# Secrets Secrets are values that are defined off-chain which contain sensitive information such as API keys. Once defined, secrets are not viewable or editable. Secrets are never accessible after being encrypted and are only decrypted during runtime when a request is made. * All secrets are stored as strings and can contain only string literals. * Variables and references to other secrets are not permitted in secret values. * A midpoint that references secrets that have not yet been defined can not be published In order to interpolate a secret during runtime, enter the name of a secret, surrounded by double brackets, e.g. `[[secretName]]` Sample usage of a secret inside a [Make HTTP Request](/midpoint-documentation/tasks/make-http-request.md) definition: ```json { "authType": "bearer", "auth": { "bearer": "[[bearer_token]]" } } ``` ## Working with Secrets ```bash midpoint add-secret ``` ``` midpoint delete-secret ``` ``` midpoint list-secrets ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.midpointapi.com/midpoint-documentation/core-concepts/midpoints/source-and-task-definitions/secrets.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.