Vault MCP server

The Vault MCP Server is a Model Context Protocol (MCP) server implementation that provides integration with HashiCorp Vault for managing secrets and mounts. This server uses both stdio and StreamableHTTP transports for MCP communication, making it compatible with Claude for Desktop and other MCP clients.

What is the Vault MCP server?

The Model Context Protocol (MCP) is an open standard that enables AI models to securely connect with external tools, applications, and data sources. MCP allows AI models to access information beyond their training data, providing more current and accurate responses.

The Vault MCP server implements this protocol specifically for interacting with Vault APIs, offering several key benefits:

• Understanding code bases and automatically invoke Vault based workflows
• Help configure PKI certificates with new or existing codebases
• Perform automated Vault operations using natural language

How it works

When you connect an AI model to the Vault MCP server, the model gains access to specialized tools that can perform the following actions:

• List, Delete, Create mounts in Vault (KV v1, KV v2)
• List, Delete, Read, Write secrets to KV mounts
• Enable PKI secrets engine
• Issue PKI certificate
• List, Create, Read PKI issuers, roles
• Delete PKI roles
• Comprehensive HTTP middleware stack (CORS, logging, Vault context)
• Session-based Vault client management
• Structured logging with configurable output

The AI model uses these tools automatically when you ask questions about securely storing secrets.

The server specifically handles Vault API based interaction. For general Vault questions, AI models use their standard training data and other sources.

Additional resources

• Vault MCP server repository: For source code, issues and contributions.
• Vault MCP server releases: Provides links for downloading prebuilt binaries.