Restrict Vault to access by API only

Hi - is it possible to configure Vault so that values can only be read/write using the API and not through UI?


You can disable the ui in your vault config by leaving out ui param in the config file . However if the UI is enabled, there’s no way to exclude the UI from making api requests.


Just to add on to what @meirish said – the UI is an in-browser application that is simply a Vault UI client, so anything that you can do via the UI can be done directly through the API. So if you’re trying to disable the UI for security reasons, keep that in mind.