Skip to main content


Secrets are special variables that are protected. Their values are never revealed in the Kraken UI. They are defined in projects and can be added, modified, and deleted on the project web page under the Secrets tab.

A new secret can be added by clicking the "New Secret" button. The form located in the center of the web page allows users to provide the secret details, such as the name of the secret, its type, and values. There are two types of secrets:

  • Simple secret - there is available just one simple secret value, it can be e.g. an access token
  • SSH Username and Key secret - there are two values: username and a protected key

When the secret is defined, it can be used in the stage definition. It can be placed in a workflow schema using variable interpolation.

Example 1

In the project, there is a secret named github_token which is being used here through string interpolation.

steps: [{
"tool": "shell",
"cmd": "echo $GITHUB_TOKEN",
"env": {
"GITHUB_TOKEN": "#{secrets.github_token}"

Example 2

This is a specific case. Some tools in particular fields expect just a direct secret name. For example, the git tool expects the secret name to be in the access-token field:

steps: [{
"tool": "git",
"access-token": "github_token",

More information about the usage of secrets can be found in Schema Data chapter, in Secrets section.