Documentationbreadcrumb arrow Grafana Cloudbreadcrumb arrow Testing and syntheticsbreadcrumb arrow Agentic testingbreadcrumb arrow Secrets management
Grafana Cloud

Create and manage secrets for Agentic testing

Use Secrets management in Agentic testing to store logins, API keys, tokens, and other sensitive values encrypted for your stack. Reference secrets as $SECRET_NAME in user journey steps so values are injected at run time and never saved as plain text in the test.

Secrets you create in Agentic testing are shared with k6 Cloud. Anyone with secret-management permissions on the stack can read, edit, or delete them from either Agentic testing > Settings or Performance testing > Settings.

Note

Secrets management is currently in public preview. Grafana Labs offers limited support, and breaking changes might occur prior to the feature being made generally available.

For encryption details, limits, and role-based access control, refer to Create and manage secrets in Performance testing.

Before you begin

To manage secrets for Agentic testing, you need:

  • Access to Testing & synthetics > Agentic testing > Settings in your stack
  • Permission to create, edit, or delete secrets on the stack

Refer to Role-based access control in the Performance testing secrets documentation for role requirements.

Only text-based secrets are supported. Secret names must be 253 characters or less, descriptions must be 253 characters or less, and secret values must be 24kB or less. Secrets can have a maximum of 10 labels, and label keys must be 63 characters or less.

Open Secrets management

  1. Sign in to your Grafana Cloud stack.
  2. On the main menu, click Testing & synthetics > Agentic testing > Settings.
  3. Click Secrets management.

The Secrets page lists secrets available to your agentic tests. If you have not created any yet, the page shows an empty state with + Create secret.

Create a secret

To create a new secret:

  1. On the Secrets page, click + Create secret.

  2. In the Create secret dialog box, fill in the following fields:

    • Name: A unique name used to reference the secret in journey steps, for example quickpizza-admin-password. You can’t change the name after you save the secret.
    • Description: A short description of what the secret is for.
    • Value: The secret value returned when the secret is referenced at run time.
    • Labels (optional): Key/value labels to organize secrets. Click + Add label to add one.

  3. Click Save.

Use a secret in a browser test

After you create a secret, reference it in a user journey step with $SECRET_NAME, where SECRET_NAME matches the Name you entered when you created the secret.

For example, if you create a secret named quickpizza-admin-password, you can add a journey step such as Fill password with $quickpizza-admin-password.

Refer to Create browser tests from plain-language user journeys for the full workflow to create and run a test.

Edit or delete a secret

To edit or delete a secret, open Agentic testing > Settings > Secrets management, find the secret in the list, and use Edit or Delete.

To update a secret Value, click Reset in the edit dialog box, enter the new value, and click Save.

Warning

Deleting a secret is permanent and can’t be undone. Agentic tests that reference a deleted secret fail until you update the journey steps or create a new secret with the same name.

Next steps