> ## Documentation Index
> Fetch the complete documentation index at: https://docs.penbox.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Secrets

> Securely store credentials and sensitive values for use in automations

The **Secrets** page lets you store sensitive values — such as API keys, passwords, or tokens — that your automations need to function. Values are stored securely and never exposed in plain text in forms or case templates. Access it from **Settings → Secrets**.

## How secrets work

Each secret has a **key** and a **value**. Once saved, the value is hidden but can be updated at any time. You reference a secret anywhere in Penbox that supports Penscript using:

```
{ $secrets.your_key }
```

For example, if you stored an API key under the key `my_api_key`, you can use `{ $secrets.my_api_key }` in an API call step or automation without exposing the raw value.

## Key format

Keys can only contain letters (uppercase or lowercase), numbers, hyphens (`-`), and underscores (`_`). No spaces or special characters.

## Managing secrets

Only **Administrators** can create, update, or delete secrets. The list shows the key, when it was last changed, and who created it.

To update a secret's value, click the edit icon — the key cannot be changed, only the value. To remove a secret, use the delete icon and confirm.

<Warning>
  Deleting a secret is immediate and permanent. Any automation or Penscript expression referencing it will stop working.
</Warning>
