Skip to main content
POST /api/v1/cloud/vaults Creates a new Vault. A Vault is used to securely store credentials for MCP servers. Add credentials with Create a credential after creating the Vault.

Headers

HeaderRequiredDescription
AuthorizationYesBearer $QODER_PAT
Content-TypeYesapplication/json

Request body

FieldTypeRequiredDescription
display_namestringYesVault display name, maximum 255 characters
metadataobjectNoCustom metadata

Example request

curl -X POST https://api.qoder.com/api/v1/cloud/vaults \
  -H "Authorization: Bearer $QODER_PAT" \
  -H "Content-Type: application/json" \
  -d '{
    "display_name": "my-mcp-vault",
    "metadata": {"team": "docs"}
  }'

Example response

HTTP 200 OK
{
  "id": "vault_019e3bb940277f0db05ab74291acf6ef",
  "type": "vault",
  "display_name": "my-mcp-vault",
  "metadata": {
    "team": "docs"
  },
  "credentials": [],
  "archived_at": null,
  "created_at": "2026-05-18T15:34:16.874877Z",
  "updated_at": "2026-05-18T15:34:16.874877Z"
}

Response fields

FieldTypeDescription
idstringVault unique identifier with the vault_ prefix
typestringAlways "vault"
display_namestringVault display name
metadataobjectCustom metadata
credentialsarrayEmpty array for normal create requests
archived_atstring | nullArchive time, or null when active
created_atstringCreation time (ISO 8601)
updated_atstringLast update time (ISO 8601)

Errors

HTTPTypeTrigger
400invalid_request_errorMissing display_name, invalid display_name, invalid metadata, or too many inline credentials
401TOKEN_INVALIDMissing or invalid authentication token
See Errors for the full error envelope.

Authenticate with vaults

Store and inject secrets safely into agent sessions.