diff --git a/src/main/java/de/stklcode/jvault/connector/HTTPVaultConnector.java b/src/main/java/de/stklcode/jvault/connector/HTTPVaultConnector.java
index 668d1e3..3282834 100644
--- a/src/main/java/de/stklcode/jvault/connector/HTTPVaultConnector.java
+++ b/src/main/java/de/stklcode/jvault/connector/HTTPVaultConnector.java
@@ -598,6 +598,40 @@ public class HTTPVaultConnector implements VaultConnector {
         }
     }
 
+    @Override
+    public final SecretResponse readSecretData(final String key) throws VaultConnectorException {
+        if (!isAuthorized()) {
+            throw new AuthorizationRequiredException();
+        }
+        /* Request HTTP response and parse secret metadata */
+        try {
+            String response = requestGet(PATH_SECRET + "data/" + key, new HashMap<>());
+            return jsonMapper.readValue(response, SecretResponse.class);
+        } catch (IOException e) {
+            throw new InvalidResponseException(Error.PARSE_RESPONSE, e);
+        } catch (URISyntaxException ignored) {
+            /* this should never occur and may leak sensible information */
+            throw new InvalidRequestException(Error.URI_FORMAT);
+        }
+    }
+
+    @Override
+    public final MetadataResponse readSecretMetadata(final String key) throws VaultConnectorException {
+        if (!isAuthorized()) {
+            throw new AuthorizationRequiredException();
+        }
+        /* Request HTTP response and parse secret metadata */
+        try {
+            String response = requestGet(PATH_SECRET + "metadata/" + key, new HashMap<>());
+            return jsonMapper.readValue(response, MetadataResponse.class);
+        } catch (IOException e) {
+            throw new InvalidResponseException(Error.PARSE_RESPONSE, e);
+        } catch (URISyntaxException ignored) {
+            /* this should never occur and may leak sensible information */
+            throw new InvalidRequestException(Error.URI_FORMAT);
+        }
+    }
+
     @Override
     public final List<String> list(final String path) throws VaultConnectorException {
         if (!isAuthorized())
diff --git a/src/main/java/de/stklcode/jvault/connector/VaultConnector.java b/src/main/java/de/stklcode/jvault/connector/VaultConnector.java
index c6b48ac..4f690df 100644
--- a/src/main/java/de/stklcode/jvault/connector/VaultConnector.java
+++ b/src/main/java/de/stklcode/jvault/connector/VaultConnector.java
@@ -408,6 +408,28 @@ public interface VaultConnector extends AutoCloseable, Serializable {
         return read(PATH_SECRET + "/" + key);
     }
 
+    /**
+     * Retrieve secret data Vault.
+     * Prefix "secret/data" is automatically added to key. Only available for KV v2 secrets.
+     *
+     * @param key Secret identifier
+     * @return Metadata response
+     * @throws VaultConnectorException on error
+     * @since 0.8
+     */
+    SecretResponse readSecretData(final String key) throws VaultConnectorException;
+
+    /**
+     * Retrieve secret metadata from Vault.
+     * Prefix "secret/metadata" is automatically added to key. Only available for KV v2 secrets.
+     *
+     * @param key Secret identifier
+     * @return Metadata response
+     * @throws VaultConnectorException on error
+     * @since 0.8
+     */
+    MetadataResponse readSecretMetadata(final String key) throws VaultConnectorException;
+
     /**
      * List available nodes from Vault.
      *