Integrations
Three ways to connect your vault — MCP Server for AI tools, CLI for automation, REST API for custom workflows.
On this page
1. Overview — three interfaces, one vault
Claspt exposes your vault through three complementary interfaces. All three operate on the same local vault, respect the same encryption boundaries, and require the vault to be unlocked.
localhost. Build custom integrations, browser extensions, or connect any tool that speaks HTTP. JSON request/response throughout. Security note: All three interfaces run locally on your machine. No data leaves your device. The vault must be unlocked (master password or biometric) before any interface can access encrypted content. Unencrypted page content (markdown) is accessible without unlocking.
2. MCP Server (AI tools)
Claspt includes a built-in Model Context Protocol (MCP) server that lets AI coding tools interact with your vault as a first-class data source. No plugins, no extensions — it's built into the app.
Supported AI tools
- Claude Code — Anthropic's CLI agent. Add Claspt as an MCP server in your project or global config.
- Claude Desktop — Configure in Claude Desktop settings.
- Cursor — Add to your Cursor MCP configuration.
- Windsurf — Add to Windsurf's MCP settings.
- Any MCP-compatible client — Claspt speaks the standard MCP protocol.
Setup
Add Claspt to your MCP configuration. The exact location depends on your tool:
{
"mcpServers": {
"claspt": {
"command": "claspt",
"args": ["mcp-server"]
}
}
}{
"mcpServers": {
"claspt": {
"command": "claspt",
"args": ["mcp-server"]
}
}
}Once configured, your AI tool can call Claspt operations directly. You'll see tool calls like mcp__claspt__search, mcp__claspt__create_page, and mcp__claspt__generate_password in your conversation.
What AI tools can do with your vault
- Search — Find pages by content, title, or tags
- Read & write pages — Create new pages, read existing ones, update content
- Organise — Create folders, list folder contents, move pages
- Generate passwords — 6 modes: random, passphrase, memorable, PIN, UUID, bulk
- Check password strength — Entropy analysis, crack time estimation
- AI memory — Persistent key-value store for cross-session context
- Vault status — Check lock state, vault info
Real-world example: In a Claude Code session, you can say "generate 10 strong passwords and save them to my vault" — Claude will call generate_password ten times, then create_page to store the results in a new page in any folder you specify. All without leaving your terminal.
For a detailed setup walkthrough with screenshots, see the blog post: How to Use Claude, Cursor, and Windsurf with Your Encrypted Vault.
3. CLI (command line)
Claspt ships a full command-line interface. Every operation available in the GUI and MCP server is also available from your terminal.
# List all pages
claspt list
# Search your vault
claspt search "AWS credentials"
# Read a specific page
claspt read "DevOps/AWS Production"
# Create a new page
claspt create --title "Deploy Keys" --folder "Infrastructure" --content "# Deploy Keys\n\nSSH keys for CI/CD..."
# Generate a password
claspt generate password --length 24
# Generate a passphrase
claspt generate passphrase --words 5 --separator "-"
# Check password strength
claspt check-strength "MyP@ssw0rd123"
# Vault status
claspt vault statusJSON output for scripting
Add --json to any command for machine-readable output. Pipe it into jq, feed it to another script, or use it in CI/CD.
# Get a password and copy to clipboard
claspt generate password --length 20 --json | jq -r '.value' | pbcopy
# List all pages in a folder as JSON
claspt list --folder "Credentials" --json
# Search and extract first result
claspt search "production database" --json | jq '.[0]'
# Bulk generate 10 passwords
claspt generate bulk --count 10 --length 16 --jsonFor comprehensive CLI documentation, see: Automate Your Vault — Local HTTP API and CLI.
4. REST API (HTTP)
Claspt runs a local HTTP server (default: http://localhost:9477) that exposes a RESTful JSON API. Use it from any language, any tool, any browser extension.
# List all pages
curl http://localhost:9477/api/pages
# Search the vault
curl http://localhost:9477/api/search?q=AWS
# Create a page
curl -X POST http://localhost:9477/api/pages \
-H "Content-Type: application/json" \
-d '{"title": "New Credentials", "folder": "Work", "content": "# My Page\n\nContent here"}'
# Read a specific page
curl http://localhost:9477/api/pages/PAGE_ID
# Generate a password
curl http://localhost:9477/api/generate/password?length=20
# Vault status
curl http://localhost:9477/api/vault/statusAll responses are JSON. Errors include a message field with a human-readable description and an appropriate HTTP status code.
5. Storing data — secrets vs. plaintext
Claspt stores two kinds of data, and the distinction matters for integrations:
Pages (plaintext markdown)
- Standard markdown files stored in your vault folder
- Searchable, readable, and editable via all three interfaces
- Organised into folders with tags and metadata
- Accessible even when the vault is locked
- Perfect for: notes, documentation, project info, procedures
Secret blocks (encrypted)
- AES-256-GCM encrypted blocks embedded within pages
- Require vault unlock (master password or biometric) to read
- 8 templates: login, credit card, bank, API key, SSH key, Wi-Fi, ID, custom
- Encrypted at rest — opaque blobs on disk
- Perfect for: passwords, API keys, tokens, credentials, private keys
Creating a page via MCP / CLI / API
When you create a page through any interface, the content is stored as plaintext markdown. This is ideal for documentation, notes, and reference material that you want searchable and always accessible.
// AI tool calls:
mcp__claspt__create_page({
title: "AWS Production Environment",
folder: "Infrastructure",
content: "# AWS Production\n\n## Region: ap-south-1\n\nEC2 instances: 3x t3.medium\nRDS: PostgreSQL 16\nS3 bucket: prod-assets-2026"
})claspt create \
--title "AWS Production Environment" \
--folder "Infrastructure" \
--content "# AWS Production\n\n## Region: ap-south-1..."Organising with folders
Create pages in any folder — folders are created automatically if they don't exist. Use list_folders (MCP), claspt folders (CLI), or GET /api/folders (API) to see your folder structure.
6. Retrieving data
Three ways to find and read your vault content:
Search
Full-text search across all pages. Returns matching pages ranked by relevance.
claspt search "database credentials" List
List all pages, optionally filtered by folder. Includes metadata (title, folder, dates, tags).
claspt list --folder "DevOps" Read
Read a specific page by title or ID. Returns full markdown content and metadata.
claspt read "DevOps/AWS Staging" All three operations work across MCP, CLI, and REST API with identical results.
7. Password generation
Claspt's password generator is available across all three interfaces with 6 generation modes:
BmK6rAhv9f7B&4v4+<v3 correct-horse-battery-staple Bravox7-Kelpie2-Frost 847291 f47ac10b-58cc-4372... claspt generate bulk --count 10 Every generated password includes an entropy score (bits), strength rating (0–4), and estimated crack time. You can also check the strength of any existing password with check_password_strength.
8. AI memory
Claspt provides a dedicated key-value memory store designed for AI agents. This lets AI tools remember context across sessions — preferences, project notes, recurring instructions — stored in your vault, not on someone else's server.
// Store a memory
mcp__claspt__memory_upsert({ key: "preferred_lang", value: "TypeScript" })
// Read a memory
mcp__claspt__memory_read({ key: "preferred_lang" })
// → "TypeScript"
// List all memories
mcp__claspt__memory_list()
// Bulk upsert multiple memories
mcp__claspt__memory_bulk_upsert({
memories: [
{ key: "project", value: "claspt-website" },
{ key: "deploy_target", value: "cloudflare-pages" }
]
})
// Delete a memory
mcp__claspt__memory_delete({ key: "old_preference" })Memories persist across conversations and AI tool sessions. They're stored locally in your vault — private, portable, and under your control.
9. Full operations reference
Every operation available across all three interfaces:
| Operation | MCP Tool | CLI Command | REST Endpoint |
|---|---|---|---|
| Search vault | search | claspt search | GET /api/search |
| List pages | list_pages | claspt list | GET /api/pages |
| Read page | read_page | claspt read | GET /api/pages/:id |
| Create page | create_page | claspt create | POST /api/pages |
| Update page | update_page | claspt update | PUT /api/pages/:id |
| List folders | list_folders | claspt folders | GET /api/folders |
| Generate password | generate_password | claspt generate password | GET /api/generate/password |
| Generate bulk | generate_bulk | claspt generate bulk | GET /api/generate/bulk |
| Check strength | check_password_strength | claspt check-strength | POST /api/check-strength |
| Vault status | vault_status | claspt vault status | GET /api/vault/status |
| Memory read | memory_read | claspt memory get | GET /api/memory/:key |
| Memory upsert | memory_upsert | claspt memory set | PUT /api/memory/:key |
| Memory list | memory_list | claspt memory list | GET /api/memory |
| Memory bulk upsert | memory_bulk_upsert | claspt memory bulk-set | POST /api/memory/bulk |
| Memory delete | memory_delete | claspt memory delete | DELETE /api/memory/:key |