Does Nomad client need Vault enabled at all?

I want to have Nomad integrated with Vault. In my infrastructure, clients will (mostly) connect to Nomad servers to interface with Nomad API or UI.

Is the Vault configuration vault { enabled = true address = "..." } needed at all on Nomad clients? What for?

What does it affect on clients, doesn’t the client just forward the request to the server anyway? So if the server has vault enabled, it will just be used on server side, no?

it appears from reading vault Block - Agent Configuration | Nomad | HashiCorp Developer that the clients do contact Vault directly. It would appear that when tasks are given to clients, they do not come with the values that you are supposed to request from Vault.

Nomad client agents use the allocation’s token when contacting Vault.

This sounds like it is used for allocation template rendering and $VAULT_TOKEN.