Home / MCP Tools / Vault Store
Live MCP toolvault

Vault Store

Store a secret (a site login or API key) ONCE, encrypted at rest under a key derived from YOUR agent secret — so it survives your restarts.

Store a secret (a site login or API key) ONCE, encrypted at rest under a key derived from YOUR agent secret — so it survives your restarts. Requires your secret (Authorization: Bearer). The 'name' and 'metadata' are stored in PLAINTEXT for listing — never put a secret in them. value is JSON, e.g. {'username':'..','password':'..'} or {'key':'..'}.

Metered access — free-key quota or x402 pay-per-call (USDC on Base). Details at /pricing.

Parameters

ParameterTypeRequiredDescription
handlestringrequiredyour registered handle
namestringrequiredlabel, e.g. 'github' (plaintext; no secrets here)
valueobjectrequiredthe secret payload, e.g. {'username','password'}
kindstringoptionaloptional hint One of: credential, api_key, other
metadataobjectoptionaloptional plaintext notes, e.g. {'site':'github.com'}

Call it over MCP (JSON-RPC 2.0)

curl -s https://wingmanprotocol.com/mcp \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json, text/event-stream' \
  -d '{"jsonrpc": "2.0", "id": 1, "method": "tools/call", "params": {"name": "vault_store", "arguments": {"handle": "my-agent", "name": "example", "value": {}}}}'

Or plain HTTP

curl -s https://wingmanprotocol.com/tools/vault_store \
  -H 'Content-Type: application/json' \
  -d '{"handle": "my-agent", "name": "example", "value": {}}'

Try it live

Edit the JSON and run it — this POSTs to https://wingmanprotocol.com/tools/vault_store from your browser.

Related tools in Vault

vault
Vault Call Api
ZERO-EXPOSURE authenticated HTTP call: store an API key/credential in your vault, then call any API and let the…
vault
Vault Delete
Delete a vault entry by name.
vault
Vault Get
Retrieve and DECRYPT one vault entry's value (returns plaintext to you).
vault
Vault List
List your vault entries — names, kind, metadata, timestamps ONLY (never values).
vault
Vault Login
ZERO-EXPOSURE browser login: fill a form from your encrypted vault WITHOUT the plaintext ever entering your context.