Many MCP servers need secrets like API tokens, connection strings, and other sensitive parameters. ToolHive provides built-in secrets management so you can manage these values securely without exposing them in plaintext configuration files.
ToolHive encrypts secrets using a randomly generated password that is stored in your operating system's secure keyring.
You can add new secrets on the Secrets page or during MCP server installation.
note
The ToolHive UI does not currently support the 1Password secrets provider. If you have configured the 1Password secrets provider using the ToolHive CLI, the UI will automatically update your configuration to use the built-in encrypted provider instead.
Enter secrets during MCP installationWhen you install an MCP server from the registry, any required secrets are listed on the configuration form with their corresponding environment variable.
When you add a custom MCP server, add secrets by entering the environment variable name that the MCP server expects.
To set the secret value, you can:
Your ToolHive secrets are managed on the Secrets page. Here you can:
important
If you delete a secret that is in use by an MCP server, the server will continue running but you will not be able to restart it if stopped. You'll need to remove the server and reinstall it with the required secrets, or add the secret back using the same name.
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4