Enumerate vault root tokens.
Use JSON output format to locate root tokens.
$ vault list -format json auth/token/accessors | \ jq --raw-output ".[]" | \ xargs -I{} vault token lookup -format json -accessor {} | \ jq --raw-output 'select(.data.path=="auth/token/root") | .data.accessor'
NBIy4iydKZgrYDsoUwMIpwcL Ie2zOw7FxgyNhx4KJopUpDTo
Display token details.
$ vault list -format json auth/token/accessors | \ jq --raw-output ".[]" | \ xargs -I{} vault token lookup -format json -accessor {} | \ jq --raw-output 'select(.data.path=="auth/token/root") | .data'
{ "accessor": "NBIy4iydKZgrYDsoUwMIpwcL", "creation_time": 1658688009, "creation_ttl": 0, "display_name": "root", "entity_id": "", "expire_time": null, "explicit_max_ttl": 0, "id": "", "meta": null, "num_uses": 0, "orphan": true, "path": "auth/token/root", "policies": [ "root" ], "ttl": 0, "type": "service" } { "accessor": "Ie2zOw7FxgyNhx4KJopUpDTo", "creation_time": 1658015760, "creation_ttl": 0, "display_name": "root", "entity_id": "", "expire_time": null, "explicit_max_ttl": 0, "id": "", "meta": null, "num_uses": 0, "orphan": true, "path": "auth/token/root", "policies": [ "root" ], "ttl": 0, "type": "service" }
Notice, lookup sub-command does not display token for given accessor.