Secrets provide secure storage for sensitive information like API keys, tokens, and credentials. Palmier supports both personal and team-scoped secrets, ensuring your sensitive data is encrypted, access-controlled, and available when your agents need it.

Personal Secrets

Personal secrets are private to your account and only accessible in your personal workspace. These are perfect for individual development and testing scenarios.

Team Secrets

Team secrets are shared across all team members and accessible within team workspaces. MCP and Environment settings in the same team can share these secrets.

Creating Secrets

1

Navigate to Secrets

Go to the secrets section in your current workspace (personal or team)
2

Create New Secret

Click “New Secret” to open the creation dialog
3

Configure Secret

Provide a descriptive name and the secret value
4

Workspace Scoping

The secret will be automatically scoped to your current workspace context

Using Secrets

Secrets can be referenced in various contexts throughout Palmier using the ${SECRET:secret_name} syntax.

Environment Variables

Reference secrets in environment configurations for agents and MCP servers:
# In environment settings
DATABASE_URL=${{ secrets.DATABASE_CONNECTION }}
TEST_API_KEY=${{ secrets.TEST_API_KEY }}
WEBHOOK_SECRET=${{ secrets.WEBHOOK_SECRET }}
SUPABASE_READ_KEY=${{ secrets.SUPABASE_READ_KEY }}
These environment variables will be injected during runtime.

MCP Server Configuration

Secrets are automatically available to MCP servers and can be used in server configurations:
{
  "name": "stripe-mcp",
  "type": "remote",
  "base_url": "https://mcp.stripe.com",
  "extra_headers": {
    "Authorization": "Bearer ${{ secrets.STRIPE_SANDBOX_TEST_KEY }}",
  }
}

Secrets provide the secure foundation for managing sensitive data in your AI-powered development workflows. Use personal secrets for individual work and team secrets for collaborative projects, always following security best practices to protect your valuable credentials.