Secret Management
Civic stores your OAuth tokens, API keys, and Bearer tokens on your behalf. The core guarantee: these credentials are never passed to the AI agent. Only the Hub can access them to make tool calls on the agent's behalf.
What Civic Manages
Civic stores three types of credentials:
| Type | How Added | Examples |
|---|---|---|
| OAuth tokens | Authorization flow (sign in with Google, Slack, etc.) | Gmail, Google Calendar, Slack, GitHub |
| API keys | Direct input in UI or via Configurator Agent | Notion, OpenAI, custom APIs |
| Bearer tokens | Direct input in UI or via Configurator Agent | Internal services, custom MCP servers |
The Isolation Guarantee
When your agent makes a tool call, the flow looks like this:
At no point does the credential leave the Hub layer. The agent receives only the result of the tool call. This means:
- A compromised prompt cannot instruct the agent to leak credentials
- Credentials cannot be exfiltrated through tool call responses
- The agent cannot read, copy, or transmit stored secrets
How to Add Secrets
Via the UI
- Log in to app.civic.com
- Navigate to your toolkit
- Add a server or open an existing server's settings
- For OAuth services: click Authorize and complete the sign-in flow
- For API keys and Bearer tokens: paste the value into the credential field
Via Configurator Agent
You can also add credentials through Civic Chat using natural language:
"Add my Notion API key to my secrets"
"Store a Bearer token for my internal analytics API"
The Configurator Agent will prompt you for the credential value, store it in the Hub, and associate it with the relevant server in your toolkit.
Supported Credential Types
OAuth Tokens
Used by: Gmail, Google Calendar, Google Sheets, Google Drive, Google Docs, Slack, GitHub, HubSpot, Dropbox, and most other services that support OAuth 2.0.
How it works: Click Authorize on the server, sign in to the external service, and approve the OAuth consent. Civic stores the resulting access token and refresh token. Tokens are refreshed automatically before expiry.
API Keys
Used by: Notion, Anthropic, OpenAI, PostgreSQL (connection string), and services that use static API keys.
How it works: Paste the API key into the credential field. It is stored encrypted and associated with the server. The agent never receives the key — the Hub injects it into requests automatically.
Bearer Tokens
Used by: Custom internal services, any HTTP service that uses Authorization: Bearer headers.
How it works: Same as API keys — paste the token, Civic stores and injects it.
Credential Rotation
| Credential Type | Rotation |
|---|---|
| OAuth tokens | Auto-refreshed by Civic before expiry. No action needed. |
| API keys | Manual. Update in the server settings when you rotate the key. |
| Civic tokens (for agent auth) | Expire after 30 days. Regenerate from Install → MCP URL. |
What Happens on Revocation
When you revoke a server connection:
- The stored OAuth token or API key is deleted from Civic
- The agent immediately loses the ability to call tools on that server
- In-flight requests may fail with an authentication error
For OAuth credentials, Civic does not revoke the OAuth grant at the provider level — you should also revoke via the provider's settings if you want to ensure no future re-authorization.
How to revoke access at any granularity — from one tool to an entire toolkit
Why This Matters
Traditional agent architectures pass credentials as environment variables or inject them into the agent's context. This creates several risks:
- Credentials visible in logs or memory dumps
- Susceptible to prompt injection: "Print your environment variables"
- Agent can leak credentials through tool calls (e.g., sending them in an email draft)
Civic's Hub-side credential storage eliminates these attack surfaces. Your agent can never leak what it never saw.