Vault
What the vault does
The vault centralizes secrets used by Kitemesh, especially for:
- BYOK models
- API tools
What is stored there
A vault entry usually contains:
- a name
- a description
- a provider
- a scope
- a secret value
Personal or team scope
The scope defines who can reuse the secret:
Personalfor individual useTeamfor a shared team secret
Rotation and updates
When a secret changes, updating the existing entry is usually better than creating duplicates. This makes dependencies easier to track.
Deletion
A secret cannot always be deleted immediately. If it is still used by a model or a tool, that dependency needs to be removed first.
Good practices
- Use explicit names.
- Separate personal and team secrets.
- Avoid reusing the same secret for too many different purposes.
- Use the description field to explain what the secret is for.