diff --git a/pillar/credentials/vault.sls b/pillar/credentials/vault.sls
--- a/pillar/credentials/vault.sls
+++ b/pillar/credentials/vault.sls
@@ -165,6 +165,14 @@
   viperserv:
     - ops/secrets/nasqueron.viperserv.vault
 
+  webserver-legacy:
+
+    #
+    # Wolfplex credentials
+    #
+
+    - ops/secrets/nasqueron.etherpad.api
+
 #   -------------------------------------------------------------
 #   Vault secrets by dbserver cluster
 #
diff --git a/roles/webserver-content/org/wolfplex/api.sls b/roles/webserver-content/org/wolfplex/api.sls
--- a/roles/webserver-content/org/wolfplex/api.sls
+++ b/roles/webserver-content/org/wolfplex/api.sls
@@ -7,6 +7,23 @@
 
 {% if salt['node.has_web_content'](".org/wolfplex/api") %}
 
+#   -------------------------------------------------------------
+#   Data store
+#   - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+/var/dataroot/wolfplex/secrets.json:
+  file.managed:
+    - source: salt://roles/webserver-content/org/wolfplex/files/secrets.json.jinja2
+    - mode: 400
+    - user: web-org-wolfplex-www
+    - group: web
+    - makedirs: True
+    - template: jinja
+    - show_changes: False
+    - context:
+        secrets:
+          etherpad.api.key: {{ salt['credentials.get_token']("nasqueron.etherpad.api") }}
+
 #   -------------------------------------------------------------
 #   Base part
 #   - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
diff --git a/roles/webserver-content/org/wolfplex/files/secrets.json.jinja2 b/roles/webserver-content/org/wolfplex/files/secrets.json.jinja2
new file mode 100644
--- /dev/null
+++ b/roles/webserver-content/org/wolfplex/files/secrets.json.jinja2
@@ -0,0 +1 @@
+{{ secrets | json }}