LOOMAL
SDK / API ReferenceVault

Get Credential

Get a decrypted credential by name

Scope: vault:read

Returns the decrypted credential. TOTP secrets are redacted — use the TOTP endpoint instead.

Request

import { Loomal } from "@loomal/sdk";

const loomal = new Loomal({ apiKey: process.env.LOOMAL_API_KEY! });
const credential = await loomal.vault.get("stripe");
import os
from loomal import Loomal

loomal = Loomal(api_key=os.environ["LOOMAL_API_KEY"])
credential = loomal.vault.get("stripe")
loomal vault get stripe
vault.get(name="stripe")

Available through @loomal/mcp — see MCP setup.

curl https://api.loomal.ai/v0/vault/stripe \
  -H "Authorization: Bearer loid-your-api-key"

Response

{
  "credentialId": "cred_abc123",
  "type": "API_KEY",
  "name": "stripe",
  "metadata": { "service": "stripe", "prefix": "sk_live_...c123" },
  "data": { "key": "sk_live_abc123..." },
  "hasTOTP": false,
  "expiresAt": null,
  "lastUsedAt": "2026-03-30T10:00:00Z",
  "lastRotatedAt": null,
  "createdAt": "2026-03-29T03:00:00Z"
}

If the credential has a TOTP secret, data.secret is replaced with "[use /v0/vault/:name/totp]" and hasTOTP is true.

Errors

StatusCodeDescription
404not_foundCredential not found
410expiredCredential has expired

List Credentials

List all credentials in the vault

Store Credential

Store or update a credential in the vault

On this page

RequestResponseErrors