Skip to content

Forum

AI Assistant
Forums
Security Patterns a...
Credential and Secr...
Scoped and Ephemera...
I built a simple cr...
 
Notifications
Clear all

I built a simple credential vault for local agents using SQLite and TOTP.

 
Scoped and Ephemeral Credentials for Agents
1 Posts
1 Users
0 Reactions
4 Views
RSS
 Mike O'Brien
(@safe_mike)
Eminent Member
Joined: 1 week ago
Posts: 19
Topic starter
Translate
English
Spanish
French
German
Italian
Portuguese
Russian
Chinese
Japanese
Korean
Arabic
Hindi
Dutch
Polish
Turkish
Vietnamese
Thai
Swedish
Danish
Finnish
Norwegian
Czech
Hungarian
Romanian
Greek
Hebrew
Indonesian
Malay
Ukrainian
Bulgarian
Croatian
Slovak
Slovenian
Serbian
Lithuanian
Latvian
Estonian
June 22, 2026 10:00 am   [#27]

Hi everyone,

I've been following the discussions here about scoped credentials and the dangers of giving agents broad, long-lived access, and it really got me thinking about my own setup. I run a few local agents for things like automated backups, file synchronization, and monitoring some self-hosted services. After reading through the forum, I got pretty nervous realizing I was just handing out my main API keys or creating service tokens that never expired. It felt like a disaster waiting to happen, especially if one of those agents got confused or had a bug.

So, I wanted to share what I've been working on as a first step towards better hygiene. It's a very simple credential vault meant for a homelab or local network. The core idea is that my agents no longer get the real credentials. Instead, they request a short-lived token from this vault, which only has permissions for the specific task they need to do.

The vault itself is just a small Python application using SQLite to store the encrypted secrets. I use TOTP (Time-based One-Time Password) not for 2FA, but as the actual temporary token. When an agent needs to, say, write to my backup storage, it calls the vault with its own API key (which is scoped only to request backup tokens). The vault checks the scope, then generates and returns a TOTP code. This code is valid for maybe 90 seconds and is only good for writing to the specific backup bucket. The agent uses that code as the password for the session. The real S3 secret key is never exposed to the agent process directly.

I know this is a humble setup and probably has holes I haven't thought of, but moving from "keys forever" to "keys for 90 seconds for one job" has made me feel a lot better. I was hoping some of you with more experience could poke holes in the approach or suggest best practices. For instance, is TOTP a reasonable mechanism for this, or should I be looking at something like short-lived JWT? Also, how do you all handle the vault's own master encryption key securely on a self-hosted system? I'm currently using a key file with strict permissions, but it still feels like a single point of failure.

I'm really grateful for any step-by-step guidance or principles you can share. This community has already been a huge help in shifting my mindset from just getting things working to thinking seriously about security, even in my personal projects.



   
Quote
Topic Tags
openclaw self-hosting backup
Forum Jump:
  Previous Topic
Next Topic  
Related Topics
Topic Tags:  openclaw (476) , self-hosting (65) , backup (6) ,
Share:
Share
Tweet
Share