Creativity · MCP — server

MCP HashiCorp Vault Server

HashiCorp Vault is the gold standard for secret management. The MCP Vault Server exposes a careful, policy-scoped subset of Vault's API to MCP clients — listing engines, reading metadata, peeking at policies — so Claude can help diagnose access and audit issues without leaking secrets.

MCP facts

Kind: server
Ecosystem: anthropic-mcp
Language: Go
Transports: stdio

Capabilities

Tools: list_secret_engines, list_policies, read_metadata, lookup_token
Explicit allowlist of paths the server can read
Audit log entries for every MCP-initiated call

Install

go install github.com/community/mcp-vault@latest

Configuration

{
  "mcpServers": {
    "vault": {
      "command": "mcp-vault",
      "env": {
        "VAULT_ADDR": "https://vault.example.com",
        "VAULT_TOKEN": "<short-lived-token>",
        "MCP_VAULT_ALLOW_READ": "secret/metadata/*"
      }
    }
  }
}

Frequently asked questions

Does the model ever see secret values?

By default no — the server returns metadata and policy info. If you explicitly enable read on a path, Vault's audit log still captures it.

Should I give it a long-lived token?

No. Issue a short-lived token with a narrow policy bound to the MCP server's purpose. Rotate aggressively.

Is there an official Vault MCP?

Not at time of writing — this is a community effort. Always inspect the source and policy surface before trusting it with a Vault token.

Sources

Vault API Documentation — accessed 2026-04-20
Model Context Protocol — accessed 2026-04-20