Managing Tokens using the UI

In this guide, you’ll learn how to authenticate to HashiCorp Vault’s web interface using tokens and how to copy your active token for CLI or API use. This workflow is essential for administrators and operators who need to manage secrets or automate Vault interactions without repeatedly entering credentials.

Table of Contents

• Overview of Token Authentication
• Logging In with a Token
• Copying Your Active Token
• Examples: CLI & API Usage
• References

Overview of Token Authentication

Vault’s Token auth method is the simplest form of authentication. It’s most commonly used when:

• You have the initial root token after deploying a new Vault cluster.
• You generated a token via the Vault CLI or another auth method.

Logging In with a Token

Follow these steps to authenticate in the Vault UI using a token:

Once authenticated, you’ll see the Vault dashboard and can begin managing secrets, policies, and more.

Copying Your Active Token

After signing in (via Token, LDAP, Okta, OIDC, etc.), you can quickly retrieve your current token for use in scripts or API calls:

1. Click the user menu in the top-right corner of the Vault UI.
2. Select Copy Token.

This copies your active token to the clipboard.

Examples: CLI & API Usage

Use the copied token to interact with Vault programmatically:

# Check Vault status via CLI
export VAULT_TOKEN=<your-copied-token>
vault status

# Query Vault health endpoint via API
curl \
  --header "X-Vault-Token: $VAULT_TOKEN" \
  http://127.0.0.1:8200/v1/sys/health

These examples demonstrate how easy it is to switch from the UI to scripted workflows.

References

• Vault UI Overview
• Vault Authentication Methods
• Vault CLI Documentation