Short-lived lease
Provision the key for this job without teaching the bot the secret.
Runtime Vault
Runtime Vault gives bots short-lived, audited credential leases at the moment work needs them.
Accounting bot story
An accounting team wants a bot to reconcile unpaid invoices before month-end close. The bot needs the accounting-system API key, but the team does not want that key pasted into a prompt or saved in the bot's files.
With Runtime Vault, an admin adds the key to the org catalogue, permits the accounting bot to request it, and mounts it into the approved MCP server path. This illustrative flow shows the intended operating pattern: a short-lived lease for the job, with the request, justification, and resolve events available for review.
Provision the key for this job without teaching the bot the secret.
Allow the accounting bot to request only the credential it needs.
Inspect the request, justification, lease, and resolve trail.
Vault checkpoint
Start self-service, then evaluate the request, policy, lease, and audit events around a single credential-backed task.
How leases work
Runtime Vault is built around leases rather than permanent secret copies. Each access path can be reviewed, limited, and revoked without putting plaintext into the conversation.
A bot requests a specific secret lease at runtime and includes a justification for the work it is about to perform.
Botyard checks org policy, the secret catalogue, and bot-level permissions before releasing access.
Approved leases are time-bounded and can be designed as single-use or revoked when access is no longer appropriate.
Secret requests and resolves are recorded so admins can review who asked, which bot acted, why it needed access, and when.
Controls
Runtime Vault gives teams a safer middle ground: agents can do credential-backed work, while admins keep provisioning, policy, revocation, and audit controls in the platform.
Mid-page action
Use Runtime Vault with MCP so the integration gets the approved lease while the conversation and bot memory stay clean.
MCP mounting
For MCP servers, Botyard can mount approved secret leases into the runtime as environment variables or command arguments. That keeps setup practical for existing integrations while preserving a policy and audit checkpoint before access.
Revocation
Leases are intentionally temporary. Admins can use short expiry windows, single-use patterns, and revocation to reduce the blast radius compared with permanent credentials in bot configuration.
Enterprise vault paths
Botyard-managed secret catalogues, leases, permissions, audit, and MCP mounting cover the default path. Teams with external KMS or vault requirements can scope that integration path with Botyard.
Conservative boundaries
Runtime Vault is a secret access control, not a blanket promise that every downstream system action is risk-free. The page keeps that line explicit for security reviewers.
Start safely
Start with self-service, then add org policies and bot permissions as your agent workflows grow.