diff --git a/gorgone/gorgone/modules/centreon/autodiscovery/services/discovery.pm b/gorgone/gorgone/modules/centreon/autodiscovery/services/discovery.pm
index 948f090745e..d1e00408da0 100644
--- a/gorgone/gorgone/modules/centreon/autodiscovery/services/discovery.pm
+++ b/gorgone/gorgone/modules/centreon/autodiscovery/services/discovery.pm
@@ -750,7 +750,8 @@ sub service_execute_commands {
                 my $command = gorgone::modules::centreon::autodiscovery::services::resources::substitute_service_discovery_command(
                     command_line => $self->{discovery}->{rules}->{$rule_id}->{command_line},
                     host => $host,
-                    poller => $self->{service_pollers}->{$poller_id}
+                    poller => $self->{service_pollers}->{$poller_id},
+                    vault_count => $options{vault_count}
                 );
 
                 $self->{logger}->writeLogInfo("[autodiscovery] -servicediscovery- $self->{uuid} [" .
@@ -846,6 +847,17 @@ sub launchdiscovery {
     }
     $self->{audit_user_id} = $user_id;
 
+    ##################
+    # get vault config
+    ##################
+    ($status, $message, my $vault_count) = gorgone::modules::centreon::autodiscovery::services::resources::get_vault_configured(
+        class_object_centreon => $self->{class_object_centreon}
+    );
+    if ($status < 0) {
+        $self->send_log_msg_error(token => $options{token}, subname => 'servicediscovery', number => $self->{uuid}, message => $message);
+        return -1;
+    }
+
     ################
     # get rules
     ################
@@ -874,7 +886,8 @@ sub launchdiscovery {
             class_object_centreon => $self->{class_object_centreon},
             with_macro => 1,
             host_lookup => $data->{content}->{filter_hosts},
-            poller_lookup => $data->{content}->{filter_pollers}
+            poller_lookup => $data->{content}->{filter_pollers},
+            vault_count => $vault_count
         );
         if ($status < 0) {
             $self->send_log_msg_error(token => $options{token}, subname => 'servicediscovery', number => $self->{uuid}, message => $message);
@@ -921,7 +934,7 @@ sub launchdiscovery {
         pollers_reload => {}
     };
 
-    $self->service_execute_commands();
+    $self->service_execute_commands(vault_count => $vault_count);
 
     return 0;
 }
diff --git a/gorgone/gorgone/modules/centreon/autodiscovery/services/resources.pm b/gorgone/gorgone/modules/centreon/autodiscovery/services/resources.pm
index 1e76f54f1eb..24a1ed96383 100644
--- a/gorgone/gorgone/modules/centreon/autodiscovery/services/resources.pm
+++ b/gorgone/gorgone/modules/centreon/autodiscovery/services/resources.pm
@@ -99,6 +99,20 @@ sub get_audit_user_id {
     return (0, '', $user_id);
 }
 
+sub get_vault_configured {
+    my (%options) = @_;
+
+    my ($status, $datas) = $options{class_object_centreon}->custom_execute(
+        request => "SELECT count(id) FROM vault_configuration",
+        mode => 2
+    );
+    if ($status == -1 || !defined($datas->[0])) {
+        return (-1, 'cannot get number of vault configured');
+    }
+
+    return (0, '', $datas->[0]->[0]);
+}
+
 sub get_rules {
     my (%options) = @_;
     
@@ -374,7 +388,11 @@ sub get_hosts {
             if (defined($done_macro_host->{ $host_id })) {
                 $datas->{$host_id}->{macros} = $done_macro_host->{ $host_id };
             } else {
-                ($status, my $message, my $macros) = get_macros_host(host_id => $host_id, class_object_centreon => $options{class_object_centreon});
+                ($status, my $message, my $macros) = get_macros_host(
+                    host_id => $host_id,
+                    class_object_centreon => $options{class_object_centreon},
+                    vault_count => $options{vault_count}
+                );
                 if ($status == -1) {
                     return (-1, $message);
                 }
@@ -429,14 +447,22 @@ sub get_macros_host {
         }
 
         ($status, $datas) = $options{class_object_centreon}->custom_execute(
-            request => "SELECT host_macro_name, host_macro_value FROM on_demand_macro_host WHERE host_host_id = " . $lhost_id,
+            request => "SELECT host_macro_name, host_macro_value, is_password FROM on_demand_macro_host WHERE host_host_id = " . $lhost_id,
             mode => 2
         );
         if ($status == -1) {
             return (-1, 'get macro: cannot get on_demand_macro_host');
         }
         foreach (@$datas) {
-            set_macro(\%macros, $_->[0], $_->[1]);
+            my $macro_name = $_->[0];
+            my $macro_value = $_->[1];
+            my $is_password = $_->[2];
+            # Replace macro value if a vault is used
+            if ($options{vault_count} > 0 && defined($is_password) && $is_password == 1) {
+                set_macro(\%macros, $macro_name, "{" . $macro_name . "::secret::" . $macro_value . "}");
+            } else {
+                set_macro(\%macros, $macro_name, $macro_value);
+            }
         }
 
         ($status, $datas) = $options{class_object_centreon}->custom_execute(
@@ -471,6 +497,10 @@ sub substitute_service_discovery_command {
     
     $command =~ s/\$HOSTADDRESS\$/$options{host}->{host_address}/g;
     $command =~ s/\$HOSTNAME\$/$options{host}->{host_name}/g;
+
+    if ($options{vault_count} > 0) {
+        $command .= ' --pass-manager="centreonvault"';
+    }
     
     return $command;
 }