Secrets

Encrypted values you can drop into any workflow as {{ secrets.NAME }}.

Managing secrets

UI: Settings → Secrets

CLI:

# List secret names
dispatched secret list

# Create or update
dispatched secret set STRIPE_KEY sk_test_...

# Delete
dispatched secret delete STRIPE_KEY

API:

# Create/update
curl -X PUT http://localhost:4000/api/secrets/STRIPE_KEY \
  -H "Dispatched-Session: $TOKEN" \
  -d '{"value": "sk_test_..."}'

# List names
curl http://localhost:4000/api/secrets \
  -H "Dispatched-Session: $TOKEN"

# Delete
curl -X DELETE http://localhost:4000/api/secrets/STRIPE_KEY \
  -H "Dispatched-Session: $TOKEN"

Rules

• Names must be UPPER_SNAKE_CASE
• Values are write-only — you can’t read them back once they’re saved
• Encrypted with your tenant’s wrapping key (AES-256-GCM)
• authorization and x-api-key headers are redacted from events
• Resolved at execution time, never baked into workflow definitions