Core concepts

Five ideas explain the whole product. Read this once and everything else clicks.

Credentials (items)

A credential is a secret you hand to Veil once — an API key, an OAuth token, a database connection string, an SSH key. You paste it in the app; from that moment it lives encrypted on the server and is never shown back to anyone (with one exception you control: a “reveal” permission). A credential also carries non-secret config: which host it’s for, how it’s attached to a request, and its policy.

Workspaces

A workspace is a folder of credentials with its own encryption key. You might keep production, staging, and personal workspaces. Workspaces are the unit of access control — you grant a teammate (or an agent token) permissions per workspace, not per individual secret.

The broker

The broker is the part that actually uses a secret on your behalf. Instead of giving a credential to an agent, the agent asks the broker to make the call. The broker decrypts the secret in its own memory, attaches it to the outbound request, and returns only the response.

Tokens

A token is how a non-human client authenticates to Veil. Tokens come in distinct kinds, and each kind is walled off to its own job:

• Agent tokens drive the MCP broker (an AI agent uses secrets but never reads them).
• CI tokens inject secrets into a build’s environment (veil run).
• SSH tokens let the local SSH agent ask Veil to sign.

A token can only ever do less than the person who created it — it narrows your access, never widens it. See Token types.

Permissions

Within a workspace, every member or token has up to five permissions:

Next: get hands-on with the Quickstart, or read how the guarantees hold in Security & reliability.