Skip to main content
Secret values allow you to securely pass credentials, API keys, and other sensitive data to AI agents during task execution. These values are automatically handled at type-time, never logged, and never exposed to the AI model. Secret values work with all agent types: browser-use, openai-cua, anthropic-cua, and gemini-computer-use.

Basic Usage

Pass credentials as key-value pairs in secretValues. The agent will securely use these values when logging into websites or filling forms. 
import Anchorbrowser from 'anchorbrowser';

const anchorClient = new Anchorbrowser({
  apiKey: process.env.ANCHORBROWSER_API_KEY
});

const response = await anchorClient.agent.task(
  'Login to LinkedIn and send a connection request to the Anchorbrowser team',
  {
    taskOptions: {
      url: 'https://linkedin.com',
      secretValues: {
        LINKEDIN_EMAIL: process.env.LINKEDIN_EMAIL,
        LINKEDIN_PASSWORD: process.env.LINKEDIN_PASSWORD
      }
    }
  }
);

console.log(response);
Secret values are the recommended way to handle any sensitive data in AI agent tasks. Never include credentials directly in prompts.

Domain-Scoped Secrets

For enhanced security, you can scope secrets to specific domains. Secrets will only be available when the browser is on a matching domain - preventing credential exposure on the wrong site. 
import Anchorbrowser from 'anchorbrowser';

const anchorClient = new Anchorbrowser({
  apiKey: process.env.ANCHORBROWSER_API_KEY
});

const response = await anchorClient.agent.task(
  'Login to LinkedIn, then login to Gmail and check my inbox',
  {
    taskOptions: {
      url: 'https://linkedin.com',
      agent: 'anthropic-cua',
      secretValues: {
        // Only available on linkedin.com
        '*.linkedin.com': {
          LINKEDIN_EMAIL: process.env.LINKEDIN_EMAIL,
          LINKEDIN_PASSWORD: process.env.LINKEDIN_PASSWORD
        },
        // Only available on google.com
        '*.google.com': {
          GOOGLE_EMAIL: process.env.GOOGLE_EMAIL,
          GOOGLE_PASSWORD: process.env.GOOGLE_PASSWORD
        }
      }
    }
  }
);

console.log(response);

Domain Pattern Examples

PatternMatches
*.linkedin.comwww.linkedin.com, login.linkedin.com
linkedin.comlinkedin.com, www.linkedin.com
https://*.google.comOnly HTTPS Google subdomains
*All domains (use sparingly)
Domain-scoped secrets are only available when the browser URL matches the pattern. If the agent navigates to a different domain, those secrets won’t be accessible.

TOTP / Two-Factor Authentication

Secret values support automatic TOTP code generation for 2FA. Use the bu_2fa_code suffix for your TOTP secret key: 
const response = await anchorClient.agent.task(
  'Login to the app and complete 2FA verification',
  {
    taskOptions: {
      url: 'https://secure-app.example.com/login',
      secretValues: {
        EMAIL: process.env.APP_EMAIL,
        PASSWORD: process.env.APP_PASSWORD,
        // TOTP secret - generates a fresh 6-digit code automatically
        APP_2FA_bu_2fa_code: process.env.APP_TOTP_SECRET
      }
    }
  }
);

Best Practices

Use Environment Variables

Never hardcode secrets in your code. Always load from environment variables or a secrets manager.

Scope to Domains

Use domain-scoped secrets for multi-site tasks to prevent credential leakage.

Meaningful Key Names

Use clear, descriptive key names like LINKEDIN_PASSWORD instead of PASS1.

Minimal Exposure

Only include secrets that the task actually needs.

Security Guarantees

GuaranteeDescription
Never loggedSecret values are excluded from all logs and telemetry
Never sent to AIReal values are never visible to the AI model
Type-time replacementSecrets are only used at the moment of typing
Domain isolationDomain-scoped secrets are only available on matching URLs
No storageSecrets are processed in-memory and never persisted