Playground
Tools for working with VaultAPI authentication and transit encryption — all computation is in-memory only, nothing is stored or transmitted.
Generate the Authorization header for your API requests.
The shared secret is optional — omit it to authenticate with the API key alone.
Encrypt a key-value payload using AES-GCM — same algorithm as the server's transit encryption. Requires your API key (enter it in the Signature Generator tab) and vault secret.
Decrypt a base64-encoded transit ciphertext produced by the VaultAPI server or the Encryptor tab above. Requires your API key (enter it in the Signature Generator tab) and vault secret.