Skip to main content
In this guide, you’ll learn how to authenticate API requests to HashiCorp Consul by supplying your ACL token in the HTTP header. Consul supports two equivalent header options:
  • X-Consul-Token
  • Authorization: Bearer
Both methods achieve the same result—authorizing your request against the Consul ACL system—so you can choose the one that best fits your environment.
Always keep your ACL tokens secure. Never commit them to version control or expose them in public logs.

Header Options Comparison

Header OptionSyntax
X-Consul-TokenX-Consul-Token: <your-acl-token>
Authorization: BearerAuthorization: Bearer <your-acl-token>

Example 1: Using X-Consul-Token

curl -X PUT \
  --header "X-Consul-Token: ec15675e-2999-d789-832e-8c4794daa8d7" \
  --data @payload.json \
  https://consul.example.com:8500/v1/acl/token

Example 2: Using Authorization: Bearer

curl -X PUT \
  --header "Authorization: Bearer ec15675e-2999-d789-832e-8c4794daa8d7" \
  --data @payload.json \
  https://consul.example.com:8500/v1/acl/token
Both commands send a PUT request to the /v1/acl/token endpoint, including:
  • The JSON payload from payload.json
  • Your ACL token in the request header
Consul validates the token and authorizes the operation, returning a success response if the token has the proper permissions.

Next Steps

Jump into your lab environment and run these commands to verify that Consul accepts your token-based authentication.

Watch Video