token, app_token, and verify_token fields accept a { source, id } reference in addition to plaintext and ${ENV}. The reference form is additive — existing configs keep working.
Quick Start
1
Agent connects through the gateway
2
From a secret file
Read a mounted Docker or Kubernetes secret — never inherited by child processes.
3
From an environment variable
Structural equivalent of
${SLACK_BOT_TOKEN}.4
From a secret manager
Run a CLI whose stdout is the secret (Vault, AWS, GCP, 1Password,
pass).Which source do I choose?
Pick the source that matches where the secret already lives.How It Works
The schema validator resolves each reference at load time, hands the plaintext value to the adapter, and registers it for log redaction.
A resolved secret string always wins over a raw
{source, id} reference in the runtime merge, so adapters never receive an unresolved reference.
Reference Form
A credential field accepts a plaintext string, a${ENV} shorthand, or the reference form below.
Plaintext strings and
${ENV_VAR} continue to work exactly as before. The {source, id} reference form is purely additive — you never have to migrate an existing gateway.yaml.Availability States
praisonai gateway doctor reports each field’s availability without printing its value, so operators can validate secret wiring before start-up.
Human-friendly output:
exec-sourced credentials report as configured without running the command — the probe resolves it exactly once, so one-shot / rate-limited / rotating secret CLIs are never invoked twice.
Log Redaction
Every resolved secret is registered so it is scrubbed from logs and tracebacks.Values shorter than 4 characters (
_MIN_REDACT_LEN = 4) are not registered — this avoids over-redacting ordinary text.Custom Resolvers
Register a resolver to add a source (Vault, AWS Secrets Manager, GCP Secret Manager, 1Password,pass).
Backward Compatibility
Plaintext and${ENV} keep working; the reference form is purely additive.
Full Example
Best Practices
Prefer file for Docker and Kubernetes secrets
Prefer file for Docker and Kubernetes secrets
A mounted secret file (
/run/secrets/...) is never inherited by child processes, unlike a process-wide env var. Use { source: file, id: ... } for container deployments.Prefer exec for secret managers with rotating credentials
Prefer exec for secret managers with rotating credentials
Vault, AWS Secrets Manager, and GCP Secret Manager issue short-lived, rotating tokens.
{ source: exec, id: "..." } resolves the current value at start-up instead of pinning a stale one.Keep ${ENV} for local development only
Keep ${ENV} for local development only
${ENV} and { source: env, id: ... } are convenient for local runs, but the value is visible to every child process. Move to file or exec for production.Run gateway doctor before shipping
Run gateway doctor before shipping
praisonai gateway doctor validates every field and prints the availability table without revealing any value — a safe pre-flight check for CI and deploy scripts.Related
Gateway CLI
gateway doctor and gateway status CLI reference.Gateway
Gateway overview and quick start.
Gateway Credential Rotation
Rotating the gateway’s own auth token.
Standalone Bot YAML
Single-bot YAML configuration and pre-flight checks.

