Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.opencomputer.dev/llms.txt

Use this file to discover all available pages before exploring further.

SecretStore.create(opts)

Create a new secret store. 
import { SecretStore } from '@opencomputer/sdk';

const store = await SecretStore.create({
  name: 'my-agent-secrets',
  egressAllowlist: ['api.anthropic.com'],
});
name
string
required
Store name (unique per organization)
egressAllowlist
string[]
Allowed egress hosts (e.g. ["api.anthropic.com"])
Returns: Promise<SecretStoreInfo>

SecretStore.list(opts?)

List all secret stores. Returns: Promise<SecretStoreInfo[]>

SecretStore.get(storeId, opts?)

Get a secret store by ID.
storeId
string
required
UUID of the secret store
Returns: Promise<SecretStoreInfo>

SecretStore.update(storeId, opts)

Partial updates — only the fields you pass are changed. 
const updated = await SecretStore.update('store-uuid', {
  name: 'new-name',
  egressAllowlist: ['api.anthropic.com', '*.openai.com'],
});
storeId
string
required
UUID of the store to update
name
string
New store name
egressAllowlist
string[]
New allowed egress hosts
Returns: Promise<SecretStoreInfo>

SecretStore.delete(storeId, opts?)

Deletes the store and all its secrets. Running sandboxes are not affected. Returns: Promise<void>

SecretStore.setSecret(storeId, name, value, opts?)

Set a secret in a store. Secrets are encrypted at rest. The value is never returned by the API. 
await SecretStore.setSecret('store-uuid', 'ANTHROPIC_API_KEY', 'sk-ant-...');
Optionally restrict which hosts can receive this secret: 
await SecretStore.setSecret('store-uuid', 'ANTHROPIC_API_KEY', 'sk-ant-...', {
  allowedHosts: ['api.anthropic.com'],
});
storeId
string
required
UUID of the secret store
name
string
required
Secret name (used as the env var name in sandboxes)
value
string
required
Secret value (encrypted at rest, never returned by API)
allowedHosts
string[]
Restrict this secret to specific hosts only
Returns: Promise<void>

SecretStore.listSecrets(storeId, opts?)

Returns secret metadata only. Values are never exposed. Returns: Promise<SecretEntryInfo[]>

SecretStore.deleteSecret(storeId, name, opts?)

Returns: Promise<void>

Using Secrets with Sandboxes

Pass the secretStore option to Sandbox.create() to inject the store’s secrets: 
const sandbox = await Sandbox.create({
  secretStore: 'my-agent-secrets',
  timeout: 600,
});

// Secrets are available as sealed env vars
const result = await sandbox.commands.run('echo $ANTHROPIC_API_KEY');
// stdout: "osb_sealed_abc123..." (sealed, not the real key)

// But outbound HTTPS requests get the real value substituted by the proxy
const apiResult = await sandbox.commands.run(
  'curl -s https://api.anthropic.com/v1/messages -H "x-api-key: $ANTHROPIC_API_KEY" ...'
);

Using Secrets with Snapshots and Checkpoints

Snapshot template with secrets

Attach a secret store when creating a sandbox from a pre-built snapshot — even if the snapshot was built without one: 
import { Sandbox, Snapshots, Image } from '@opencomputer/sdk/node';

// Pre-build a snapshot with dependencies
const snapshots = new Snapshots();
await snapshots.create({
  name: 'data-pipeline',
  image: Image.base().aptInstall(['python3-pip']).pipInstall(['pandas']),
});

// Create sandboxes from the snapshot, each with their own credentials
const worker1 = await Sandbox.create({
  snapshot: 'data-pipeline',
  secretStore: 'worker-1-keys',
});
const worker2 = await Sandbox.create({
  snapshot: 'data-pipeline',
  secretStore: 'worker-2-keys',
});

Checkpoint fork with secrets

Attach or layer a secret store when forking from a checkpoint: 
// Bake a base environment with git credentials
const base = await Sandbox.create({ secretStore: 'git-creds' });
await base.exec.run('git clone https://github.com/org/repo /app', { cwd: '/' });
const cp = await base.createCheckpoint('repo-cloned');

// Fork with different credentials per sandbox (layered on top of git-creds)
const worker = await Sandbox.createFromCheckpoint(cp.id, {
  secretStore: 'worker-keys',  // layered on top of git-creds
});
When layered, secrets merge (fork’s store wins on collision) and egress allowlists aggregate.

Types

PropertyTypeDescription
idstringStore UUID
orgIdstringOrganization UUID
namestringStore name
egressAllowliststring[]Allowed egress hosts
createdAtstringISO 8601 timestamp
updatedAtstringISO 8601 timestamp
PropertyTypeDescription
idstringEntry UUID
storeIdstringParent store UUID
namestringSecret name (env var name)
allowedHostsstring[]Host restrictions
createdAtstringISO 8601 timestamp
updatedAtstringISO 8601 timestamp