HashiConf 2025 Don't miss the live stream of HashiConf Day 2 happening now View live stream
Vault
Vault Home

You are viewing documentation for version v1.20.x. View latest version.

Vault MCP server

The Vault MCP Server is a Model Context Protocol (MCP) server implementation that provides integration with HashiCorp Vault for managing secrets and mounts. This server uses both stdio and StreamableHTTP transports for MCP communication, making it compatible with Claude for Desktop and other MCP clients.

Beta feature

Beta functionality is stable but possibly incomplete and subject to change. We strongly discourage using beta features in production deployments of Vault.

Disclaimer

Depending on the query, the MCP server may expose certain Vault data, including Vault secrets, to MCP clients and LLMs interacting with the server. Do not use the MCP server with untrusted MCP clients or LLMs.

Your use of third-party MCP clients and LLMs is subject solely to the terms of use for those MCP servers and LLMs. IBM is not responsible for the performance of such third party tools. IBM expressly disclaims any and all warranties and liability for third party MCP clients and LLMs, and may not be able to provide support to resolve issues caused by the third party tools.

What is the Vault MCP server?

The Model Context Protocol (MCP) is an open standard that enables AI models to securely connect with external tools, applications, and data sources. MCP allows AI models to access information beyond their training data, providing more current and accurate responses.

The Vault MCP server implements this protocol specifically for interacting with Vault APIs, offering several key benefits:

  • Understanding code bases and automatically invoke Vault based workflows
  • Help configure PKI certificates with new or existing codebases
  • Perform automated Vault operations using natural language

How it works

When you connect an AI model to the Vault MCP server, the model gains access to specialized tools that can perform the following actions:

  • List, Delete, Create mounts in Vault (KV v1, KV v2)
  • List, Delete, Read, Write secrets to KV mounts
  • Enable PKI secrets engine
  • Issue PKI certificate
  • List, Create, Read PKI issuers, roles
  • Delete PKI roles
  • Comprehensive HTTP middleware stack (CORS, logging, Vault context)
  • Session-based Vault client management
  • Structured logging with configurable output

The AI model uses these tools automatically when you ask questions about securely storing secrets.

The server specifically handles Vault API based interaction. For general Vault questions, AI models use their standard training data and other sources.

Additional resources

Edit this page on GitHub