Skip to main content
Agent Vault is an open source vault and proxy service by Infisical that sits between AI agents and the APIs they call including LLM providers, GitHub, Stripe, and more. Check out the GitHub repository.
Need an enterprise-grade solution? Infisical offers managed Agent Vault with enterprise support, SLAs, and advanced features. Book a demo with us to learn more.
Agent Vault works with all kinds of AI Agent use-cases including secure remote coding agents, all-purpose agents, custom agents + harnesses, secure ephemeral sandboxes and more. Agents like Claude Code or OpenClaw route HTTP requests through an Agent Vault server, which swaps dummy credentials for real ones (or replaces auth headers entirely), before forwarding the request to the target service. 
+-----------------------------------------------------------------+
| Public internet                                                 |
|                                                                 |
|   api.anthropic.com    api.github.com    api.stripe.com   ...   |
|          ^                   ^                  ^               |
+----------+-------------------+------------------+---------------+
           |                   |                  |
           +-------------------+------------------+
                               | outbound HTTPS, Agent Vault
                               | injects credentials on the way out
+------------------------------+----------------------------------+
| Private network              |                                  |
|                              |                                  |
|  +---------------------------+----+     +--------------------+  |
|  | Agent Vault                    |     | AI agent           |  |
|  | :14321  management UI / API    |<----| HTTPS_PROXY=       |  |
|  | :14322  MITM proxy             |     | agent-vault:14322  |  |
|  +----------------^---------------+     +--------------------+  |
|                   |                                             |
+-------------------+---------------------------------------------+
                    | operator access: keep private, or front
                    | with TLS + auth (SSO reverse proxy, IP
                    | allowlist, or VPN) if you need remote admin
                    |
                Operator

Why Agent Vault

Traditional secrets management involves returning credentials back to you applications and services. This is not suitable for AI agents because they are vulnerable to credential exfiltration via prompt injection; an attacker could craft a malicious prompt or payload and exfiltrate credentials from an agent back to the attacker. Enter Agent Vault - a new credential management solution built for agents that prevents credential exfiltration with ergonomic, agent-first design.

How it works

Start by setting up an instance of Agent Vault on a separate host machine:
  1. You install the Agent Vault binary or deploy an instance with Docker.
  2. You configure Agent Vault with the credentials and service credential substitution rules to enable Agent Vault to broker credentials for your AI agent.
  3. You configure an agent in Agent Vault to represent your AI agent and obtain a token for it. If your workflow involves using an orchestrator backend to spin up ephemeral sandboxed agents, you can use the agent construct to represent your orchestrator and mint a short-lived token to be passed into the sandbox for the agent to use and proxy requests through Agent Vault.
Next, you configure your AI agent to connect to Agent Vault:
  1. You bootstrap your AI agent’s environment to automatically route all outbound HTTP and HTTPS traffic through Agent Vault. This can be done with the Agent Vault CLI and setting AGENT_VAULT_ADDR, AGENT_VAULT_TOKEN, and AGENT_VAULT_VAULT in the agent’s environment.
  2. You give your AI agent dummy credentials like __anthropic_api_key__ or __github_pat__ to use when making API calls.
That’s it! Your AI agent is now able to make authenticated API calls to LLM providers and other HTTP services through any interface (API, CLI, SDK, MCP, etc.) without holding any real credentials. Agent Vault matches the target host on the proxied request against the configured service rules, performs any required credential substitutions, and forwards the reconstructed request upstream to the target service.

Get started

Installation

Deploy Agent Vault, start a server, and register.

Quickstart

Claude Code

Connect Claude Code to Agent Vault.

Cursor

Connect Cursor to Agent Vault.

Codex

Connect Codex to Agent Vault.

OpenClaw

Connect OpenClaw to Agent Vault.

Hermes Agent

Connect Hermes Agent to Agent Vault.

OpenCode

Connect OpenCode to Agent Vault.

Custom Agent

Connect any HTTP-capable agent.