← Back to blog release

Run agents on your own keys with user-scoped secrets

Secrets can now be scoped to each user: teammates store their own values, and Paperclip checks the human behind a run supplied them before it dispatches.

announcements

You don’t hand a colleague your GitHub token. Paperclip v2026.707.0 applies the same rule to agents: secrets can now be scoped to the individual human, not just the company. Each user stores their own value for a secret, and Paperclip checks that the human behind a run has supplied what it needs before the run dispatches (#8825).

One value per secret

Until now, a secret held one company-wide value (the secrets reference covers that model, its providers, and vaults). One value works for one person. The moment a second human joins, they either borrow someone else’s keys or can’t run agents at all.

How it works

The pieces land in order. A secret definition can now be user-scoped, and each user stores their own value for it. Definitions bind to environments, so the runs that need a credential declare it. New responsible-user run attribution ties every run to the human it acts for. Before a run dispatches, Paperclip deterministically checks that this user has supplied the value the run needs, so a missing credential surfaces before the run starts.

The user-scoped secret chain: definition, per-user values, environment binding, run attribution, dispatch check

You see the check in the product. If a secret you’re responsible for has no value yet, Paperclip warns you as you create the task, names the missing secret, and lets you set your value on the spot.

Creating a task while a user secret you're responsible for is unset: the warning names the secret and offers a Set value action

Secret references everywhere env vars live

The same release replaces the legacy environment variables editor with a single reusable editor used everywhere environment variables are configured: agents, projects, routines, and company environments. It handles text values, secret references, draft rows, and sensitive-value warnings consistently, with a clearer affordance for converting a plain value into a secret reference (#8930).

Getting started

Define a user-scoped secret, have each teammate store their own value, and bind the definition to the environments that need it. Dispatch does the checking from there. The user-scoped secrets guide explains secret scopes and responsible-user attribution in depth.

Groundwork for multi-user and cloud execution

The release notes call user-scoped secrets “a real prerequisite for safe multi-user and cloud execution.” The immediate payoff is concrete: the next person who joins your company supplies their own keys and runs agents the same day, and every run is attributable to the human behind it.