Server Vault
FreeNot checkedBitwarden/Vaultwarden for agents: list tagged items, TOTP codes, one-time Sends, save new secrets.
About
Bitwarden/Vaultwarden for agents: list tagged items, TOTP codes, one-time Sends, save new secrets.
README
Bitwarden / Vaultwarden MCP server — BYOK vault access for AI agents.
Exposes 6 tools over stdio. Secret values are never sent in plaintext through list_vault_items or get_vault_metadata — secrets are delivered only through Bitwarden Sends (E2E-encrypted one-time URLs).
Install
npx -y @aiwerk/mcp-server-vault
Configure
| Variable | Required | Default | Description |
|---|---|---|---|
VAULT_API_BASE |
✅ | — | Base URL of your Bitwarden/Vaultwarden instance (no trailing slash), e.g. https://pass.aiwerk.ch |
VAULT_CLIENT_ID |
✅ | — | Personal API key client_id (e.g. user.abc-def-1234) |
VAULT_CLIENT_SECRET |
✅ | — | Personal API key client_secret |
VAULT_MASTER_PASSWORD |
✅ | — | Vault master password (used for E2E decryption key derivation) |
VAULT_EXPOSED_COLLECTION |
— | mcp-exposed |
Name of the collection visible to agents |
VAULT_AGENT_CREATED_COLLECTION |
— | mcp-agent-created |
Name of the collection for agent-created secrets |
VAULT_API_TIMEOUT_MS |
— | 15000 |
HTTP timeout in milliseconds |
DRY_RUN |
— | 0 |
Set 1 to log write operations without executing them |
READ_ONLY |
— | 0 |
Set 1 to block all write operations (Send creation and save) |
Auth — Personal API Key
- Log in to your Bitwarden/Vaultwarden instance
- Go to Account Settings → Security → Keys → API Key
- Note the
client_idandclient_secret - Reference: https://bitwarden.com/help/personal-api-key/
Vault Setup
Before using this server, create two collections in your Vaultwarden organization:
mcp-exposed— items you want to expose to agents (your existing secrets: API keys, passwords, etc.)mcp-agent-created— items written by agents viasave_generated_secret
Add items to mcp-exposed via the Vaultwarden web UI.
Custom fields
Optionally add these custom fields to items in mcp-exposed for fine-grained control:
| Field | Type | Purpose |
|---|---|---|
mcp-scope |
text | Comma-separated glob list of tool/server names allowed to use this item (e.g. stripe.*,openai) |
mcp-chat-reveal-allowed |
text | "true" to allow chat delivery of the Send URL |
mcp-delivery-channel |
text | "chat" (default), "telegram", or "email" |
Tools
| Tool | Description |
|---|---|
list_vault_items |
List items from mcp-exposed and mcp-agent-created. Returns metadata only — no secret values. |
get_vault_metadata |
Get full metadata for a named item (name, type, username, URIs, custom fields, expiry). No password/secret. |
reveal_secret_via_send |
Reveal a secret via a Bitwarden Send (E2E-encrypted one-time URL with configurable TTL and max-views). |
get_totp_code |
Get the current TOTP code for a login item, including remaining seconds in the period. |
save_generated_secret |
Save an agent-generated secret (password / api-key) into mcp-agent-created as a secure note. CREATE-only — no overwrite. |
save_login_item |
Save sign-in credentials (username + password + optional URL + TOTP seed) into mcp-agent-created as a real login item. CREATE-only — no overwrite. |
health_check |
Check connectivity: auth status, API version, collection visibility, item counts, latency. |
Security model
- Opt-in exposure: only items in
mcp-exposedormcp-agent-createdare accessible; all other items returnitem_not_visible - Read-only existing items: no
update_*,delete_*, orchange_*tools exist - Secret value delivery via Send only:
list_vault_itemsandget_vault_metadatanever return passwords, TOTP seeds, or api-key values - E2E encryption preserved: the server decrypts vault data locally (master password stays in env vars, never sent over the wire)
- Constrained agent writes:
save_generated_secretandsave_login_itemare CREATE-only into the dedicatedmcp-agent-createdcollection
Note: Actual
{{vault:NAME}}placeholder resolution in tool call arguments happens in the AIWerk hosted bridge, not in this server. The bridge's resolution uses the same BYOC credentials. See the bridge-patch companion document for details.
License
MIT — AIWerk [email protected]
Homepage: https://aiwerkmcp.com
Install Server Vault in Claude Desktop, Claude Code & Cursor
unyly install mcp-server-vaultInstalls into Claude Desktop, Claude Code, Cursor & VS Code — handles npx, uvx and build-from-source repos for you.
First time? Get the CLI: curl -fsSL https://unyly.org/install | sh
Or configure manually
Run in your terminal:
claude mcp add mcp-server-vault -- npx -y @aiwerk/mcp-server-vaultFAQ
Is Server Vault MCP free?
Yes, Server Vault MCP is free — one-click install via Unyly at no cost.
Does Server Vault need an API key?
No, Server Vault runs without API keys or environment variables.
Is Server Vault hosted or self-hosted?
Self-hosted: the server runs locally on your machine via the install command above.
How do I install Server Vault in Claude Desktop, Claude Code or Cursor?
Open Server Vault on unyly.org, pick your client tab (Claude Desktop, Claude Code, Cursor) and press Install — the config is generated automatically, no JSON editing.
Related MCPs
GitHub
PRs, issues, code search, CI status
by GitHubFilesystem
Secure file operations with configurable access controls.
Memory
Knowledge graph-based persistent memory system.
Template MCP Server
A CLI tool to create a new Model Context Protocol server project with TypeScript support, dual transport options, and an extensible structure
by mcpdotdirectCompare Server Vault with
Not sure what to pick?
Find your stack in 60 seconds
Author?
Embed badge for your README
Browse similar
All development MCPs
