Design concepts at https://wiki.coadcorp.com/doc/secrets-management-idea-VGJMey7Wnd

Provide REST API for CRUD to store and retrieve user/password data for logging into devices. Only password is encrypted, via AES256 GCM. Values stored in sqlite database. 

Requires JWT token to store/retrieve passwords.

This isn't super secure, probably not even as secure as Hashicorp Vault running in dev mode.