# Secret Management Duvo lets your assignments work inside your systems without giving them the kind of blanket access a human has. Every credential your team connects is isolated, encrypted at rest, and scoped to the smallest slice of work it is needed for. There are three ways to give an assignment access to an external system. Each is a different trade-off between protection and flexibility. Use the most protected option available for the system you are connecting. *** ## The Three Tiers ### Tier 1 — Connections (maximum protection) **What it is:** Duvo's hosted Connections, such as Gmail, Google Sheets, Slack, and HubSpot. **How it works:** When you enable a Connection, Duvo stores the access token on our side, inside a dedicated, isolated service. Your assignment never receives the raw token. When the assignment needs to act — read a spreadsheet, send an email, post a message — it calls a tool, and Duvo uses the token to complete the action and returns only the result. **Why it is the most protected:** * The secret never leaves Duvo's infrastructure. * The assignment cannot see, log, or copy the token. It sees only the outcome of the call. * Access is narrowly scoped to the specific tool the assignment is allowed to use. **Use it when:** the external system appears on the [Connections page](https://app.duvo.ai/integrations). If a Connection exists, use it. *** ### Tier 2 — Logins (balanced) **What it is:** Saved website logins (domain, username, password, optional two-factor code) used for browser automation. **How it works:** When the assignment needs to sign in to a website, the browser sandbox looks up the matching login by domain and fills the form. The password and 2FA secret are decrypted only inside the sandbox and are never included in the assignment's reasoning context. **Why it is well protected:** * Encrypted at rest with AES-256. * Passed directly to the browser, not to the assignment. * Scoped to the exact domain it was saved for. **Use it when:** the target system does not offer a Connection and the assignment needs to drive a web UI — an internal portal, a legacy app, or a SaaS product without a Duvo Connection. For detailed steps on adding and managing logins, see [Logins and Secrets](/resources/my-logins.md). *** ### Tier 3 — Secrets (maximum agility) **What it is:** Named bundles of environment variables (API keys, tokens, database URLs, or anything that fits in an environment variable) attached to an assignment. **How it works:** When a Job starts, Duvo decrypts the Secrets attached to that assignment and injects them as environment variables into the secure sandbox where the Job runs. The assignment can reference them from any code it executes during the Job. **Why it is the most flexible:** * Works with any third-party system that accepts a token or key. * Lets assignments call custom APIs, command-line tools, or internal services. * Same encryption and access controls as the other tiers. The difference is that the value is available inside the sandbox for the duration of the Job. **Use it when:** * No Connection exists for the system and it is not a website. * You need to call a custom API, a CLI, or an internal service. * You accept that the assignment will have access to the value during the Job. Duvo's guardrails instruct the assignment to treat values as sensitive and never echo them back, but Tier 3 is inherently less isolated than Tier 1 or Tier 2. For detailed steps on adding and managing secrets, see [Logins and Secrets](/resources/my-logins.md). *** ## Choosing the Right Tier | Scenario | Recommended | | ---------------------------------------------------------------------- | -------------------- | | Gmail, Slack, Google Sheets, HubSpot, and other supported services | Tier 1 — Connections | | A website the assignment needs to log into and click through | Tier 2 — Logins | | A custom API, CLI, or database credential with no Connection available | Tier 3 — Secrets | **Rule of thumb:** if a Connection exists, use it. Reach for Logins or Secrets only when no Connection is available. *** ## Sharing and Ownership Every Login and Secret is either personal or shared with the team: * **Personal** logins and secrets belong to the user who created them. Other team members cannot see or use them. * **Shared** logins and secrets are available to every assignment in the workspace. Team members cannot view the values — only assignments acting on behalf of the team can use them during a Job. New logins and secrets are personal by default. You can share one with your team from its settings menu. *** ## How Secrets Are Protected Regardless of tier: * **Encrypted at rest** with AES-256, using keys managed by a cloud KMS. * **Encrypted in transit** over TLS 1.2 or higher. * **Access-controlled:** only your team and explicitly authorized assignments can use them. * **Not used for training:** credential values are never sent to a model provider for training. Anthropic traffic runs under Zero Data Retention. For Duvo's broader security posture — governance, audits, monitoring, and incident response — see [Security & Privacy](/resources/security-and-privacy.md). --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.duvo.ai/resources/secret-management.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.