docsGetting Started

Getting Started

Get your Zero-Trust Secret Vault up and running in minutes.

Prerequisites

  • Node.js: Version 18 or higher.
  • PNPM/NPM: A package manager for installation.

Install the ZMS CLI

The ZMS CLI is the control center for your vault. It handles initialization, process injection, and master key management.

npm i -g @zexio/zms-cli

Initialize the Vault

Before starting the engine, you must initialize the local environment. This command creates the necessary directories, synchronizes the database schema, and generates your unique Master Keys.

zms init

Launch the Engine

Once initialized, start the ZMS Unified Engine on your local machine or server. By default, ZMS listens on port 3030.

zms start

Options

  • --port: Specify a custom port (e.g., zms start --port 4000).
  • --dev: Start in development mode with hot-reloading (for contributors).

Access the Dashboard

Once the vault is live, you can access the ZMS Dashboard at:

http://localhost:3030

From the dashboard, you can:

  1. Initialize your Master Keys (The “Nuclear Reset” strategy).
  2. Create Projects and Services.
  3. Manage Environment Variables with strict UPPER_SNAKE_CASE validation.
  4. Connect AI Agents via the native MCP bridge.

Secure Your First Project

  1. Open the Dashboard.
  2. Go to Projects > New Project.
  3. Create a Service (e.g., main-api).
  4. Add your secrets.
  5. Generate a ZMS_TOKEN to start using the Bootstrap Pattern.
IntroductionCore Concepts