fixes

											
										
										
											2020-01-18 00:18:09 +00:00
+								| Method | Path                    |
 								| :----- | :---------------------- |
 								| `POST` | `/sys/namespaces/:path` |
-												adding namespace docs (#5133)


											
										
										
											2018-08-17 16:17:11 +00:00
 								### Parameters
 								- `path` `(string: <required>)` – Specifies the path where the namespace
-												Fix a couple of typos in the namespace api docs. (#12593)


											
										
										
											2021-09-21 13:15:51 +00:00
+								  will be created.
-												adding namespace docs (#5133)


											
										
										
											2018-08-17 16:17:11 +00:00
 								### Sample Request
-												🌷 Docs Website Maintenance (#8985)

* website maintenance round
* improve docs, revert bug workaround as it was fixed
* boost memory
* remove unnecessary code

											
										
										
											2020-05-21 17:18:17 +00:00
+								```shell-session
-												adding namespace docs (#5133)


											
										
										
											2018-08-17 16:17:11 +00:00
+								$ curl \
 								    --header "X-Vault-Token: ..." \
 								    --request POST \
 								    http://127.0.0.1:8200/v1/sys/namespaces/ns1
 								```
 								## Delete Namespace
 								This endpoint deletes a namespace at the specified path.
-												New Website! (#8154)

* new documentation website

* ci job adjustment

* update to latest version on downloads page

* remove transition-period scripts

* add netlify toml file

* fix docs patch

* fix ci config?

* revert go.mod changes

* a couple last markdown formatting fixes

											
										
										
											2020-01-18 00:18:09 +00:00
+								| Method   | Path                    |
 								| :------- | :---------------------- |
 								| `DELETE` | `/sys/namespaces/:path` |
-												adding namespace docs (#5133)


											
										
										
											2018-08-17 16:17:11 +00:00
 								### Sample Request
-												🌷 Docs Website Maintenance (#8985)

* website maintenance round
* improve docs, revert bug workaround as it was fixed
* boost memory
* remove unnecessary code

											
										
										
											2020-05-21 17:18:17 +00:00
+								```shell-session
-												adding namespace docs (#5133)


											
										
										
											2018-08-17 16:17:11 +00:00
+								$ curl \
 								    --header "X-Vault-Token: ..." \
 								    --request DELETE \
 								    http://127.0.0.1:8200/v1/sys/namespaces/ns1
 								```
 								## Read Namespace Information
-												Namespace API Lock docs (#13064)

* add api lock doc

* add docs nav data

* Update website/content/api-docs/system/namespaces.mdx

Co-authored-by: Chris Capurso <christopher.capurso@gmail.com>

* update command doc

* clarify locked http status code

* add example exempt path

* further exempt clarification

* link api locked response

* add x-vault-namespace api example

* Update website/content/docs/concepts/namespace-api-lock.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* review suggestions

* few other small tweaks

Co-authored-by: Chris Capurso <christopher.capurso@gmail.com>
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

											
										
										
											2021-11-09 22:43:17 +00:00
+								This endpoint gets the metadata for the given namespace path.
-												adding namespace docs (#5133)


											
										
										
											2018-08-17 16:17:11 +00:00
-												New Website! (#8154)

* new documentation website

* ci job adjustment

* update to latest version on downloads page

* remove transition-period scripts

* add netlify toml file

* fix docs patch

* fix ci config?

* revert go.mod changes

* a couple last markdown formatting fixes

											
										
										
											2020-01-18 00:18:09 +00:00
+								| Method | Path                    |
 								| :----- | :---------------------- |
 								| `GET`  | `/sys/namespaces/:path` |
-												adding namespace docs (#5133)


											
										
										
											2018-08-17 16:17:11 +00:00
 								### Sample Request
-												🌷 Docs Website Maintenance (#8985)

* website maintenance round
* improve docs, revert bug workaround as it was fixed
* boost memory
* remove unnecessary code

											
										
										
											2020-05-21 17:18:17 +00:00
+								```shell-session
-												adding namespace docs (#5133)


											
										
										
											2018-08-17 16:17:11 +00:00
+								$ curl \
 								    --header "X-Vault-Token: ..." \
 								    http://127.0.0.1:8200/v1/sys/namespaces/ns1
 								```
 								### Sample Response
 								```json
 								{
 								  "id": "gsudj",
 								  "path": "ns1/"
 								}
 								```
-												Namespace API Lock docs (#13064)

* add api lock doc

* add docs nav data

* Update website/content/api-docs/system/namespaces.mdx

Co-authored-by: Chris Capurso <christopher.capurso@gmail.com>

* update command doc

* clarify locked http status code

* add example exempt path

* further exempt clarification

* link api locked response

* add x-vault-namespace api example

* Update website/content/docs/concepts/namespace-api-lock.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* review suggestions

* few other small tweaks

Co-authored-by: Chris Capurso <christopher.capurso@gmail.com>
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

											
										
										
											2021-11-09 22:43:17 +00:00
 								## Lock Namespace
 								This endpoint locks the API for the current namespace path or optional subpath.
 								The behavior when interacting with Vault from a locked namespace is described in
 								[API Locked Response](/docs/concepts/namespace-api-lock#api-locked-response).
 								| Method | Path                    |
 								| :----- | :---------------------- |
 								| `POST`  | `/sys/namespaces/api-lock/lock/:subpath` |
 								### Sample Request - Current Namespace
 								```shell-session
 								$ curl \
 								    --header "X-Vault-Token: ..." \
 								    --request POST \
 								    http://127.0.0.1:8200/v1/sys/namespaces/api-lock/lock
 								```
 								### Sample Response - Current Namespace
 								```json
 								{
 								    "unlock_key": "<unlock key for current/ns/path>"
 								}
 								```
 								### Sample Request - X-Vault-Namespace
 								```shell-session
 								$ curl \
 								    --header "X-Vault-Token: ..." \
 								    --header "X-Vault-Namespace: some/path
 								    --request POST \
 								    http://127.0.0.1:8200/v1/sys/namespaces/api-lock/lock
 								```
 								### Sample Response - X-Vault-Namespace
 								```json
 								{
 								    "unlock_key": "<unlock key for some/path>"
 								}
 								```
 								### Sample Request - Descendant of Current Namespace
 								```shell-session
 								$ curl \
 								    --header "X-Vault-Token: ..." \
 								    --request POST \
 								    http://127.0.0.1:8200/v1/sys/namespaces/api-lock/lock/some/descendant/subpath
 								```
 								### Sample Response - Descendant of Current Namespace
 								```json
 								{
 								    "unlock_key": "<unlock key for current/ns/path/some/descendant/subpath>"
 								}
 								```
 								## Unlock Namespace
 								This endpoint unlocks the api for the current namespace path or optional subpath.
 								| Method | Path                    |
 								| :----- | :---------------------- |
 								| `POST`  | `/sys/namespaces/api-lock/unlock/:subpath` |
 								### Sample Payload - Current Namespace Non-Root
 								```json
 								{
 								  "unlock_key": "<unlock key for current/ns/path>"
 								}
 								```
 								### Sample Request - Current Namespace Non-Root
 								```shell-session
 								$ curl \
 								    --header "X-Vault-Token: ..." \
 								    --request POST \
 								    --data @payload.json \
 								    http://127.0.0.1:8200/v1/sys/namespaces/api-lock/unlock
 								```
 								### Sample Request - Current Namespace Root
 								```shell-session
 								$ curl \
 								    --header "X-Vault-Token: <some root token>" \
 								    --request POST \
 								    http://127.0.0.1:8200/v1/sys/namespaces/api-lock/unlock
 								```
 								### Sample Payload - Descendant Namespace Non-Root
 								```json
 								{
 								  "unlock_key": "<unlock key for current/ns/path/some/descendant/subpath>"
 								}
 								```
 								### Sample Request - Descendant Namespace Non-Root
 								```shell-session
 								$ curl \
 								    --header "X-Vault-Token: ..." \
 								    --request POST \
 								    --data @payload.json \
 								    http://127.0.0.1:8200/v1/sys/namespaces/api-lock/unlock/some/descendant/path
 								```