Hey,
so I’m looking for a secure way to store a password of a user to a third party application. My API needs to access this information, in order to make requests to another API for the user.
Is this what the vault is made for?
Vault is made for generic secrets handling and storage of many kinds, through various choices of pluggable auth methods and plugins.
However, for the case which you describe, the generally preferred technical solution these days is not to hold third party passwords at all, and to interact with a third party API via OAuth tokens.
You could use a Vault KV secrets engine to provide encrypted storage at rest of either passwords or tokens.
It is something Vault does and can do but no it isn’t what Vault was built for.
Vault at heart is an identity management system. It was designed to be a dynamic secret manager to other systems so you only auth once to Vault but then access other resources via the roles and permissions you have. It also stores static secrets which is what I believe you’re asking about.