# Credential Vault

The credential vault is used to hold user IDs, secret keys, passwords and other information used to access external services from rules.

The main benefit from using the vault is that rule writers have no exposure to any of those account details, and it also avoids sensitive data being stored as clear text.

Each set of credentials in the vault is installed at the same time as the rules themselves are installed via an extension.

The following shows sample credentials for the Kapow SMS service:

<figure><img src="/files/p6wWFS7U5PqlbtUl8bx9" alt=""><figcaption><p>Credential Vault</p></figcaption></figure>

By default, passwords are hidden and user IDs visible. You can manually hide the user IDs as well by clicking the Hide Value button. However, please note that there is no "unhide" feature.

Credentials stored in the credential vault are automatically sent to the <code class="expression">space.vars.X\_Agent\_Name\_Single</code> when a configuration is deployed.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.tomorrowx.com/cap/product-reference/administration-functions/credential-vault.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.