SOVEREIGN DATA

TINYCLOUD SECRETS

One place to add, rotate, test, and remove the API keys and tokens your apps need at runtime. Values are stored as encrypted records in your own TinyCloud space.

FEATURES

KEY CAPABILITIES

One Vault for Every Key

Add, rotate, test, and remove provider keys in one place. Secret values live as encrypted records in your TinyCloud secrets space.

Manifest-Declared Access

Apps declare the secret names they need in their manifests instead of building their own secret stores.

Explicit Permissions

Reads are manifest-declared. Writes and deletes are privileged — the app requests the exact per-secret permission through the SDK.

HOW IT WORKS

FROM KEY TO APP

01

Add

Add a provider key; it is encrypted into your secrets space

02

Declare

An app declares the secret names it needs in its manifest

03

Use

The app reads the secret through scoped read and decrypt permissions

GET STARTED WITH SECRETS

Give your apps the keys they need without building another secret store.