• HashiCorp Developer

  • HashiCorp Cloud Platform
  • Terraform
  • Packer
  • Consul
  • Vault
  • Boundary
  • Nomad
  • Waypoint
  • Vagrant
Vault
  • Install
  • Tutorials
  • Documentation
  • API
  • Try Cloud(opens in new tab)
  • Sign up
Vault Home

Documentation

Skip to main content
  • Documentation
  • What is Vault?
  • Use Cases

  • Browser Support
  • Installing Vault

  • Vault Integration Program
  • Vault Interoperability Matrix
  • Troubleshoot






  • Glossary


  • Resources

  • Tutorial Library
  • Certifications
  • Community Forum
    (opens in new tab)
  • Support
    (opens in new tab)
  • GitHub
    (opens in new tab)
  1. Developer
  2. Vault
  3. Documentation
  • Vault
  • v1.11.x
  • v1.10.x
  • v1.9.x
  • v1.8.x
  • v1.7.x
  • v1.6.x
  • v1.5.x
  • v1.4.x

Vault Documentation

Vault is an identity-based secret and encryption management system. This documentation covers the main concepts of Vault, what problems it can solve, and contains a quick start for using Vault.

  •  API

Use Cases

Secrets Management

Centrally store, access, and deploy secrets across applications, systems, and infrastructure.

  •  
    KV Secrets Engine
    A generic Key-Value store used to store arbitrary secrets within the configured physical storage for Vault.
  •  
    Database Credentials
    Generate database credentials dynamically based on configured roles.
  •  
    Kubernetes Secrets
    Deploy Vault into Kubernetes using the official HashiCorp Vault Helm chart.

Encryption Services

Securely handle data such as social security numbers, credit card numbers, and other types of compliance-regulated information.

  •  
    Transit Secrets Engine
    Apply cryptographic functions on data in-transit. Sign and verify data, generate hashes and HMACs of data, and act as a source of random bytes.
  •  
    Transform Secrets Engine
    Handle secure data transformation and tokenization against a provided input value using NIST vetted cryptographic standards and other transformations such as masking.
  •  
    Tokenization
    Exchange a sensitive value for an unrelated value called a token. The original sensitive value cannot be recovered from a token alone but is irreversible.

Key Management

Use a standardized workflow for distribution and lifecycle management of cryptographic keys in various KMS providers.

  •  
    KMIP Secrets Engine
    Act as a key management interoperability protocol server provider and handle the lifecycle of its KMIP managed objects.
  •  
    Key Management Secrets Engine
    A consistent workflow for distribution and lifecycle management of cryptographic keys in key management service (KMS) providers.
  •  
    PKI
    Generate dynamic X.509 certificates without going through the manual process of generating a private key and CSR or submitting to a CA.

Developers

  •  Developer Quick Start
  •  Client Libraries
  •  Sample Integrations
  •  Code Samples

On this page

  1. Vault Documentation
  2. Use Cases
  3. Developers
Give Feedback(opens in new tab)
  • Certifications
  • System Status
  • Terms of Use
  • Security
  • Privacy
  • Trademark Policy
  • Trade Controls
  • Give Feedback(opens in new tab)