BOTYARD

Runtime Vault

Secrets bots can use, but never store.

Runtime Vault gives bots short-lived, audited credential leases at the moment work needs them.

Accounting bot story

Give the bot the key for the job, not forever

An accounting team wants a bot to reconcile unpaid invoices before month-end close. The bot needs the accounting-system API key, but the team does not want that key pasted into a prompt or saved in the bot's files.

With Runtime Vault, an admin adds the key to the org catalogue, permits the accounting bot to request it, and mounts it into the approved MCP server path. This illustrative flow shows the intended operating pattern: a short-lived lease for the job, with the request, justification, and resolve events available for review.

Short-lived lease

Provision the key for this job without teaching the bot the secret.

Scoped bot permission

Allow the accounting bot to request only the credential it needs.

Reviewable events

Inspect the request, justification, lease, and resolve trail.

Vault checkpoint

Try a short-lived lease on one narrow workflow.

Start self-service, then evaluate the request, policy, lease, and audit events around a single credential-backed task.

How leases work

Short-lived access with a reason attached

Runtime Vault is built around leases rather than permanent secret copies. Each access path can be reviewed, limited, and revoked without putting plaintext into the conversation.

  1. 01

    Ask with a reason

    A bot requests a specific secret lease at runtime and includes a justification for the work it is about to perform.

  2. 02

    Check permissions

    Botyard checks org policy, the secret catalogue, and bot-level permissions before releasing access.

  3. 03

    Use a short-lived lease

    Approved leases are time-bounded and can be designed as single-use or revoked when access is no longer appropriate.

  4. 04

    Leave an audit trail

    Secret requests and resolves are recorded so admins can review who asked, which bot acted, why it needed access, and when.

Controls

Built for useful bots and cautious admins

Runtime Vault gives teams a safer middle ground: agents can do credential-backed work, while admins keep provisioning, policy, revocation, and audit controls in the platform.

  • Secrets stay outside prompts, bot memory, chat transcripts, and long-lived bot configuration.
  • Users and admins provision secrets into an org-level catalogue instead of pasting plaintext into conversations.
  • Bot-level permissions and policy gates decide which bots can request which credentials.
  • Lease justification is captured with the request for later review.
  • Lease access is short-lived, auditable, and revocable rather than a permanent copy stored by the bot.
  • MCP servers can receive approved secrets through runtime environment or argument mounting paths.

Mid-page action

Mount credentials without teaching the bot secrets.

Use Runtime Vault with MCP so the integration gets the approved lease while the conversation and bot memory stay clean.

MCP mounting

Secrets reach approved integrations at runtime

For MCP servers, Botyard can mount approved secret leases into the runtime as environment variables or command arguments. That keeps setup practical for existing integrations while preserving a policy and audit checkpoint before access.

Revocation

Access can expire or be cut off

Leases are intentionally temporary. Admins can use short expiry windows, single-use patterns, and revocation to reduce the blast radius compared with permanent credentials in bot configuration.

Enterprise vault paths

External KMS and vault requirements

Botyard-managed secret catalogues, leases, permissions, audit, and MCP mounting cover the default path. Teams with external KMS or vault requirements can scope that integration path with Botyard.

Conservative boundaries

Clear about what the control covers

Runtime Vault is a secret access control, not a blanket promise that every downstream system action is risk-free. The page keeps that line explicit for security reviewers.

  • Runtime Vault governs the lease request, bot permission, policy check, and runtime mounting path. It does not claim every downstream business action is automatically approved.
  • Plaintext should not appear in chat, prompts, memory, or logs. Administrators should still review connected tools and MCP servers for their own handling of sensitive values.
  • Teams with external KMS or vault requirements can scope that integration path with Botyard.

Start safely

Give agents the access they need, only when they need it

Start with self-service, then add org policies and bot permissions as your agent workflows grow.