# API keys TestVibe uses API keys and secrets when generation agents, workflow integrations, or generated tests need credentials. Sensitive values are stored as GitHub Actions secrets so they are not displayed back in plain text after saving. ## Where keys are managed There are three related settings areas: | Area | Use it for | | ---------- | ------------------------------------------------------------------------------ | | Repository | Add or replace the API key for the selected AI coding agent. | | Secrets | Manage sensitive workflow values such as provider keys, passwords, and tokens. | | Variables | Manage non-sensitive workflow values that can be stored in plain text. | The **API** settings page is different: it explains TestVibe's workflow entry point and how `testvibe.yml` can be invoked. Provider keys usually belong in **Repository** or **Secrets** settings. ## Common provider keys | Agent or provider | Typical secret name | | --------------------------- | ----------------------------------------------- | | OpenAI or Codex | `OPENAI_API_KEY` | | Anthropic or Claude | `ANTHROPIC_API_KEY` | | Other tools or integrations | The secret name shown by that tool or workflow. | The exact key name depends on the selected agent or integration. ## Add or replace an AI provider key 1. Open **Settings**. 2. Select **Repository**. 3. Choose the AI coding agent the project should use. 4. Enter the API key in the key field. 5. Save the repository settings. After a key is saved, TestVibe may show a placeholder such as `***`. That means a secret exists; it does not reveal the saved value. ## Add a workflow secret 1. Open **Settings**. 2. Select **Secrets**. 3. Choose the repository or organization scope when available. 4. Add the secret name and value. 5. Save the secret. Use secrets for passwords, tokens, provider keys, private API keys, and test account credentials. ## Use variables for non-secret values Use **Variables** for values that are safe to display in plain text, such as an environment name, public base path, or non-sensitive feature flag. If a value should not appear in logs, screenshots, repository pages, or shared docs, store it as a secret instead. For the full setup guide, see [Add API keys and secrets](/workspace/add-api-keys-and-secrets.md). For missing key errors, see [Missing secrets](/troubleshooting/missing-secrets.md). --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.testvibe.com/account-settings/api-keys.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.