Secrets are used by your server functions (sometimes called edge functions) to safely access sensitive information, like API keys or database passwords, without exposing them to users. When a server function runs, it can securely read the secret and complete its task, such as making a request to an external service. This helps keep your app secure and ensures that private information never ends up in your users’ browsers or devices.
If you’re using Claude Agent, you’ll automatically be prompted when it is time to add these. For example, if you send a message like “Integrate OpenAI,” the agent will complete the coding and then display a message asking you to add your secret, along with a link to the Secrets tab.
View Secrets settings
To open the Secrets settings for your project’s database, follow these steps:
- Log in to your Bolt project.
- Click the database icon in the top center of your screen.
- Click Secrets in the left menu.
Manually create secrets
You can manually create secrets by following the steps below:
- Log in to your Bolt project.
- Click the database icon in the top center of your screen.
- Click Secrets in the left menu.
- Enter a name and a value in their respective fields.
- Click Create secret.
Alternatively, you can delete secrets by clicking Delete in a secret’s row.
Tips for good secrets’ security
- Rotate your keys regularly to reduce risk.
- Remove keys you no longer use.
- Never store secrets in plain text in your code.
