Skip to main content
Vault Manager provides secure storage for OAuth credentials, enabling agents to access external services without exposing secrets.
The user stores OAuth credentials in a vault; the managed agent reads them securely when calling external APIs.

Quick Start

1

Create and Use Vault

Store OAuth credentials and reference in agent configuration.
2

Manage Multiple Vaults

Store and organize credentials for different services.

How It Works


VaultManager API

Core Methods

retrieve() and list() only return metadata (id, provider, name, timestamps). Actual credentials are never exposed and can only be accessed by agents during session runtime.

Accessing VaultManager


Supported Providers

GitHub Integration

Slack Integration

Custom Provider


Common Patterns

Vault Lifecycle Management

Multi-Environment Credentials

Vault Rotation


Best Practices

  • Minimal Scope: Use tokens with least privileges needed
  • Environment Separation: Different vaults for prod/staging/dev
  • Regular Rotation: Refresh tokens periodically
  • Access Auditing: Monitor vault usage and access patterns
Use descriptive names and consistent naming conventions:
Handle vault operations failures gracefully:
  • Cache vault IDs locally to avoid repeated API calls
  • Batch vault operations when possible
  • Clean up unused vaults regularly
  • Use meaningful names for easier vault discovery

Managed Runtime Protocol

Remote agent runtime with vault integration

Managed Agent Lifecycle

Complete agent, environment, and session management