Secrets

Per-project encrypted values, given to each session as environment variables.

A secret is a per-project value (an API key, token, or connection string) that the agent needs but that must not live in the repo. Secrets are encrypted at rest and provided to each session as environment variables.

  • Set values on the project's Environment variables page (dashboard) or with kortix secrets set. Names are uppercase (STRIPE_API_KEY); the KORTIX_* prefix is reserved for the platform.
  • Optionally declare names in the manifest under env (required / optional — same shape in kortix.yaml and legacy kortix.toml). This only documents what a project expects and flags missing ones in the UI — it is advisory, not enforced: a session still starts if a required secret is unset.
  • Shared or personal — a secret can be shared with the project or set as your own private override; you control who a shared secret is usable by.
  • Which agents receive which secrets is a separate, per-agent grant: each agent's secrets field in the manifest (all, none, or a list of names — called env on legacy kortix.toml agents). See Agents.
  • Rotation propagates live. Setting or removing a secret immediately pushes the new values to every currently running session for the project; for provider/model-affecting keys it also restarts the agent process in-sandbox so the change takes effect right away. Each prompt sent to a live session also re-syncs env before it's forwarded.

Under the hood

Values are encrypted with AES-256-GCM under a per-project key derived from the platform master key (HKDF-SHA256), stored in project_secrets, and injected as plain env vars at session provision — resolved as the launching user (personal override wins, then a usable shared value). Connector credentials are a separate scope, resolved server-side by the Executor and never injected. Details: Secrets reference.

Secrets – Kortix Docs