> ## Documentation Index
> Fetch the complete documentation index at: https://docs.poly.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Access control

> Manage which agents can access secrets

Each secret has its own access list that controls which agents can retrieve it at runtime. An agent without access will fail if its function attempts to call `conv.utils.get_secret()` for that secret.

## Managing access

<Steps>
  <Step title="Open the secret">
    From the workspace homepage, click the **Secrets** tab in the top bar, then click the secret you want to configure.

    <Note>
      The Secrets tab is only visible to **workspace admins** on supported workspaces. If you're an admin and can't see it, the Secrets Vault may not be enabled for your account yet — contact PolyAI support.
    </Note>
  </Step>

  <Step title="Edit agent access">
    Scroll to the **Agent access** section. You will see a list of all agents in your account.
  </Step>

  <Step title="Select agents">
    Check the box next to each agent that should be able to retrieve this secret. Uncheck any agents that no longer need access.
  </Step>

  <Step title="Save">
    Click **Save** to apply your changes. Access updates take effect immediately.
  </Step>
</Steps>

## Principle of least privilege

Grant access only to agents that require a specific secret for their [functions](/tools/introduction). For example, if only your booking agent calls the reservations API, only that agent should have access to the `reservations_api_key` secret.

<Tip>When rotating credentials, update the secret value first, then test the affected agents before revoking old credentials in the external service.</Tip>

## Related pages

<CardGroup cols={2}>
  <Card title="Create a secret" icon="plus" href="/secrets/how-to-setup">
    Add a new secret to the Secrets Vault.
  </Card>

  <Card title="Secrets overview" icon="lock" href="/secrets/introduction">
    Understand why secrets matter and how they work.
  </Card>
</CardGroup>