Skip to content
A proof-of-concept to connect a PHP web application to a MySQL database using credentials provided by Hashicorp Vault
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.

Hashicorp Vault for PHP Web Application Security - PoC

This is a Proof-of-Concept for having a PHP web application connect to a database using credentials provided by Hashicorp Vault. The goal is to have a basic understanding how Hashicorp Vault works in managing secrets and how web applications can make use of it to secure their authentication credentials.


We're using Docker to set up our environment:


Follow these steps to get started quickly

1. Clone repository

Clone this project from

git clone
cd poc-webapp-vault/

2. Launch Docker Compose

We have everything setup with Docker Compose so it's easy to launch the application

docker-compose up

3. Provision Hashicorp Vault

For your convenience we have created a provision script to set up vault so it's ready to accept your requests

/bin/bash ./

4. Check if it's all working

Point your browser to localhost:8080 and you should see the static EU countries page.

For the dynamic page, point to localhost:8080/vault.php.

At first you'll see an error message that states you don't have permissions.

Not allowed to retrieve credentials: Client error: GET http://vault:8200/v1/database/creds/webapp resulted in a 403 Forbidden response: {"errors":["permission denied"]}

Vault Error

Follow the link to retrieve the credentials and come back.

Now you should see the same EU countries page, but now coming from the database.

Vault Success

This PoC is provided "as-is" and is licensed MIT.

Notes available

Please see also my notes for more details about the setup and configuration of Hashicorp Vault.

You can’t perform that action at this time.