Secrets

Secrets allow you to securely store sensitive configuration data like API keys and database credentials in your deployed MindedJS agents.

Overview

Secrets are configured through the platform dashboard and automatically injected into process.env when your agent is deployed. They are only available in deployed agents, not during local development.

Key Features:

Secure storage on the platform backend
Automatic injection into process.env for deployed agents
Environment-specific configuration (dev/staging/production)
Deploy-time access only

Usage

Basic Access

// Access secrets via process.env in deployed agents
const apiKey = process.env.OPENAI_API_KEY;
const databaseUrl = process.env.DATABASE_URL;

// Always validate required secrets
if (!apiKey) {
  throw new Error('OPENAI_API_KEY secret not configured');
}

In Tools

import { Tool } from 'mindedjs';

const weatherTool: Tool<{ city: string }, any> = {
  name: 'getWeather',
  description: 'Get weather information for a city',
  parameters: {
    type: 'object',
    properties: {
      city: { type: 'string', description: 'The city to get weather for' }
    },
    required: ['city']
  },
  handler: async ({ city }) => {
    const apiKey = process.env.WEATHER_API_KEY;
    
    if (!apiKey) {
      throw new Error('WEATHER_API_KEY secret not configured');
    }
    
    const response = await fetch(`https://api.weather.com/v1/current?key=${apiKey}&q=${city}`);
    return await response.json();
  }
};

Configuration

Platform Management

Configure secrets in the MindedJS platform dashboard:

Navigate to your agent's settings
Use the secrets management interface to add/edit secrets
Configure different values per environment
Changes require redeployment to take effect

Naming Conventions

Use UPPER_SNAKE_CASE with descriptive names:

OPENAI_API_KEY
DATABASE_URL
WEBHOOK_SECRET
JWT_SIGNING_KEY

Local Development

When developing locally, you can use the .env file (in the root of your project) to set the secrets or environment variables.

# .env file
MINDED_CONNECTION_TOKEN=abc
API_KEY=xyz

Best Practices

Always validate that required secrets exist before use
Never log secret values in console output or logs
Use descriptive names for clarity
Separate environments with different secret values
Never commit .env files or hardcode secrets
Regular rotation of secrets through the platform

Troubleshooting

Secret not available: Verify it's configured in platform dashboard with exact name (case-sensitive) and agent is deployed
Local development: Remember secrets only work in deployed agents - use .env files or fallbacks locally
Changes not applied: Secret changes require redeployment to take effect

PreviousParallel LLM Requests NextREST API

Last updated 7 months ago

hashtagOverview

hashtagUsage

hashtagBasic Access

hashtagIn Tools

hashtagConfiguration

hashtagPlatform Management

hashtagNaming Conventions

hashtagLocal Development

hashtagBest Practices

hashtagTroubleshooting