As I can see from https://www.consul.io/api/operator/keyring.html HTTP API can be used for getting consul encryption key if we have Consul token, but this article does not cover the case when I want to get the primary encryption key.
During my research, I found that the primary key is in zero position all time, but it is not proved by documentation. My assumption was that I can get Consul encryption key by the following command:
curl -s http://<CONSUL_ADDR>8500/v1/operator/keyring?token=<CONSUL_ACL_TOKEN> | jq -r -c '. | select( .WAN == true ) | .Keys | keys'
Can you confirm or disprove this way for getting the encryption key via HTTP API, please?
My version of Consul is