Home / Insomnia
Edit
Report

External vault integration

Enterprise and uses: Insomnia
Related Documentation
Insomnia Documentation
Minimum Version
Insomnia - 11
Tags
#external-vaults #secrets-management
Related Resources
Local vault storage in Insomnia
Storage options
Git sync

Insomnia supports integrating with external vault service providers to retrieve secret values automatically when sending requests.

You can configure vault integration from the Insomnia UI, in Preferences > Credentials, and in Inso CLI, using environment variables.

Insomnia supports the following vault services:

AWS Secrets Manager

  1. Navigate to Preferences > Credentials v12.3+ or Cloud Credentials.
  2. For Service Provider Credential List, click Add Credentials.
  3. Select AWS.
  4. Select a Credential Type and fill in the required fields.

Insomnia doesn’t support spaces in the SSO session name. If you select the SSO Credential type, make sure your SSO session name contains only supported characters:

  • Letters
  • Numbers
  • Hyphens (-)
  • Underscores (_)

GCP Secret Manager

  1. Navigate to Preferences > Credentials v12.3+ or Cloud Credentials.
  2. For Service Provider Credential List, click Add Credentials.
  3. Select GCP, and upload your service account key.

HashiCorp Vault

  1. Navigate to Preferences > Credentials v12.3+ or Cloud Credentials.
  2. For Service Provider Credential List, click Add Credentials.
  3. Select HashiCorp.
  4. Choose your environment:
    • For HashiCorp Cloud Platform, select Cloud and provide credentials using a service principal client ID and client secret.
    • For HashiCorp Vault Server, select On-Premises and choose an authentication method:
      • With AppRole, enter the server address, role ID, and secret ID.
      • With Token, enter the server address and authentication token.

Azure Key Vault

  1. Navigate to Preferences > Credentials v12.3+ or Cloud Credentials.
  2. For Service Provider Credential List, click Add Credentials.
  3. Select Azure.
  4. You will be redirected to authorize Insomnia in your browser.
  5. After authorization, you’ll return to Insomnia with your Azure account credential added.

Using secrets

External vault secrets can be referenced anywhere in Insomnia requests using template tags. In the field of your choice:

  1. Press Control+Space.
  2. Select the external vault to use.
  3. Fill in the details required to access the secret.

Vault secrets cache

Vault secret caching works like the following in Insomnia:

  • Secrets retrieved from cloud vault services are cached in memory for 30 minutes by default.
  • If the cache expires or is missing, Insomnia re-fetches the secret automatically.
  • You can configure cache duration and reset the cache in Preferences > Credentials.

FAQs

What happens if I clear cloud credentials when I sign out of Insomnia?

When you sign out of Insomnia, you can choose to clear all of your stored cloud credentials. This removes any saved credentials used by External Vault providers from your local Insomnia configuration.

Clearing cloud credentials doesn’t break External Vault integrations. Insomnia supports External Vault providers even when credential fields are empty. This allows you to sign out securely without losing your vault setup.

After signing back in, you might need to re-authenticate or provide credentials again, depending on how the cloud provider handles authentication.

Do empty credential configurations work across all External Vault cloud providers?

Yes. External Vault supports empty credential configurations across all supported cloud providers.

This means that your external vault integrations continue to work even when credential fields are empty. Insomnia can operate without permanently storing cloud credentials in the configuration.

Something wrong?
Report an Issue | Edit this Page

Help us make these docs great!

Kong Developer docs are open source. If you find these useful and want to make them better, contribute today!
Contribute

Still need help

Ask in our Forum
Contact Support