HashiCorp Vault MCP Server

$docker run -i --rm -e VAULT_ADDR=https://your-vault-server:8200 -e VAULT_TOKEN=hvs.your-vault-token ashgw/vault-mcp:latest
README.md

Securely manage HashiCorp Vault secrets and ACL policies through MCP.

HashiCorp Vault MCP Server

HashiCorp Vault MCP Server is a full-featured Model Context Protocol (MCP) integration that lets language models and other MCP-aware clients manage Vault secrets and policies through a safe, auditable interface. It bridges Vault's security model with the structured interaction model that MCP expects, so you can automate tasks such as credential rotation, policy authoring, and discovery without exposing raw Vault APIs.

Introduction

The server wraps the HashiCorp Vault KV v2 API and common policy workflows inside MCP primitives. Once a client connects, it can call typed tools, browse resources, and request prompt completions that are all backed by the same Vault instance you already operate. Every interaction is explicit: clients must supply the paths, data, and policies they want to work with, and the server relays those requests directly to Vault using a token you control.

Why Use This Server

  • Automate secret rotation and retrieval directly from MCP-compatible IDEs and agents.
  • Generate or update Vault ACL policies without manually editing HCL snippets.
  • Safely expose only the operations you approve by scoping the Vault token that powers the server.
  • Avoid ad-hoc scripting: the server comes with well-defined tools and prompts designed around common Vault tasks.

How the Server Works

  1. You launch the server either locally or inside a container with a Vault token.
  2. An MCP client (Cursor, Claude Desktop, custom agents) connects over stdio.
  3. The client calls tools like create_secret or create_policy; the server validates the payload, forwards it to Vault, and returns structured responses.
  4. Resource requests such as vault://secrets list data-driven content that the client can browse or feed into follow-up prompts.
  5. Prompt handlers like generate_policy help you synthesize Vault-ready HCL from natural-language intents.

The implementation is written in TypeScript, bundles to a single JavaScript file, and relies on the official @modelcontextprotocol/sdk for transport and schema validation.

Requirements

  • HashiCorp Vault 1.9+ with the KV secrets engine (v2) enabled on the paths you plan to manage.
  • A Vault token that starts with hvs. and grants the capabilities you need (read, create, update, delete and/or sudo for policy work).
  • Docker 24+.
  • Network access from the machine running the MCP server to your Vault cluster.

Getting Started

Cursor

Production (recommended) — use the official image. Paste this under ~/.cursor/mcp.json:

{
  "mcpServers": {
    "Vault": {
      "command": "docker",
      "args": [
        "run",
        "-i",
        "--rm",
        "-e",
        "VAULT_ADDR=https://your-vault-server:8200",
        "-e",
        "VAULT_TOKEN=hvs.your-vault-token",
        "ashgw/vault-mcp:latest"
      ]
    }
  }
}

Cursor starts the container on-demand, wires stdio to the MCP transport, and tears it down once the session ends. Pin a tag (e.g. ashgw/vault-mcp:1.x.y) if you want a fixed version.

Local Cursor

You can build & run locally & use it like this

{
  "mcpServers": {
    "Vault": {
      "command": "docker",
      "args": [
        "run",
        "-i",
        "--rm",
        "--network=host",
        "-e",
        "VAULT_ADDR=http://127.0.0.1:8200",
        "-e",
        "VAULT_TOKEN=hvs.test-token-1234567890abcdef",
        "vault-mcp:local"
      ]
    }
  }
}
Local Docker
git clone https://github.com/rccyx/vault-mcp.git
cd vault-mcp
docker build -t vault-mcp:local .

docker run -i --rm \
  --network=host \
  -e VAULT_ADDR=http://127.0.0.1:8200 \
  -e VAULT_TOKEN=hvs.test-token-1234567890abcdef \
  vault-mcp:local

Configuration

  • VAULT_ADDR (required): URL of the Vault cluster, for example https://vault.internal:8200 or http://127.0.0.1:8200.
  • VAULT_TOKEN (required): Short-lived or renewable

Tools (4)

create_secretCreate a new secret in the Vault KV v2 engine.
read_secretRetrieve a secret from the specified path in Vault.
delete_secretDelete a secret from the specified path in Vault.
create_policyCreate or update a Vault ACL policy using HCL.

Environment Variables

VAULT_ADDRrequiredURL of the Vault cluster (e.g., https://vault.internal:8200)
VAULT_TOKENrequiredVault token starting with hvs. that grants necessary capabilities

Configuration

claude_desktop_config.json
{
  "mcpServers": {
    "Vault": {
      "command": "docker",
      "args": [
        "run",
        "-i",
        "--rm",
        "-e",
        "VAULT_ADDR=https://your-vault-server:8200",
        "-e",
        "VAULT_TOKEN=hvs.your-vault-token",
        "ashgw/vault-mcp:latest"
      ]
    }
  }
}

Try it

Read the secret stored at secret/data/api-keys/stripe
Create a new secret at secret/data/database/prod with the username 'admin' and a random password
Generate a Vault HCL policy that allows read-only access to secret/data/projects/* and name it 'project-reader'
List all available secrets from the vault://secrets resource
Delete the secret located at secret/data/temp-credentials

Frequently Asked Questions

What are the key features of HashiCorp Vault MCP Server?

Wraps HashiCorp Vault KV v2 API and policy workflows into MCP primitives.. Supports automated secret rotation and retrieval directly from IDEs.. Enables HCL policy authoring and synthesis from natural language intents.. Provides data-driven resources for browsing secrets and policies via vault:// URIs..

What can I use HashiCorp Vault MCP Server for?

Developers rotating database credentials without leaving their MCP-compatible IDE.. Security engineers generating complex Vault ACL policies using natural language prompts.. Automated agents discovering and managing secrets within a secure, auditable framework.. DevOps teams auditing existing Vault policies through structured MCP resource browsing..

How do I install HashiCorp Vault MCP Server?

Install HashiCorp Vault MCP Server by running: docker run -i --rm -e VAULT_ADDR=https://your-vault-server:8200 -e VAULT_TOKEN=hvs.your-vault-token ashgw/vault-mcp:latest

What MCP clients work with HashiCorp Vault MCP Server?

HashiCorp Vault MCP Server works with any MCP-compatible client including Claude Desktop, Claude Code, Cursor, and other editors with MCP support.

Use HashiCorp Vault MCP Server with Conare

Manage MCP servers visually, upload persistent context, and never start from zero with Claude Code & Codex.

Try Free

Related MCP Servers

SSH MCP Server
Securely execute shell commands on remote Linux and Windows systems via SSH
cloud310 stars
Google Photos MCP Server
Search, browse, and retrieve metadata and images from your Google Photos library.
cloud13 stars
AWS SSO MCP Server
Connect AI assistants to AWS infrastructure through AWS IAM Identity Center
cloud11 stars
ComplianceCow
Retrieve compliance insights, dashboard data, and auditable evidence.
cloud8 stars
Terry-Form MCP
Production-ready Terraform automation with comprehensive LSP integration
cloud6 stars
AWS MCP Server
Interact with core AWS services like S3, EC2, RDS, and CloudWatch through Claude.
cloud3 stars