Skip to main content
Store API keys, tokens, and credentials securely. Your agent’s tools retrieve them at runtime – no hardcoded secrets in code, logs, or version history.
Secrets are managed at the account level, not inside individual agents. Access the Secrets Vault from the Secrets tab in the top bar of the workspace homepage.
Secrets Vault overview

How it works

  1. You create a secret in the Secrets Vault with a name, optional description, and value.
  2. You grant access to specific agents.
  3. Functions retrieve the secret at runtime using conv.utils.get_secret("secret_name").
api_key = conv.utils.get_secret("stripe_api_key")
response = requests.get(url, headers={"Authorization": f"Bearer {api_key}"})

Storage formats

Secrets can be stored as:
  • Single value – A plain string (e.g., an API key).
  • Key/value pairs – A dictionary of related credentials (e.g., client_id and client_secret).

Next steps

Create a secret

Add a new secret to the Secrets Vault.

Manage access control

Grant secrets to specific agents.

Use in functions

Retrieve secrets at runtime in your code.
Last modified on April 20, 2026