5.4 KiB
Credential & Secret Management — Feature Grid
Last updated: March 25, 2026
Target audience: AI agent era. Rows marked 🤖 are agent-specific capabilities.
Grid
| Feature | 1Password | Bitwarden | Vaultwarden | OneCLI | HashiCorp Vault | Infisical | Doppler | Aembit | Clavitor |
|---|---|---|---|---|---|---|---|---|---|
| CREDENTIAL TYPES | |||||||||
| API keys | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
| SSH keys | ✅ | ✅ | ✅ | ❌ | ✅ | ❌ | ❌ | ❌ | ✅ |
| TOTP / 2FA codes | ✅ | ✅ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ |
| Secure notes | ✅ | ✅ | ✅ | ❌ | ✅ | ❌ | ❌ | ❌ | ✅ |
| Passwords / logins | ✅ | ✅ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ |
| Credit cards / IDs | ✅ | ✅ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | 🗓️ |
| Dynamic secrets | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ✅ | 🗓️ |
| AGENT CAPABILITIES 🤖 | |||||||||
| Designed for AI agents | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | ✅ | ✅ |
| MCP server (agent discovery) | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ |
| Per-agent identity tokens | ❌ | ❌ | ❌ | ✅ | ✅ | ❌ | ❌ | ✅ | ✅ |
| Proxy mode (HTTP_PROXY) | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | ✅ | 🗓️ |
| Agent info hiding (can use, can't read) | ❌ | ❌ | ❌ | ⚠️ | ⚠️ | ❌ | ❌ | ✅ | ✅ |
| Intent-based policy (LLM) | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ⚠️ | 🗓️ |
| Workload identity (OIDC/SPIFFE) | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ✅ | 🗓️ |
| SECURITY | |||||||||
| FIPS 140-3 | ⚠️ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | ✅ |
| HSM support | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | 🗓️ |
| End-to-end encrypted | ✅ | ✅ | ✅ | ⚠️ | ❌ | ⚠️ | ❌ | ❌ | ✅ |
| Zero-knowledge architecture | ✅ | ✅ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ |
| Audit logging | ✅ | ✅ | ⚠️ | ❌ | ✅ | ✅ | ✅ | ✅ | ✅ |
| Secret versioning | ✅ | ✅ | ✅ | ❌ | ✅ | ✅ | ✅ | ❌ | ✅ |
| Secret rotation | ⚠️ | ❌ | ❌ | ❌ | ✅ | ⚠️ | ⚠️ | ✅ | 🗓️ |
| DEPLOYMENT | |||||||||
| Self-hostable | ❌ | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ | ❌ | ✅ |
| Single binary | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ |
| Docker required | N/A | ⚠️ | ⚠️ | ✅ | ✅ | ✅ | N/A | N/A | ❌ |
| Open source | ❌ | ✅ | ✅ | ✅ | ⚠️ | ✅ | ❌ | ❌ | ✅ |
| Multi-tenant | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | 🗓️ |
| HUMAN SURFACES | |||||||||
| iOS app | ✅ | ✅ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | 🗓️ |
| Android app | ✅ | ✅ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | 🗓️ |
| macOS app | ✅ | ✅ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | 🗓️ |
| Windows app | ✅ | ✅ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | 🗓️ |
| Browser extension | ✅ | ✅ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | 🗓️ |
| Web dashboard | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | 🗓️ |
| CLI | ✅ | ✅ | ✅ | ⚠️ | ✅ | ✅ | ✅ | ✅ | ✅ |
| INTEGRATIONS | |||||||||
| CI/CD native | ⚠️ | ⚠️ | ❌ | ❌ | ✅ | ✅ | ✅ | ⚠️ | 🗓️ |
| Kubernetes operator | ❌ | ❌ | ❌ | ❌ | ✅ | ✅ | ✅ | ✅ | 🗓️ |
| External vault backend | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | ❌ | 🗓️ |
| DEPLOYMENT | |||||||||
| Hosted (cloud) | ✅ | ✅ | ❌ | 🗓️ | ✅ | ✅ | ✅ | ✅ | ✅ (POPs) |
| Self-hosted | ❌ | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ | ❌ | ✅ |
| PRICING | |||||||||
| Free tier | ❌ | ✅ | ✅ | ✅ | ✅ | ✅ | ⚠️ | ❌ | ❓ |
| Price / year | ~$36/u | $10/u | Free | Free | Free–$$$ |
Free–$96/u | $120+/u | Enterprise | $12 flat |
Legend
| Symbol | Meaning |
|---|---|
| ✅ | Supported |
| ❌ | Not supported |
| ⚠️ | Partial / limited |
| 🗓️ | Clavitor roadmap |
| N/A | Not applicable |
Notes
1Password: Best human UX in the market. No agent story. FIPS only via gov.1password.com (US gov offering). Strong browser extension and desktop apps.
Bitwarden: Open source, E2E encrypted, strong community. No agent capabilities. Self-hosted via their official server.
Vaultwarden: Unofficial Rust reimplementation of Bitwarden server. Single binary, lightweight. Ideal self-hosted alternative. No official support.
OneCLI: Only product (besides Aembit/Clavitor) designed for AI agents. Proxy-only — no vault for humans. No SSH, TOTP, or notes. Audit logging is an open feature request.
HashiCorp Vault: Enterprise gold standard. FIPS validated, HSM support, dynamic secrets, Kubernetes-native. Extremely complex to operate. BSL license (not truly open source since 2023). Overkill for most teams.
Infisical: Open-source secret management for dev teams. Strong CI/CD integrations. No agent story. Good alternative to Doppler.
Doppler: SaaS-only, developer-focused, great DX for injecting secrets into apps at runtime. No self-hosted. No agent capabilities.
Aembit: Enterprise agent identity platform. Blended human+agent identity model. SPIFFE/OIDC workload identity. Expensive, enterprise sales motion. No human vault (credential storage) — purely identity/policy.
Clavitor: Only product combining human vault (all credential types) + agent-native design + MCP server + single binary + FIPS + $12/yr pricing. Unique position: the vault that works for both humans and their agents.