Rivault
Get Started
Back to home

Quick Start Guide

Connect your AI agent to Rivault in under 5 minutes.

Install the Rivault desktop app

Required for transcript redaction across every AI runtime. The installer wires up the local MCP server for Claude Desktop / Claude Code / Codex, runs a watcher that scrubs released secrets out of agent transcripts after every task, and — only if you have OpenClaw installed — registers the Rivault plugin with it automatically. macOS only for now.

curl -fsSL https://www.rivault.ai/install.sh | sh

The installer prompts for your API key (the rv_live_… string from your Settings page). Skipped the prompt or installed the .app directly? Open the Rivault app and click Sign in with Rivault — the browser flow pairs your Mac and wires both the daemon and (if present) the OpenClaw plugin in one step. To uninstall later: curl -fsSL https://www.rivault.ai/install.sh | sh -s -- --uninstall.

Prerequisites

  • A Rivault account with at least one vault item
  • An API key generated from your Settings page
  • OpenClaw installed and configured
  • The Rivault desktop app installed (one-liner above)
1

Run the installer

The installer detects OpenClaw automatically (CLI on PATH + ~/.openclaw/openclaw.json present) and, if so, registers the Rivault plugin in one step via openclaw plugins install. No manual SKILL.md download or plugin-install step needed.

curl -fsSL https://www.rivault.ai/install.sh | sh
2

Set your API key

When the installer prompts you, paste your rv_live_… API key. You can get one from your Settings page.

Paste your API key (rv_live_...) and press Enter, or leave blank to skip:

The installer writes the key to both the desktop daemon's config (~/Library/Application Support/Rivault/config.json) and the OpenClaw plugin config (~/.openclaw/openclaw.json under plugins.entries.rivault.config.apiKey) — so both the daemon's MCP server and the OpenClaw plugin authenticate without any further setup. The plugin auto-discovers the local daemon on 127.0.0.1 via ~/Library/Application Support/Rivault/daemon.json, so every retrieval is observable by the redaction watcher.

Skipped the prompt? Open the Rivault desktop app and click Sign in with Rivault — the browser flow pairs your Mac and wires both the daemon and the OpenClaw plugin in one step. (Or re-run the installer — it's idempotent.)

3

Restart OpenClaw

OpenClaw picks up new plugins at gateway start time. Quit and relaunch so the Rivault plugin loads with your API key.

4

Test it out

Start a new OpenClaw session and ask your agent something that needs your vault data:

# Example prompts to try:
"Fill out the signup form on example.com"
"What's my email address?"
"Log in to my GitHub account"

The agent will automatically search your vault, request authorization for sensitive items via Face ID, and use the values to complete the task. The desktop app's watcher redacts every retrieved value out of the OpenClaw transcript when the task ends.

Need help?

If you run into any issues, check the activity log in your account page or reach out for support.

Create Your Vault