Credentials
Credentials are stored in~/.action-llama/credentials/<type>/<instance>/<field>. Each credential type is a directory containing one file per field. Reference them in agent-config.toml by type name (e.g. "github_token") for the default instance, or use "type:instance" for a named instance (e.g. "git_ssh:botty").
Built-in Credentials
| Type | Fields | Description | Runtime Injection |
|---|---|---|---|
github_token | token | GitHub PAT with repo and workflow scopes | GITHUB_TOKEN and GH_TOKEN env vars |
anthropic_key | token | Anthropic API key, OAuth token, or pi auth | (read by SDK) |
openai_key | token | OpenAI API key | (read by SDK) |
groq_key | token | Groq API key | (read by SDK) |
google_key | token | Google Gemini API key | (read by SDK) |
xai_key | token | xAI API key | (read by SDK) |
mistral_key | token | Mistral API key | (read by SDK) |
openrouter_key | token | OpenRouter API key | (read by SDK) |
custom_key | token | Custom provider API key | (read by SDK) |
sentry_token | token | Sentry auth token for error monitoring | SENTRY_AUTH_TOKEN env var |
linear_token | token | Linear personal API token for workspace access | LINEAR_API_TOKEN env var |
linear_oauth | client_id, client_secret, access_token, refresh_token | Linear OAuth2 credentials for workspace access | LINEAR_CLIENT_ID, LINEAR_CLIENT_SECRET, LINEAR_ACCESS_TOKEN, LINEAR_REFRESH_TOKEN env vars |
bugsnag_token | token | Bugsnag auth token for error monitoring and release management | BUGSNAG_AUTH_TOKEN env var |
netlify_token | token | Netlify Personal Access Token for site management | NETLIFY_AUTH_TOKEN env var |
git_ssh | id_rsa, username, email | SSH private key + git author identity | SSH key mounted as file; GIT_AUTHOR_NAME/GIT_AUTHOR_EMAIL/GIT_COMMITTER_NAME/GIT_COMMITTER_EMAIL set from username/email |
gateway_api_key | key | API key for dashboard and CLI access to the gateway | (used by gateway + CLI) |
github_webhook_secret | secret | Shared secret for GitHub webhook verification | (used by gateway) |
sentry_client_secret | secret | Client secret for Sentry webhook verification | (used by gateway) |
linear_webhook_secret | secret | Shared secret for Linear webhook verification | (used by gateway) |
mintlify_token | token | Mintlify API token for accessing Mintlify’s API | MINTLIFY_API_TOKEN env var |
mintlify_webhook_secret | secret | Shared secret for Mintlify webhook verification | (used by gateway) |
x_twitter_api | api_key, api_secret, bearer_token, access_token, access_token_secret | X (Twitter) API credentials for platform access | X_API_KEY, X_API_SECRET, X_BEARER_TOKEN, X_ACCESS_TOKEN, X_ACCESS_TOKEN_SECRET env vars |
aws | access_key_id, secret_access_key, default_region | AWS credentials for managing AWS resources | AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_DEFAULT_REGION env vars |
vultr_api_key | api_key | Vultr API key for VPS provisioning (not needed at agent runtime) | VULTR_API_KEY env var |
reddit_oauth | client_id, client_secret, username, password, user_agent | Reddit OAuth2 credentials for script apps (posting and moderation) | REDDIT_CLIENT_ID, REDDIT_CLIENT_SECRET, REDDIT_USERNAME, REDDIT_PASSWORD, REDDIT_USER_AGENT env vars |
How Credentials Work
-
Configuration: List credential types in your agent’s
agent-config.toml: -
Storage: Credential values live in
~/.action-llama/credentials/<type>/<instance>/<field>. Each field is a plain text file. - Injection: When an agent runs, the credentials it requires are injected into the container.
-
Git identity: The
git_sshcredential includesusernameandemailfields (prompted duringal new/al doctor). These are injected asGIT_AUTHOR_NAME/GIT_AUTHOR_EMAILandGIT_COMMITTER_NAME/GIT_COMMITTER_EMAILenv vars at runtime, sogit commitworks without requiringgit config.
Named Instances
Each credential type supports named instances. For example, you could have webhook secrets for multiple GitHub orgs:"git_ssh" — this resolves to the default instance. To use a named instance, use colon syntax: "git_ssh:botty".
Managing Credentials
al creds add
Add or update a credential interactively. Runs validation for the credential type (e.g. API key format, GitHub API check):
al creds rm
Remove a credential:
al creds ls
List all stored credentials grouped by type:
al doctor
Scan all agents in a project and prompt for any missing credentials:
During al new
The al new command prompts for the Anthropic credential during initial setup. Other credentials are configured per-agent by al doctor or al creds add.
Manually
Write credential files directly:Anthropic Auth Methods
Three auth methods are supported:api_key— Standard API key (sk-ant-api-...). SetauthType = "api_key"in model config.oauth_token— OAuth token (sk-ant-oat-...). SetauthType = "oauth_token".pi_auth— Use existing pi auth credentials (~/.pi/agent/auth.json). SetauthType = "pi_auth". No credential file needed.
Webhook Secrets
Webhook secrets use named credential instances. For example, to set up a GitHub webhook secret for your org:github_webhook_secret:MyOrg, sentry_client_secret:MyOrg) and uses them to verify incoming webhook payloads. No global configuration is needed.
VPS Credential Sync
When deploying to a VPS, credentials are transferred to the remote server via SSH.VPS Filesystem (SSH)
Secret naming:~/.action-llama/credentials/{type}/{instance}/{field} on the remote server (same layout as local).
Credentials are transferred via SSH. No external secrets manager needed — same trust model as SSH access.