Wondering what’s next for npm?Check out our public roadmap! »

    DefinitelyTyped icon, indicating that this package has TypeScript declarations provided by the separate @types/node-vault package

    0.9.21 • Public • Published


    Build Status Coverage Status Download Status Dependency Status Open Collective backers and sponsors

    A client for the HTTP API of HashiCorp's Vault written for Node.js.


    make sure to use node.js version >= 6

    npm install node-vault


    Run tests inside docker to do also nice integration testing:

    docker-compose up --force-recreate test

    This will create containers for vault, postgres and running the tests inside docker.


    init and unseal

    var options = {
      apiVersion: 'v1', // default
      endpoint: '', // default
      token: '1234' // optional client token; can be fetched after valid initialization of the server
    // get new instance of the client
    var vault = require("node-vault")(options);
    // init vault server
    vault.init({ secret_shares: 1, secret_threshold: 1 })
    .then( (result) => {
      var keys = result.keys;
      // set token for all following requests
      vault.token = result.root_token;
      // unseal vault server
      return vault.unseal({ secret_shares: 1, key: keys[0] })

    write, read and delete secrets

    vault.write('secret/hello', { value: 'world', lease: '1s' })
    .then( () => vault.read('secret/hello'))
    .then( () => vault.delete('secret/hello'))


    Just generate docco docs via npm run docs.


    Please have a look at the examples and the generated feature list to see what is already implemented.

    Instead of installing all the dependencies like vault itself, postgres and other stuff you can use docker and docker-compose to link and run multiple docker containers with all of its dependencies.

    git clone git@github.com:kr1sp1n/node-vault.git
    cd node-vault
    docker-compose up vault

    Now you can run the examples from another terminal window.

    First of all you should initialize and unseal the vault:

    node example/init.js

    You should see root_token: followed by a long key in the response. Please copy that long key and export it as environment variable:

    export VAULT_TOKEN=<insert long key here>

    Now you are able to run all of the other examples:

    node example/policies.js

    Connecting to vault through a bastion host

    To connect to a vault server in a private network with a bastion host, you'll need to first open a connection:

    ssh -D <socks4Port> bastion.example.com
    const SocksProxyAgent = require('socks-proxy-agent');
    const agent = new SocksProxyAgent(`socks://${socks4Port}`, true);
    const options = {
      apiVersion: 'v1',
      rpOptions: {
    const vault = require('node-vault')(options);



    npm i node-vault

    DownloadsWeekly Downloads






    Unpacked Size

    47.8 kB

    Total Files


    Last publish


    • avatar
    • avatar
    • avatar
    • avatar
    • avatar
    • avatar
    • avatar