Getting Started

Go from zero to secured AI agents in under 5 minutes. Pick your path:

1Download & Install

Grab the latest release for your platform, or install from source.

cargo install sanctum
shell

Or download pre-built binaries (ARM64 / x86_64) from GitHub Releases

2Start the daemon

sanctum daemon start
shell

This launches the vault daemon and the web dashboard on localhost:7700.

3Follow the wizard

open http://localhost:7700
shell

The β€œUnseal Your Vault” wizard walks you through 6 steps:

  1. β‘  Welcome β€” Overview of what Sanctum does
  2. β‘‘ Create Passphrase β€” Set your vault encryption passphrase
  3. β‘’ Credential Scanner β€” Auto-finds exposed API keys across your filesystem
  4. β‘£ Import Credentials β€” One-click import into the encrypted vault
  5. β‘€ Connect AI Tools β€” Copy-paste MCP configs for your editor
  6. β‘₯ Complete β€” Vault is live. Agents are secured.

4Configure your MCP clients

Add the following to your editor's MCP config file. Same config for all editors:

{
  "mcpServers": {
    "sanctum": {
      "command": "sanctum",
      "args": ["mcp", "serve"]
    }
  }
}
json

Config file locations

Claude Desktopclaude_desktop_config.json
Claude Code.claude/mcp.json
Cursor.cursor/mcp.json
Windsurf.windsurf/mcp.json
VS Code (Copilot).vscode/mcp.json

πŸš€ Just want to see it work?

Run the demo β€” no setup required. Creates a temp vault, stores credentials, registers agents, runs access control tests, and prints a full audit trail.

sanctum demo
shell
Download Latest Release← Back to Home