OpenBao emerged from the community response to HashiCorp's controversial decision to relicense Vault and other products from the Mozilla Public License to the Business Source License in August 2023. The Linux Foundation adopted the project to provide a truly open-source alternative that maintains the core capabilities organizations depend on for secrets management, encryption, dynamic credential generation, and PKI certificate lifecycle management.
The project maintains API compatibility with Vault, meaning existing integrations, client libraries, and automation scripts continue to work with OpenBao without modification. This compatibility is intentional to minimize the migration barrier for organizations that want to move away from the BSL-licensed Vault while preserving their investment in Vault-based infrastructure. The secrets engines, auth methods, and policy system all function identically to their Vault equivalents.
OpenBao's governance under the Linux Foundation provides the community-driven development model that many organizations require for foundational security infrastructure. Contributions come from multiple companies rather than being controlled by a single vendor, and the license guarantees that the software remains freely usable in any context without the commercial restrictions that BSL imposes. With over 5,700 GitHub stars, OpenBao has attracted significant interest from organizations evaluating their secrets management strategy in light of the licensing changes.