Skip to main content

Overview

Secrets store sensitive values. Create them in /credentials. Create secret

Using secrets in expressions

Access a secret in expressions with: 
${{ SECRETS.<secret_name>.<key> }}

Secret types

Tracecat supports these workspace secret types:
  • Custom (custom): arbitrary key-value credentials
  • SSH key (ssh-key): a single SSH private key
  • mTLS (mtls): a TLS client certificate and private key
  • CA certificate (ca-cert): a CA certificate bundle

Custom credentials

Custom credentials store arbitrary key-value pairs.

TLS and mTLS secrets

Tracecat uses fixed key names:
  • mTLS secrets use TLS_CERTIFICATE and TLS_PRIVATE_KEY
  • CA certificate secrets use CA_CERTIFICATE
  • SSH key secrets use PRIVATE_KEY

AWS credentials

tools.aws_boto3 uses one secret named aws. Its keys are optional. Supported keys:
  • AWS access key ID: AWS_ACCESS_KEY_ID
  • AWS secret access key: AWS_SECRET_ACCESS_KEY
  • AWS session token: AWS_SESSION_TOKEN
  • AWS region: AWS_REGION
  • AWS profile: AWS_PROFILE
  • AWS role ARN: AWS_ROLE_ARN
Credential resolution order:
  1. AWS_ROLE_ARN
  2. AWS_PROFILE
  3. AWS_ACCESS_KEY_ID + AWS_SECRET_ACCESS_KEY + AWS_SESSION_TOKEN
  4. AWS_ACCESS_KEY_ID + AWS_SECRET_ACCESS_KEY
If AWS_ROLE_ARN is present, Tracecat uses STS AssumeRole and injects TRACECAT_AWS_EXTERNAL_ID at runtime.

Secret environments

Every secret belongs to a Workflow environment.
  • Default source: the workflow default environment in Workflows.
  • Override: per action in Actions control flow.
  • Fallback: default.
Examples:
  • Different CrowdStrike tenants for prod, staging, or lab
  • Multiple Slack apps for separate workspaces or business units
  • Separate sandbox and production API credentials for the same vendor

Access secrets in agents

Agents can use secret expressions in tool arguments and integration configuration. Secret values are resolved during tool execution and are not sent to the LLM provider. 
When you call Slack tools, use `${{ SECRETS.slack.SLACK_BOT_TOKEN }}`.
When you call Jira tools, use `${{ SECRETS.jira.JIRA_API_TOKEN }}`.
Do not print secret values in the final answer.
  • See Pre-built credentials for provider-specific credential templates for built-in integrations.
  • See OAuth for integrations that authenticate with OAuth flows.
  • See MCP for MCP integrations and secure environment-based settings.
  • See Expressions for how expressions work across triggers, actions, secrets, and variables.