Encrypted credentialsfor your agents.
A credential store designed for AI agents. Stash API keys, OAuth tokens, time-based codes, and a dozen other credential types. Every read writes an audit entry. The vault is not a payment processor — Loomal Pay handles money. Vault holds the secrets agents need to act on their own.
Read-once API keys, refreshable OAuth tokens, time-bound 2FA codes, payment cards with separate CVV access, SSH keys for deploy automation. Every secret stored here is encrypted at rest and only returned to your agent through an authenticated REST call. Every read writes an audit entry compliance teams can actually use.
How it works
Four steps. Most fire in under a second.
Store a credential
POST a typed credential. Loomal validates the shape, encrypts it, and stores it with an audit entry.
Agent reads when it needs to act
GET the credential by name. For 2FA, request only the current code. The underlying seed stays encrypted.
Audit log captures every access
Each read writes an entry with project, time, source IP, and which agent triggered it. Filter by credential, by agent, by time range.
What you get
Built for developers who already shipped.
Encrypted with full audit log
All secrets are encrypted at rest. Every read writes an audit entry with project, time, source IP, and which agent triggered it.
2FA codes without exposing seeds
Store the seed once. Agents request the current 6-digit code on demand. The seed itself never leaves the vault.
12 credential types
Logins, API keys, OAuth, 2FA, databases, SMTP, AWS, SSH keys, certificates, cards, addresses, custom.
FAQ
Things builders ask.
Is the vault a payment processor?
What credential types are supported?
Can the vault be exported?
How is 2FA different from a password manager?
Built with Vault
Real things developers build
on top of Vault.
Ready to ship vault?
Sign up for free. No card required. Read the docs while you wait.