Secrets and Credentials
AgentDesk takes the security of your integration credentials and portal secrets seriously. All sensitive data is encrypted before it is stored.
How credentials are protected
- Encrypted at rest -- All integration credentials (Jira, GitHub, AI service keys) and portal secrets are encrypted using AES-256 encryption before being stored.
- Never exposed -- Credentials are never shown in plain text through the portal interface or in logs. When you view integration settings, you see the connection status but not the actual keys or tokens.
- Access is logged -- When credentials are used (for example, when a workflow accesses them), the access is recorded for auditing.
Portal secrets
Portal administrators can store sensitive files needed for AI workflows, such as certificates or configuration files. These secrets are:
- Encrypted before storage
- Only accessible to portal administrators and authorised workflows
- Logged every time they are accessed
Managing secrets
From the portal's settings, administrators can:
- Upload new secrets
- Rotate (replace) existing secrets
- Delete secrets that are no longer needed
Integration credentials
When you set up integrations (Jira, GitHub, SSO, etc.), the credentials you provide are:
- Validated before being saved
- Encrypted immediately after validation
- Testable via the Test Connection button without exposing the stored values
If you need to update credentials (for example, after rotating an API key), go to the relevant integration settings page and enter the new values.