A Vault is a secure logical container for credentials with services that define how agents can proxy requests through it.
Each vault contains:
- Credentials: API keys, database credentials, and other sensitive material that cannot be extracted from the vault.
- Services: Definitions of which hosts (e.g.
api.stripe.com) can be accessed through the vault along with which and how credential(s) must be attached onto each proxy request.
- Members: Users and agents that can access the vault under specific roles (
admin, member, proxy).
- Proposals: Requests from agents to set credential(s) and/or add service(s) that use those credentials.
Note that a default vault is created automatically for the first user of
Agent Vault (called the instance owner). Create a vault
agent-vault vault create my-vault
agent-vault vault list
Bind a project to a vault
Run vault init inside your project directory to create an agent-vault.json file that binds the project to a specific vault:
This file is meant to be committed to version control. When present, all team members and agents running in that directory will automatically target the bound vault without needing --vault flags or per-user context.
Vault resolution priority: --vault flag > AGENT_VAULT_VAULT env var > agent-vault.json > user context > "default".
Invite agents to a vault
For any agent you can paste a prompt into (cloud-hosted, chat-based, CI pipelines, or always-on assistants).Create the invite
agent-vault agent invite my-agent --vault my-vault:proxy
--vault flag pre-assigns vault access (format: name:role).Paste into the agent's chat
The agent redeems the invite automatically and receives an agent token.
Invite users to a vault
Send the invite
agent-vault user invite alice@example.com --vault my-vault:admin
Invitee accepts
The invitee clicks the link and lands on a browser acceptance page.
- New users set their password on acceptance and their account is created
automatically.
- Existing users get the vault grant applied immediately.
Verify membership
agent-vault vault user list --vault my-vault
Manage members and agents
# List vault members
agent-vault vault user list --vault my-vault
# Remove a member
agent-vault vault user remove alice@example.com --vault my-vault
# Change vault role
agent-vault vault user set-role alice@example.com --role member --vault my-vault
# List agents in a vault
agent-vault vault agent list --vault my-vault
# View agent details (instance-level)
agent-vault agent info my-agent
# Rotate an agent's session (instance-level)
agent-vault agent rotate my-agent
# Rename an agent (instance-level)
agent-vault agent rename my-agent new-name
# Remove an agent from this vault
agent-vault vault agent remove my-agent
Delete a vault
Vault admins can delete the vaults they manage. Instance owners can also delete any vault.
agent-vault vault delete my-vault
--yes to skip the confirmation prompt.
Owner-level vault management
Instance owners can see and manage all vaults across the instance, regardless of vault membership.
# List ALL vaults (owner only)
agent-vault owner vault list
# Join a vault as admin (owner only)
agent-vault owner vault join my-vault
# Delete a vault (owner only)
agent-vault owner vault delete my-vault
If a user is deleted and their vaults become orphaned (no remaining members),
an instance owner can always join those vaults to recover access. User deletion
only removes the user and their vault grants — vaults and their data stay
intact.