{"service":"vault-mcp","version":"1.6.1","description":"Azure Key Vault MCP Server with REST API","documentation":"/openapi.json","security":"All /api/* and /mcp endpoints require a Bearer token: a Keystone-issued OAuth access token or the static API key. Read operations need vault:read; set/rotate need vault:write.","endpoints":{"/":"GET - Service info (public)","/health":"GET - Health check with secret validation (public)","/openapi.json":"GET - OpenAPI 3.0 specification (public)","/mcp":"POST - MCP JSON-RPC endpoint (auth required)","/api/secrets":"GET - List secrets with filters, POST - Create secret (auth required)","/api/secrets/:name":"GET - Get secret value (auth required)","/api/secrets/:name/rotate":"POST - Rotate secret (auth required)","/api/lookup/:envVar":"GET - Lookup by env var name (auth required)","/api/env/:project/:environment":"GET - Get env vars for project/env (auth required)"}}