Secrets

Secrets allow you to securely store sensitive configuration data like API keys and database credentials in your deployed MindedJS agents.

Overview

Secrets are configured through the platform dashboard and automatically injected into process.env when your agent is deployed. They are only available in deployed agents, not during local development.

Key Features:

  • Secure storage on the platform backend

  • Automatic injection into process.env for deployed agents

  • Environment-specific configuration (dev/staging/production)

  • Deploy-time access only

Usage

Basic Access

// Access secrets via process.env in deployed agents
const apiKey = process.env.OPENAI_API_KEY;
const databaseUrl = process.env.DATABASE_URL;

// Always validate required secrets
if (!apiKey) {
  throw new Error('OPENAI_API_KEY secret not configured');
}

In Tools

import { Tool } from 'mindedjs';

const weatherTool: Tool<{ city: string }, any> = {
  name: 'getWeather',
  description: 'Get weather information for a city',
  parameters: {
    type: 'object',
    properties: {
      city: { type: 'string', description: 'The city to get weather for' }
    },
    required: ['city']
  },
  handler: async ({ city }) => {
    const apiKey = process.env.WEATHER_API_KEY;
    
    if (!apiKey) {
      throw new Error('WEATHER_API_KEY secret not configured');
    }
    
    const response = await fetch(`https://api.weather.com/v1/current?key=${apiKey}&q=${city}`);
    return await response.json();
  }
};

Configuration

Platform Management

Configure secrets in the MindedJS platform dashboard:

  • Navigate to your agent's settings

  • Use the secrets management interface to add/edit secrets

  • Configure different values per environment

  • Changes require redeployment to take effect

Naming Conventions

Use UPPER_SNAKE_CASE with descriptive names:

  • OPENAI_API_KEY

  • DATABASE_URL

  • WEBHOOK_SECRET

  • JWT_SIGNING_KEY

Local Development

When developing locally, you can use the .env file (in the root of your project) to set the secrets or environment variables.

# .env file
MINDED_CONNECTION_TOKEN=abc
API_KEY=xyz

Best Practices

  • Always validate that required secrets exist before use

  • Never log secret values in console output or logs

  • Use descriptive names for clarity

  • Separate environments with different secret values

  • Never commit .env files or hardcode secrets

  • Regular rotation of secrets through the platform

Troubleshooting

  • Secret not available: Verify it's configured in platform dashboard with exact name (case-sensitive) and agent is deployed

  • Local development: Remember secrets only work in deployed agents - use .env files or fallbacks locally

  • Changes not applied: Secret changes require redeployment to take effect

PreviousParallel LLM RequestsNextPII Masking

Last updated