ASAgentStead Docs

Secrets & Settings

How to manage secrets, provider keys, and runtime settings in the dashboard.

Secrets

The Secrets tab stores runtime credentials and environment variables. Values are encrypted at rest. Provider keys (Anthropic, OpenAI, etc.) are never injected directly into the container — AgentStead injects a per-agent proxy token instead and forwards requests to the real provider at the network layer. See Credential isolation for how this works.

Secret values are masked after saving. Copy anything you'll need again before closing the tab.

Adding a secret

  1. Open your agent → Secrets tab
  2. Enter the key name and value
  3. Save

Common keys:

ANTHROPIC_API_KEY=sk-ant-...
OPENAI_API_KEY=sk-...
GEMINI_API_KEY=...

Bulk import

Paste multiple secrets in .env format and save them all at once:

ANTHROPIC_API_KEY=sk-ant-...
OPENAI_API_KEY=sk-...
MY_WEBHOOK_URL=https://hooks.example.com/...

Each line becomes a separate secret.

Secret lifecycle

Rotating a key

Delete the old entry

Go to Secrets, find the key, and delete it. The old value is permanently removed immediately.

Add the new value

Add a new secret with the same key name and the new value.

Restart the agent

Go to the agent's overview and click Restart. The new secret is injected on startup.

Runtime settings

The Settings tab holds structured runtime configuration — model/provider settings and platform-managed defaults.

In practice:

  • Secrets = sensitive values (API keys, tokens, passwords)
  • Settings = structured configuration (model selection, provider defaults)

Some settings changes take effect immediately; others need a restart. If in doubt, restart.

Access Your Agent

Desktop, public URL, and SSH — how each access surface works and when to use each one.

Schedules

Automate recurring actions — backups and restarts — with cron-based schedules on agentstead.dev.

On this page

SecretsAdding a secretBulk importSecret lifecycleRotating a keyDelete the old entryAdd the new valueRestart the agentRuntime settings