Skip to main content

Secrets

Secrets let you store sensitive values (like login credentials) that navable uses during audits to access authenticated pages. Secrets are managed in Settings → Audit Settings.

Adding a Secret

  1. Go to Settings → Audit Settings.
  2. Scroll to the Secrets section.
  3. Click Add Secret.
  4. Fill in the fields:
FieldDescription
NameA label for the secret (e.g., "Test Account Password")
Field HintDescribes where the secret is used (e.g., "Password field on login page")
ValueThe secret value (masked after saving)
  1. Save the secret.

Using Secrets in Interaction Steps

When configuring interaction steps, you can reference stored secrets instead of typing raw values. For example, a login flow might look like:

  1. Navigate to your login page.
  2. Type the stored username secret into the email field.
  3. Type the stored password secret into the password field.
  4. Click the "Sign In" button.
  5. Wait for the authenticated page to load.

Security

  • Secrets are encrypted at rest using industry-standard encryption.
  • Secret values are never sent to AI models or exposed in audit results, logs, or the UI after saving.
  • You can delete secrets at any time from the Audit Settings page.

Best Practices

  • Use dedicated test accounts — Create a test account specifically for navable audits rather than using personal credentials.
  • Minimal permissions — Give the test account only the permissions needed to access the pages you want to audit.
  • Keep secrets updated — If the test account password changes, update the stored secret in navable to avoid audit failures.