# Secrets

What it is: Secrets securely stores sensitive information like API keys, database credentials, and tokens. Secrets are only accessible from the backend, never exposed to the frontend.

How to access: Click the Secrets tab in the workspace topbar, or the agent will prompt you when secrets are needed.

<figure><img src="https://4203676568-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fmj3x7kCuQ8vAs0u0uIPo%2Fuploads%2FJKW36YmPVnrJtLGyj9Wo%2Fimage.png?alt=media&#x26;token=14e0eaf7-6114-4345-b6fb-43ba1cb1e711" alt=""><figcaption></figcaption></figure>

Key features:

* Secure storage: Encrypted and never exposed to frontend code
* Environment variables: Access secrets as os.environ.get("SECRET\_NAME")
* Environment control: Separate secrets for dev, prod, or both
* Easy updates: Update secret values without code changes

How to use:

1. When the agent needs a credential, it will prompt you
2. Enter the secret value when prompted
3. The agent automatically uses os.environ.get("SECRET\_NAME") in code
4. Update secrets anytime in the Secrets tab

Tips:

* Never hardcode API keys or credentials in your code
* Secrets are only available in the backend - frontend code cannot access them
* Use descriptive UPPERCASE\_SNAKE\_CASE names for secrets
* For integrations with OAuth, use the Integrations feature instead