mcpSource-backedReview first Safety ✓ Privacy ✓

HashiCorp Vault MCP Server for Claude

Connect Claude to HashiCorp Vault — manage secrets engines, read and write KV secrets, and operate the PKI engine — with HashiCorp's official Model Context Protocol server.

by HashiCorp·added 2026-06-17·

Claude Code Codex Cursor Claude Desktop

HarnessClaude CodeCodexCursorClaude Desktop

Install

Source

claude mcp add vault -e VAULT_ADDR=<your-vault-addr> -e VAULT_TOKEN=<your-token> -- docker run -i --rm -e VAULT_ADDR -e VAULT_TOKEN hashicorp/vault-mcp-server

Readiness

TrustReview first
Sourcesource-backed
Safety notesPresent
ReviewedYes

Documentation Source repository Registry JSON · LLM text

Review first — review before installing

Open the source and read safety notes before installing.

Safety notes

Tools create and delete secrets engines and write/delete secrets and PKI material — scope the Vault token policy to least privilege.
Mount and PKI operations change live Vault configuration; review before running them through Claude.

Privacy notes

Secret values read through the server enter the MCP client context and the model's prompt — only read what is necessary.
VAULT_ADDR and VAULT_TOKEN are secrets — keep them in the client config or environment, never in shared repositories.

Prerequisites

A reachable HashiCorp Vault server address (VAULT_ADDR).
A Vault token (VAULT_TOKEN) whose policy grants only the paths Claude should access.
Docker (the server is distributed as the hashicorp/vault-mcp-server image), or build the binary.
An MCP client such as Claude Code or Claude Desktop.

Schema details

Install type: cli
Troubleshooting: No

Source repository stats

Scope: Source repo

Collection metadata

Estimated setup: 10 minutes
Difficulty: advanced

Tool listing metadata

Website: https://www.hashicorp.com/products/vault

Full copyable content

{
  "mcpServers": {
    "vault-mcp-server": {
      "command": "docker",
      "args": [
        "run", "-i", "--rm",
        "-e", "VAULT_ADDR", "-e", "VAULT_TOKEN", "-e", "VAULT_NAMESPACE",
        "hashicorp/vault-mcp-server"
      ],
      "env": {
        "VAULT_ADDR": "<your-vault-addr>",
        "VAULT_TOKEN": "<your-token>"
      }
    }
  }
}

About this resource

Overview

The HashiCorp Vault MCP Server is HashiCorp's official Model Context Protocol server for Vault. It gives Claude structured access to a Vault instance so you can manage secrets engines (mounts), read and write key-value secrets, and operate the PKI engine — in natural language. It runs over stdio or streamable-HTTP, is distributed as the hashicorp/vault-mcp-server Docker image, and is licensed under MPL-2.0.

Key capabilities

The server groups its tools by Vault subsystem:

Area	Tools
Mount management	`create_mount`, `list_mounts`, `delete_mount`
Key-Value secrets	`write_secret`, `read_secret`, `list_secrets`, `delete_secret`
PKI engine	`enable_pki`, `create_pki_issuer`, `list_pki_issuers`, `issue_pki_certificate`, role management

Configuration

Variable	Required	Purpose
`VAULT_ADDR`	Yes	Vault server address (defaults to a local dev address).
`VAULT_TOKEN`	Yes	Token whose policy scopes what Claude can access.
`VAULT_NAMESPACE`	No	Vault Enterprise / HCP namespace.
`TRANSPORT_MODE`	No	Set to `http` for streamable-HTTP; defaults to stdio.

Installation

Claude Code

claude mcp add vault -e VAULT_ADDR=<your-vault-addr> -e VAULT_TOKEN=<your-token> -- \
  docker run -i --rm -e VAULT_ADDR -e VAULT_TOKEN hashicorp/vault-mcp-server

Claude Desktop

{
  "mcpServers": {
    "vault-mcp-server": {
      "command": "docker",
      "args": [
        "run", "-i", "--rm",
        "-e", "VAULT_ADDR", "-e", "VAULT_TOKEN", "-e", "VAULT_NAMESPACE",
        "hashicorp/vault-mcp-server"
      ],
      "env": {
        "VAULT_ADDR": "<your-vault-addr>",
        "VAULT_TOKEN": "<your-token>"
      }
    }
  }
}

Requirements

A reachable Vault server (VAULT_ADDR) and a scoped token (VAULT_TOKEN).
Docker, or build the binary from source.
An MCP client (Claude Code or Claude Desktop).

Security

Scope the Vault token policy to least privilege — grant only the paths and operations Claude needs.
Mount, KV-delete, and PKI tools change live Vault state; review destructive actions before running.
Secret values read by Claude enter the model context — read only what is necessary.
Treat VAULT_ADDR and VAULT_TOKEN as secrets.

Source Verification Notes

Verified on 2026-06-17:

The official repository github.com/hashicorp/vault-mcp-server (MPL-2.0) documents the hashicorp/vault-mcp-server image, stdio and streamable-HTTP transports, the VAULT_ADDR/VAULT_TOKEN/VAULT_NAMESPACE configuration, and the mount, KV, and PKI tools above.
HashiCorp's Vault documentation describes the underlying secrets engines and PKI workflows.
Claude Code's MCP documentation describes the connector setup pattern used here.

#vault #secrets-management #security #pki #hashicorp

Source citations

Add this badge to your README

Show that HashiCorp Vault MCP Server for Claude is listed on HeyClaude. Paste this Markdown into your README — it renders the badge and links back to this page.

[![Listed on HeyClaude](https://heyclau.de/badge/mcp/vault-mcp-server.svg)](https://heyclau.de/entry/mcp/vault-mcp-server)

How it compares

HashiCorp Vault MCP Server for Claude side by side with 3 alternatives on trust, install, platform support, and disclosed safety notes — all from reviewed registry metadata.

Field	HashiCorp Vault MCP Server for Claude Connect Claude to HashiCorp Vault — manage secrets engines, read and write KV secrets, and operate the PKI engine — with HashiCorp's official Model Context Protocol server. Open dossier	Meilisearch MCP Server for Claude Connect Claude to Meilisearch — manage indexes, add and search documents, tune settings, and monitor tasks — with Meilisearch's official Model Context Protocol server. Open dossier	DigitalOcean MCP Server for Claude Connect Claude to DigitalOcean — manage Apps, Droplets, managed Databases, Kubernetes, Container Registry, networking, and Functions — with DigitalOcean's official Model Context Protocol server. Open dossier	Elasticsearch MCP Server for Claude Connect Claude to your Elasticsearch cluster — search indices, inspect mappings, run ES\|QL, and check shard health — with Elastic's official Model Context Protocol server. Open dossier
Trust
Install risk	Review first	Review first	Review first	Review first
Notes	Safety ✓ Privacy ✓	Safety ✓ Privacy ✓	Safety ✓ Privacy ✓	Safety ✓ Privacy ✓
Category	mcp	mcp	mcp	mcp
Source	source-backed	source-backed	source-backed	source-backed
Author	HashiCorp	Meilisearch	DigitalOcean	Elastic
Added	2026-06-17	2026-06-17	2026-06-17	2026-06-17
Platforms	Claude CodeCodexCursorClaude Desktop	Claude CodeClaude Desktop	Claude CodeClaude Desktop	Claude CodeClaude Desktop
Source repo	—	—	—	—
Safety notes	✓Tools create and delete secrets engines and write/delete secrets and PKI material — scope the Vault token policy to least privilege. Mount and PKI operations change live Vault configuration; review before running them through Claude.	✓Tools create and delete indexes and documents and rotate API keys — scope the key and confirm destructive actions. Settings and index deletes change live search behavior; review before running them through Claude.	✓Tools can create, update, restart, and delete live infrastructure (Apps, Droplets, Databases) — scope the API token and select only the --services you need. Destructive actions (delete, rollback) act on production resources; confirm before running them through Claude.	✓Search, ES\|QL, and shard tools run live read queries against the configured cluster; a broad or expensive query can add load. Scope the Elasticsearch API key to least privilege (read-only on the indices Claude should see) before connecting.
Privacy notes	✓Secret values read through the server enter the MCP client context and the model's prompt — only read what is necessary. VAULT_ADDR and VAULT_TOKEN are secrets — keep them in the client config or environment, never in shared repositories.	✓Indexed documents and search results enter the MCP client context and the model's prompt. MEILI_HTTP_ADDR and MEILI_MASTER_KEY are secrets — keep them in the client config or environment.	✓Resource metadata, logs, and metrics enter the MCP client context and the model's prompt. The DIGITALOCEAN_API_TOKEN is a secret — store it in the client config or environment, never in shared repositories.	✓Index data, field mappings, and query results enter the MCP client context and the model's prompt. ES_URL and ES_API_KEY are secrets — store them in the client config or environment, never in shared repositories.
Prerequisites	A reachable HashiCorp Vault server address (VAULT_ADDR). A Vault token (VAULT_TOKEN) whose policy grants only the paths Claude should access. Docker (the server is distributed as the hashicorp/vault-mcp-server image), or build the binary. An MCP client such as Claude Code or Claude Desktop.	A reachable Meilisearch instance URL (MEILI_HTTP_ADDR). A Meilisearch master or API key (MEILI_MASTER_KEY) when your instance requires authentication. uv (uvx) or pip to run meilisearch-mcp, or Docker (getmeili/meilisearch-mcp). An MCP client such as Claude Code or Claude Desktop.	A DigitalOcean account. A DigitalOcean API token (DIGITALOCEAN_API_TOKEN) with the scopes for the services you enable. Node.js (npx) to run @digitalocean/mcp, or use the hosted remote endpoint. An MCP client such as Claude Code or Claude Desktop.	Docker installed (the server is distributed as the docker.elastic.co/mcp/elasticsearch image). An Elasticsearch cluster URL (ES_URL) you can reach. An Elasticsearch API key (ES_API_KEY) or username/password (ES_USERNAME + ES_PASSWORD). An MCP client such as Claude Code or Claude Desktop.
Install	`claude mcp add vault -e VAULT_ADDR=<your-vault-addr> -e VAULT_TOKEN=<your-token> -- docker run -i --rm -e VAULT_ADDR -e VAULT_TOKEN hashicorp/vault-mcp-server`	`claude mcp add meilisearch -e MEILI_HTTP_ADDR=<your-meili-url> -e MEILI_MASTER_KEY=<your-key> -- uvx -n meilisearch-mcp`	`claude mcp add digitalocean -e DIGITALOCEAN_API_TOKEN=<your-token> -- npx -y @digitalocean/mcp --services apps,droplets,databases`	`claude mcp add elasticsearch -- docker run -i --rm -e ES_URL=<your-cluster-url> -e ES_API_KEY=<your-api-key> docker.elastic.co/mcp/elasticsearch stdio`
Config	`{ "mcpServers": { "vault-mcp-server": { "command": "docker", "args": [ "run", "-i", "--rm", "-e", "VAULT_ADDR", "-e", "VAULT_TOKEN", "-e", "VAULT_NAMESPACE", "hashicorp/vault-mcp-server" ], "env": { "VAULT_ADDR": "<your-vault-addr>", "VAULT_TOKEN": "<your-token>" } } } }`	`{ "mcpServers": { "meilisearch": { "command": "uvx", "args": ["-n", "meilisearch-mcp"], "env": { "MEILI_HTTP_ADDR": "<your-meili-url>", "MEILI_MASTER_KEY": "<your-key>" } } } }`	`{ "mcpServers": { "digitalocean": { "command": "npx", "args": ["-y", "@digitalocean/mcp", "--services", "apps,droplets,databases"], "env": { "DIGITALOCEAN_API_TOKEN": "<your-token>" } } } }`	`{ "mcpServers": { "elasticsearch-mcp-server": { "command": "docker", "args": [ "run", "-i", "--rm", "-e", "ES_URL", "-e", "ES_API_KEY", "docker.elastic.co/mcp/elasticsearch", "stdio" ], "env": { "ES_URL": "<elasticsearch-cluster-url>", "ES_API_KEY": "<elasticsearch-api-key>" } } } }`
Citations	Source repositorygithub.com 2026-06-18T00:14:21+00:00 Documentationgithub.com Websitehashicorp.com	Source repositorygithub.com 2026-06-18T00:14:21+00:00 Documentationgithub.com	Source repositorygithub.com 2026-06-18T00:14:21+00:00 Documentationgithub.com	Source repositorygithub.com 2026-06-18T00:14:21+00:00 Documentationgithub.com
Claim	Unclaimed	Unclaimed	Unclaimed	Unclaimed

Signals

Loading live community signals…