PHPackages ectica/laravel\_vault - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. ectica/laravel\_vault ActiveLibrary[Security](/categories/security) ectica/laravel\_vault ===================== A Laravel package that helps you easily integrate and manage secrets from HashiCorp Vault, with caching and env/config-style access. 1.1.2(3mo ago)02MITPHPPHP ^8.0 Since Jun 21Pushed 3mo agoCompare [ Source](https://github.com/ectica/laravel_vault)[ Packagist](https://packagist.org/packages/ectica/laravel_vault)[ Docs](https://github.com/thetribeofdan/laravel_vault)[ Fund](https://flutterwave.com/donate/43xu0cajjq1f)[ GitHub Sponsors](https://github.com/thetribephotography)[ RSS](/packages/ectica-laravel-vault/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (2)Dependencies (1)Versions (9)Used By (0) πŸ” Laravel Hashicorp Vault Package ================================= [](#-laravel-hashicorp-vault-package) Easily integrate HashiCorp Vault secrets into your Laravel project with zero friction. This package allows you to manage secrets via Vault while maintaining Laravel's native `config('...')` access style β€” just like you would with `.env` files. --- What is HashiCorp Vault? ======================== [](#what-is-hashicorp-vault) HashiCorp Vault is a tool for securely storing and accessing tokens, passwords, certificates, encryption keys, and other sensitive data. Kindly see More Here: --- πŸš€ Why Use This Package? ----------------------- [](#-why-use-this-package) Managing secrets in Laravel shouldn't require rewriting your entire application just to integrate with HashiCorp Vault. This package was built to solve one simple but powerful problem: > βœ… **Seamlessly upgrade from `.env`-based config to Vault-based secret management β€” without touching how your app reads secrets.** If you're using Laravel’s `config('app.secret_key')` or similar patterns, this package lets you continue doing that while the underlying secrets are pulled from Vault securely. --- πŸ” What Makes This Package Different? ------------------------------------ [](#-what-makes-this-package-different) ### 🧩 1. Plug-and-Play with Laravel’s Config System [](#-1-plug-and-play-with-laravels-config-system) You don't need to rewrite your codebase. Just map your Vault keys to Laravel config keys, and call them as you always have: ``` config('app.my_api_key') ``` ### βš™οΈ 2. Two Powerful Modes of Integration [](#️-2-two-powerful-modes-of-integration) ModeDescription**File Mode**Read secrets from one or more Vault-agent-generated files (supporting `.env`, `.txt`, `.json`, and more) β€” perfect for agent setups or Docker environments.**Token Mode**Pull secrets directly from the Vault server using a token, supporting multiple paths and tokens. Great for dynamic secret retrieval.### 🧠 3. Configurable, Flexible, and Cache-Aware [](#-3-configurable-flexible-and-cache-aware) - Supports **multiple file paths** or **multiple Vault token sources** - Maps secrets to Laravel config effortlessly - Uses Laravel's cache system to improve performance ### πŸͺ„ 4. Transition-First Design [](#-4-transition-first-design) Unlike other packages that require rigid integration styles or special syntax, this one was designed with **real-world Laravel projects** in mind β€” allowing teams to migrate without friction, allowing keys to be called using the default Laravel config() mechanism. --- πŸ“¦ Installation -------------- [](#-installation) ``` composer require thetribeofdan/laravel_vault ``` If you want to publish the config file: ``` php artisan vendor:publish --tag=vault-config ``` You'll now see a `config/vault.php` file. This is your main control centre 🧠 --- πŸ› οΈ Configuration ---------------- [](#️-configuration) ### 1. Choose your mode [](#1-choose-your-mode) Set the mode in `.env` or directly in `config/vault.php`: ``` VAULT_MODE=file # or 'token' ``` --- ### 2. File Mode (πŸ“ Local Files) [](#2-file-mode--local-files) Use this when you want to load secrets from one or more **files generated by the Vault Agent or by yourself on your Server** (e.g. `.env`, `.json`): ``` 'file_paths' => [ base_path('.vault/secrets.env'), base_path('.vault/extra.json'), ], ``` βœ… Supported formats: - `.env`-style: `KEY=value` - `.json`-style: `{ "KEY": "value" }` --- ### 3. Token Mode (πŸ” Live HashiCorp Vault) [](#3-token-mode--live-hashicorp-vault) Use this when you want to connect to a live Vault instance using the Auth **token**: ``` 'token_sources' => [ [ 'token' => env('VAULT_TOKEN'), 'path' => '/v1/secret/data/app', 'url' => env('VAULT_URL'), ], [ 'token' => env('VAULT_ALT_TOKEN'), 'path' => '/v1/secret/data/billing', 'url' => env('VAULT_URL'), ], ], ``` πŸ“Œ Supports multiple tokens, engine paths and URLs. --- ### 4. Mapping Secrets to Config πŸ—ΊοΈ [](#4-mapping-secrets-to-config-️) Map secrets from your files or Vault into Laravel config using the `map` array in your `config/vault.php` file: ``` 'app.app_key' => 'APP_KEY', 'app.mailgun.secret' => 'MAILGUN_SECRET', ``` Usage in your Project’s code: ``` config('app.app_key'); config('app.mailgun.secret'); ``` --- πŸ” Refreshing Secrets at Runtime ------------------------------- [](#-refreshing-secrets-at-runtime) Need to reload your secrets on the fly (e.g. after token rotation or file update)? Just call: ``` Vault::refresh(); ``` To force a reload and cache refresh of Vault secrets. --- ⚠️ Laravel Cache Warning ------------------------ [](#️-laravel-cache-warning) If you're using `database` cache driver, make sure to run the default cache migration: ``` php artisan cache:table php artisan migrate ``` Or switch to `file` or `redis` temporarily. --- πŸ’‘ Tips ------ [](#-tips) - Make sure you **run Laravel's `php artisan cache:table` & migrate** if using database cache - All secrets are **cached for 1 hour** by default (configurable) - This package is best used for **secure, centralized secrets** --- Tutorials/Video Walkthrough --------------------------- [](#tutorialsvideo-walkthrough) - **Installation and Configuration** --- πŸ™Œ Credits --------- [](#-credits) Built with πŸ–€ by [Daniel Fiyinfoluwa Egbeleke](mailto:fiyinfoluwaegbeleke@gmail.com) aka *The Bad Guyβ„’*. Inspired by a personal need to make secure secret integration feel effortless for my Future Projects...Hope You Like It πŸ” --- πŸ’– Support the Project --------------------- [](#-support-the-project) If this package saved you hours or helped secure your Laravel app, consider sponsoring the project: πŸ‘‰ [Donate via Flutterwave](https://flutterwave.com/donate/43xu0cajjq1f) 🫢 Every contribution goes towards maintaining, improving, and supporting this tool for the community. Massive Help by [@imambash6](https://github.com/imambash6) πŸ“„ License --------- [](#-license) MIT Β© 2025 [Daniel Fiyinfoluwa Egbeleke](https://github.com/thetribephotography) ### Health Score 36 β€” LowBetter than 82% of packages Maintenance81 Actively maintained with recent releases Popularity2 Limited adoption so far Community8 Small or concentrated contributor base Maturity47 Maturing project, gaining track record Bus Factor1 Top contributor holds 93.3% of commits β€” single point of failure How is this calculated?**Maintenance (25%)** β€” Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** β€” Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** β€” Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** β€” Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~37 days Recently: every ~55 days Total 7 Last Release 102d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/48080af45c4657931ba4140b66a5657dc2e4b83799f1e8579e6b1c8698b45b39?d=identicon)[alexarcherr](/maintainers/alexarcherr) --- Top Contributors [![thetribeofdan](https://avatars.githubusercontent.com/u/93989847?v=4)](https://github.com/thetribeofdan "thetribeofdan (28 commits)")[![alexarcherr](https://avatars.githubusercontent.com/u/11070395?v=4)](https://github.com/alexarcherr "alexarcherr (2 commits)") --- Tags laravelconfigsecurityencryptionhashenvvaultsecrethashicorpcybersecurity ### Embed Badge ![Health badge](/badges/ectica-laravel-vault/health.svg) ``` [![Health](https://phpackages.com/badges/ectica-laravel-vault/health.svg)](https://phpackages.com/packages/ectica-laravel-vault) ``` ### Alternatives [ercsctt/laravel-file-encryption Secure file encryption and decryption for Laravel applications 642.6k](/packages/ercsctt-laravel-file-encryption) PHPackages Β© 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)