Skip to main content

What are Secrets?

Secrets are encrypted credentials stored securely within the Automations environment. They provide authentication for steps that connect to external services — like API keys for HTTP requests, SFTP credentials for file transfers, or OAuth tokens for protected APIs.

Creating a Secret

1

Navigate to Secrets

Click Secrets in the automations sidebar.
2

Click Create

Click the create button to open the new secret form.
3

Enter a Name

Give the secret a descriptive name (e.g. stripe-api-key, sftp-production).
4

Select the Type

Choose the credential type from the dropdown.
5

Enter Credentials

Fill in the required credential fields for the selected type.
6

Save

Click Save to encrypt and store the secret.

Secret Types

TypeFieldsUse Case
Basic AuthUsername, PasswordHTTP basic authentication
Bearer TokenTokenBearer token authentication
API KeyKey name, Key valueAPI key header authentication
SFTP PasswordUsername, PasswordSFTP password-based login
SFTP Private KeyUsername, Private keySFTP key-based login
OAuth2 Client CredentialsClient ID, Client secret, Token URLOAuth2 client credentials flow
JSON CredentialsJSON contentService account or custom credentials

Using Secrets in Steps

When configuring a step that supports authentication (HTTP Request, SFTP, Code), select a secret from the auth dropdown in the step configuration panel. The secret’s credentials are injected at runtime.

Mode Scoping

Secrets are scoped per mode:
  • Test secrets are used during test executions
  • Live secrets are used during production executions
  • During deployment, you choose which test secrets to copy to the live environment

Deleting Secrets

Secrets can only be deleted in test mode. Click the delete button on a secret row, then confirm the deletion.
Deleting a secret is permanent. Any steps referencing the deleted secret will fail at runtime.

Steps

Configure authentication on HTTP Request, SFTP, and Code steps.

Test & Deploy

Secrets are copied from test to live during deployment.