MCPTools Reference

vault.get

Get a decrypted credential from the vault

Scope: vault:read

Retrieve a decrypted credential. TOTP secrets are redacted — use vault.totp instead.

Parameters

Name	Type	Required	Description
`name`	`string`	Yes	Credential name (e.g. 'stripe-api')

Example

Agent: "Get my Stripe API key"

-> vault.get({ name: "stripe-api" })

Returns

{
  "credentialId": "cred-abc",
  "type": "API_KEY",
  "name": "stripe-api",
  "metadata": { "service": "stripe" },
  "data": { "key": "sk_live_..." },
  "hasTOTP": false,
  "expiresAt": null,
  "lastUsedAt": "2026-03-30T10:00:00.000Z",
  "lastRotatedAt": null,
  "createdAt": "2026-03-01T10:00:00.000Z"
}

REST Equivalent

GET /v0/vault/:name

vault.list

List all credentials in the vault

vault.totp

Generate a TOTP 2FA code

On this page

Parameters Example Returns REST Equivalent