{"library":"node-vault","title":"Node.js Client for HashiCorp Vault","description":"node-vault is a JavaScript client library for interacting with HashiCorp's Vault HTTP API, primarily designed for Node.js environments. The current stable version is 0.12.0, requiring Node.js 18.0.0 or higher. The project demonstrates a consistent release cadence with several minor and patch releases in the past year, indicating active maintenance. It provides a comprehensive wrapper around the Vault API, simplifying operations such as secret management (read, write, update, delete, list), authentication (e.g., Kubernetes Auth, token-based), and server lifecycle management (init, unseal). A key differentiator is its direct support for TypeScript with included definitions and its focus on being a reliable, actively developed client for Node.js users needing to integrate with Vault. It also allows configuration via environment variables for common Vault settings.","language":"javascript","status":"active","last_verified":"Sun Apr 19","install":{"commands":["npm install node-vault"],"cli":null},"imports":["import vault from 'node-vault';","const vault = require('node-vault');","import type { ClientOptions } from 'node-vault';"],"auth":{"required":false,"env_vars":[]},"quickstart":{"code":"import vault from 'node-vault';\n\nasync function runVaultOperations() {\n  const vaultClient = vault({\n    apiVersion: 'v1',\n    endpoint: process.env.VAULT_ADDR ?? 'http://127.0.0.1:8200',\n    token: process.env.VAULT_TOKEN ?? '', // Recommended to use VAULT_TOKEN env var for actual usage\n  });\n\n  if (!vaultClient.token) {\n    console.warn(\"VAULT_TOKEN environment variable not set. Operations requiring authentication will likely fail.\");\n  }\n\n  const secretPath = 'secret/data/my-app/config';\n  const dataToWrite = {\n    value: 'super-secret-data-' + Date.now(),\n    environment: 'development'\n  };\n\n  try {\n    console.log(`Writing secret to ${secretPath}...`);\n    await vaultClient.write(secretPath, { data: dataToWrite });\n    console.log('Secret written successfully.');\n\n    console.log(`Reading secret from ${secretPath}...`);\n    const result = await vaultClient.read(secretPath);\n    console.log('Secret read:', result.data.data);\n\n    console.log('Listing secrets in secret/metadata/my-app/');\n    const listResult = await vaultClient.list('secret/metadata/my-app/');\n    console.log('Listed keys:', listResult.data.keys);\n\n    console.log(`Updating secret at ${secretPath}...`);\n    await vaultClient.update(secretPath, { data: { updatedField: 'newValue' } });\n    console.log('Secret updated successfully.');\n\n    console.log(`Deleting secret at ${secretPath}...`);\n    await vaultClient.delete(secretPath);\n    console.log('Secret deleted successfully.');\n\n  } catch (error: any) {\n    console.error('Vault operation failed:', error.message);\n    if (error.response?.data) {\n      console.error('Vault API Error Details:', error.response.data);\n    }\n    if (error.message.includes('permission denied')) {\n        console.error('Ensure your Vault token has appropriate policies (read, write, list, delete) for secret/data/my-app/.');\n    }\n  }\n}\n\nrunVaultOperations();","lang":"typescript","description":"This quickstart demonstrates how to initialize the node-vault client, write, read, list, update, and delete a secret using environment variables for configuration. It includes basic error handling.","tag":null,"tag_description":null,"last_tested":null,"results":[]},"compatibility":null}