Credential vault
A credential vault is a scoped store that keeps the secrets agents need to authenticate tools out of prompts, code, logs and traces. Agents reference credentials logically; the tokens themselves live only in the physical secrets store and are injected at call time.
In NeoXam Agents
Vaults are workspace-scoped namespaces. Every tool call uses per-run signed tokens, and a contract-tested redaction layer guarantees that no secret — and no prompt or completion content — ever appears in descriptors, code, logs or telemetry.
Related terms
See how these concepts come together in a governed agentic platform for investment operations.
Explore the platform