Teammates can store and retrieve sensitive information like passwords, API keys, and other secrets to securely log into websites, access databases, or make API calls.

Secrets are stored encrypted at rest using AES-256-GCM encryption and only transmitted over a secure connections.

To add a secret, click the “Profile” link and then “Edit”. Each secret has a unique name which you will use to reference it later:

Name: website_admin_password
Value: sw0rdfish

or

Name: stripe_api_key
Value: sk_live_24601

Now, whenever you assign work to a teammate or update their Handbook, you can reference the secret with special template syntax like this:

“Browse to https://admin.example.com and log in with username admin and password ${website_admin_password}

The teammate will automatically swap out the template variable ${website_admin_password} with the value of the secret.

Secrets can be used for any “password” fields, which are currently supported in the following skills:

  • Browse Web: Browse the web and return the contents of the page
  • Query Database: Execute SQL queries against a PostgreSQL database