2015-04-18 21:34:47 +00:00
|
|
|
---
|
|
|
|
layout: "http"
|
|
|
|
page_title: "HTTP API: /sys/init"
|
|
|
|
sidebar_current: "docs-http-sys-init"
|
|
|
|
description: |-
|
|
|
|
The '/sys/init' endpoint is used to initialize a new Vault.
|
|
|
|
---
|
|
|
|
|
|
|
|
# /sys/init
|
|
|
|
|
|
|
|
## GET
|
|
|
|
|
|
|
|
<dl>
|
2015-04-22 23:47:11 +00:00
|
|
|
<dt>Description</dt>
|
|
|
|
<dd>
|
|
|
|
Return the initialization status of a Vault.
|
|
|
|
</dd>
|
2015-04-18 21:34:47 +00:00
|
|
|
|
2015-04-22 23:47:11 +00:00
|
|
|
<dt>Method</dt>
|
|
|
|
<dd>GET</dd>
|
2015-04-18 21:34:47 +00:00
|
|
|
|
2015-04-22 23:47:11 +00:00
|
|
|
<dt>Parameters</dt>
|
|
|
|
<dd>None</dd>
|
2015-04-18 21:34:47 +00:00
|
|
|
|
2015-04-22 23:47:11 +00:00
|
|
|
<dt>Returns</dt>
|
|
|
|
<dd>
|
2015-04-18 21:34:47 +00:00
|
|
|
|
2015-04-22 23:47:11 +00:00
|
|
|
```javascript
|
|
|
|
{
|
|
|
|
"initialize": true
|
|
|
|
}
|
|
|
|
```
|
|
|
|
|
|
|
|
</dd>
|
2015-04-18 21:34:47 +00:00
|
|
|
</dl>
|
|
|
|
|
|
|
|
## PUT
|
|
|
|
|
|
|
|
<dl>
|
2015-04-22 23:47:11 +00:00
|
|
|
<dt>Description</dt>
|
|
|
|
<dd>
|
|
|
|
Initializes a new Vault. The Vault must've not been previously
|
|
|
|
initialized.
|
|
|
|
</dd>
|
|
|
|
|
|
|
|
<dt>Method</dt>
|
|
|
|
<dd>PUT</dd>
|
2015-04-18 21:34:47 +00:00
|
|
|
|
2015-04-22 23:47:11 +00:00
|
|
|
<dt>Parameters</dt>
|
|
|
|
<dd>
|
|
|
|
<ul>
|
|
|
|
<li>
|
|
|
|
<span class="param">secret_shares</span>
|
|
|
|
<span class="param-flags">required</span>
|
|
|
|
The number of shares to split the master key into.
|
|
|
|
</li>
|
|
|
|
<li>
|
|
|
|
<span class="param">secret_threshold</span>
|
|
|
|
<span class="param-flags">required</span>
|
|
|
|
The number of shares required to reconstruct the master key.
|
|
|
|
This must be less than or equal to <code>secret_shares</code>.
|
|
|
|
</li>
|
2015-08-25 21:35:47 +00:00
|
|
|
<li>
|
2015-08-25 22:33:58 +00:00
|
|
|
<spam class="param">pgp_keys</span>
|
2015-08-25 21:35:47 +00:00
|
|
|
<span class="param-flags">optional</spam>
|
|
|
|
An array of PGP public keys used to encrypt the output unseal keys.
|
|
|
|
Ordering is preserved. The keys must be base64-encoded from their
|
|
|
|
original binary representation. The size of this array must be the
|
|
|
|
same as <code>secret_shares</code>.
|
|
|
|
</li>
|
2015-04-22 23:47:11 +00:00
|
|
|
</ul>
|
|
|
|
</dd>
|
2015-04-18 21:34:47 +00:00
|
|
|
|
2015-04-22 23:47:11 +00:00
|
|
|
<dt>Returns</dt>
|
|
|
|
<dd>
|
2015-08-26 14:59:50 +00:00
|
|
|
A JSON-encoded object including the (possibly encrypted, if
|
|
|
|
<code>pgp_keys</code> was provided) master keys and initial root token:
|
2015-04-18 21:34:47 +00:00
|
|
|
|
2015-04-22 23:47:11 +00:00
|
|
|
```javascript
|
|
|
|
{
|
|
|
|
"keys": ["one", "two", "three"],
|
|
|
|
"root_token": "foo"
|
|
|
|
}
|
|
|
|
```
|
2015-04-18 21:34:47 +00:00
|
|
|
|
2015-04-22 23:47:11 +00:00
|
|
|
</dd>
|
2015-04-18 21:34:47 +00:00
|
|
|
</dl>
|