Authentication
The Vault MCP Server authenticates each request with an API access token. The Vault MCP Server does not support OAuth 2.0 or basic authentication.
Generate an access token from your user profile in the Vault UI or via Vault API. Learn more about generating API access tokens in Vault Help
After you generate an access token, add the access token's value as a Bearer token in the Authorization header of every request.
Your access token is specific to the Vault for which it was generated. If the Vault ID does not match the DNS host in the request URL, the server returns HTTP 401 Unauthorized and refuses the connection. Sessions expire 8 hours after initialization.