Documentation

Zero to vaulted.
Ten minutes flat.

Grab a key, install an SDK, make three calls. This page is the whole path - from empty project to encrypted records your app can compute on without ever seeing plaintext.

  • API v1
  • @vaulty/sdk 1.x
  • MCP 1.x

1. Get an API key

Every request to Vaulty is authenticated with a project API key. Getting one takes about a minute:

  1. Create an account atconsole.vaulty.xyz - free, no card required.
  2. Create a project. Every project gets its own isolated, HSM-backed keys, born inside FIPS 140-2 hardware.
  3. Copy your vk_test_… key and export it where your code can reach it:
terminal
# Copy the key from Console → your project → API keys
export VAULTY_API_KEY=vk_test_xxx

Test vs. live: vk_test_… keys write to an isolated sandbox vault and are free forever. vk_live_… keys encrypt production data - same API, real records. Both are secrets: keep them server-side or in your agent's MCP environment, never in client code.

2. Install an SDK

Official SDKs for Node.js and Python, with more on the way. Or skip the SDK entirely - every call maps 1:1 to plain REST.

npm - Node.js
npm i @vaulty/sdk
pip - Python
pip install vaulty
REST - any language
# No SDK required - the whole API is plain REST.
#   Base URL:  https://api.vaulty.xyz/v1
#   Auth:      Authorization: Bearer $VAULTY_API_KEY
# All five endpoints are in the API overview below.

3. Store, compute, retrieve

Three calls cover almost everything you'll do with Vaulty. Store plaintext once, hold a reference forever, and let secure enclaves do the reading.

Store - plaintext in, reference out

store.js - @vaulty/sdk
import { Vaulty } from '@vaulty/sdk';

const vault = new Vaulty(process.env.VAULTY_API_KEY);

// Plaintext goes in exactly once - encrypted with AES-256-GCM
// on arrival, under keys that never leave FIPS 140-2 HSMs
const ref = await vault.store({
  user: 'usr_8f3a2c',
  data: { email: 'amelia@example.com', ssn: '514-22-9048' },
  policy: { unlock: 'user-auth' },
});

console.log(ref); // 'ref_9f27ac31'

store() returns a reference - an opaque token likeref_9f27ac31. Save the ref in your database instead of the data. Refs are safe to log, index, and hand to AI agents; they decrypt nothing on their own.

Compute - answers without exposure

compute.js - @vaulty/sdk
// Operate on encrypted data inside a secure enclave -
// your app gets answers, never the underlying values
const last4 = await vault.compute(ref, 'mask:last4', { field: 'ssn' });
// => '•••-••-9048'

const check = await vault.compute(ref, 'validate:ssn', { field: 'ssn' });
// => { valid: true }

compute() runs masking, validation, search, and tokenization inside secure enclaves (AWS Nitro Enclaves). The record is decrypted only within enclave memory - the host OS, your app, and Vaulty's own operators see nothing but ciphertext.

Retrieve - the only path to plaintext

retrieve.js - @vaulty/sdk
// The ONLY path back to plaintext - and policy guards it.
// This record was stored with { unlock: 'user-auth' }, so
// decryption requires a fresh assertion from the end user:
// a passkey, biometric, MFA, or email/SMS code.
const record = await vault.retrieve(ref, {
  authContext: assertion, // from your end-user auth flow
});

retrieve() is deliberately the hardest call to make. It only succeeds if the record's policy allows it - and when the policy binds decryption to the end user, no auth context means no plaintext. Not for you, not for your admins, not for Vaulty.

The same store call, raw REST

curl - POST /records
curl https://api.vaulty.xyz/v1/records \
  -H "Authorization: Bearer $VAULTY_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
        "user": "usr_8f3a2c",
        "data": { "email": "amelia@example.com", "ssn": "514-22-9048" },
        "policy": { "unlock": "user-auth" }
      }'

# => { "ref": "ref_9f27ac31" }

4. Give your AI agent access

Agents shouldn't carry secrets in their context windows. Add the Vaulty MCP server and your agent gets vault_store, vault_retrieve,vault_compute, vault_grant, and vault_auditas native tools - passing refs instead of raw values.

mcp.json
{
  "mcpServers": {
    "vaulty": {
      "command": "npx",
      "args": ["-y", "@vaulty/mcp"],
      "env": { "VAULTY_API_KEY": "vk_test_..." }
    }
  }
}

Remote host? Connect via Streamable HTTP at https://mcp.vaulty.xyz. Tool schemas, agent policy patterns, and the full walkthrough live in theMCP reference.

API overview

Every endpoint lives under https://api.vaulty.xyz/v1 and authenticates with Authorization: Bearer $VAULTY_API_KEY. Five endpoints cover the entire surface:

EndpointPurposeReturns
POST /recordsEncrypt and store sensitive dataA reference (ref_…)
GET /records/:refRetrieve plaintext - requires a user auth context when the policy is user-boundThe decrypted record
POST /computeRun an enclave operation (mask, validate, search, tokenize) on a refThe operation result only
POST /grantsDelegate scoped, expiring access to a service, teammate, or agentA grant id and expiry
GET /auditQuery the access history for a project or a single refImmutable audit events

Concepts

Six words that appear everywhere in these docs.

Record
An encrypted object in the vault. Sealed with AES-256-GCM the moment it arrives; Vaulty never stores plaintext.
Reference (ref)
The opaque token (like ref_9f27ac31) returned when you store a record. It replaces the data in your systems and is safe to log, index, and share with agents.
Policy
Rules attached to a record at store time: who may decrypt, which compute operations are allowed, and when access expires.
Grant
A scoped, time-boxed delegation of access to a record or operation - for a service, a teammate, or an AI agent. Revocable at any time.
Enclave operation
A computation - mask, validate, search, tokenize, transform - executed on encrypted data inside a secure enclave. Results come out; plaintext never does.
User-bound key
An encryption key tied to end-user authentication: passkey, biometrics, MFA, or email/SMS code. Without the user, nobody decrypts - not the developer, not admins, not Vaulty.

Error codes

Errors come back as JSON with a stable code field. The four you'll actually see:

StatusCodeMeaning
401invalid_api_keyThe key is missing, malformed, or revoked. Check$VAULTY_API_KEY - and whether you meant test or live.
403policy_deniedThe record's policy refused the operation - usually a missing user auth context or an expired grant.
404unknown_refNo record matches that reference in this project. Refs don't cross projects.
429rate_limitedToo many requests. Back off and retry - limits scale withyour plan.

Ready to vault something real?

Test keys are free, sandboxed, and take about a minute. Swap in a live key when you're ready for production.

AI agent? Connect our MCP server: npx -y @vaulty/mcp - see vaulty.xyz/mcp