Secret
Secrets store credentials — API keys, tokens, service account keys — that are used by Models and Providers. They are encrypted at rest and never exposed to agent containers.
pai add secret <name> --from-literal KEY=VALUE
pai get secrets
pai delete secret <name>
Creating a secret
# Single value
pai add secret gemini-key --from-literal api-key=AIzaSy...
# Multiple values (e.g. AWS credentials)
pai add secret aws-creds \
--from-literal access_key_id=AKIAIOSFODNN7EXAMPLE \
--from-literal secret_access_key=wJalrXUtnFEMI...
Listing secrets
pai get secrets
# NAME KEYS AGE
# gemini-key api-key 2d
# github-pat token 1d
# aws-creds access_key_id, secret_access_key 5h
Referencing a secret
Secrets are referenced by name in Model and Provider resources:
In a Model:
spec:
apiKeySecretRef:
name: gemini-key # secret name
key: api-key # key within the secret
In a Provider:
spec:
auth:
secretRef: github-pat # secret name
secretKey: token # key within the secret (default: token)
Common secret shapes
| Use case | Keys |
|---|---|
| Anthropic / Gemini / OpenAI API key | api-key |
| GitHub Personal Access Token | token |
| Telegram bot token | token |
| AWS credentials | access_key_id, secret_access_key |
| Azure service principal | client_id, client_secret |
| GCP service account | key.json (full JSON content) |
Deleting a secret
pai delete secret gemini-key
Deleting a secret that is referenced by a running agent or model will cause credential injection to fail. Delete the referencing resources first, or update them to use a different secret.
Security
- Secrets are stored encrypted in the platform and mounted only into the sidecar proxy container
- Agent containers never have direct access to secret values
pai get secretsshows key names only — values are never returned by the API