Vault-API

1.1.2 verified Sat Apr 25 auth: no javascript maintenance

vault-api is an Axios-like Node.js library for interacting with Hashicorp Vault. Currently at version 1.1.2 (last updated December 2021), it supports KV v1 and v2 secrets engines. It provides a simple, promise-based API similar to Axios for reading and writing secrets. The library is TypeScript-compatible with included type definitions. No major updates since 2021.

Common errors

error Cannot find module 'vault-api' ↓

cause Package not installed or path incorrect.

fix

Run npm install vault-api and ensure your import path is correct.

error TypeError: vault is not a function ↓

cause Importing incorrectly, e.g., using default import when named import expected.

fix

Use import vault from 'vault-api' (default import) or const { vault } = require('vault-api').

error Response { status: 404, data: { errors: ['no handler for route'] } } ↓

cause The Vault server does not have the requested path or secret engine mounted.

fix

Verify the Vault server is running and the secret engine is enabled at that path.

Warnings

gotcha The library does not handle Vault authentication (token, approle, etc.) automatically. You must authenticate via Vault's auth endpoints first or set environment variables. ↓

fix Ensure you either authenticate before using vault() or set VAULT_TOKEN environment variable.

gotcha The library only supports KV v1 and v2 engines. Other Vault secret engines (e.g., database, transit, PKI) are not supported. ↓

fix Use another library (like node-vault) for non-KV engines.

gotcha The 'config' parameter in convenience methods (added in 1.1.0) is optional but if misused can cause silent failures. ↓

fix Refer to the library's wiki for proper configuration.

Install

npm install vault-api

yarn add vault-api

pnpm add vault-api

Imports

default (vault function)
wrong
```
const vault = require('vault-api')
```
correct
```
import vault from 'vault-api'
```
ESM import is preferred. CommonJS require also works but may have compatibility issues in strict ESM environments.
vault (named import)
wrong
```
import { vault } from 'vault-api'
```
correct
```
import { vault } from 'vault-api'
```
Both default and named imports are valid and refer to the same function.
Vault types
```
import type { VaultConfig } from 'vault-api'
```
TypeScript types are bundled. Use `import type` for type-only imports.

Quickstart

Basic read/write operations using vault-api with Axios-like configuration object.

import vault from 'vault-api';

// Write a secret
vault({
  method: 'write',
  path: 'secret/apiKey',
  data: {
    webApp: '5cfdf55e-cfa9-5da8-b2b2-64f30a462a09'
  }
}).then(() => console.log('Written successfully'))
.catch(err => console.error(err));

// Read a secret
vault({
  method: 'read',
  path: 'secret/apiKey'
}).then(response => {
  console.log(response.data);
}).catch(err => console.error(err));