> ## Documentation Index
> Fetch the complete documentation index at: https://wb-21fd5541-docs-sandboxes-integrations-placement.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

# Secrets

> Learn how to manage secrets in Serverless Sandboxes.

<Warning>
  Serverless Sandboxes is in public preview.
</Warning>

Use the [W\&B Secrets Manager](/platform/secrets) with the W\&B Python SDK to access sensitive information such as API keys and tokens in a sandbox.

To use a secret in a sandbox, first add it to your team's Secrets Manager. Then reference that secret by name when you create the sandbox.

<Caution>
  Don't include the secret's value directly in your code or in the sandbox configuration. Reference secrets by name only.
</Caution>

W\&B injects each requested secret into the sandbox as an environment variable. By default, the environment variable name matches the secret name. You can customize the environment variable name with the `env_var` parameter.

<Note>
  See [Manage secrets](/platform/secrets) for information about creating and managing secrets in your W\&B account.
</Note>

## Access secrets in a sandbox

Use the `Secret` class to specify which secrets to include in a sandbox. Pass one or more `Secret` objects to the `secrets` parameter of `Sandbox.run()`. Each `Secret` object identifies a secret by name. W\&B injects the secret value into the sandbox as an environment variable.

<Tip>
  Pass the secret name, not the secret value. Within the sandbox, read the secret from the corresponding environment variable.
</Tip>

The following example makes two existing secrets available in the sandbox: `HF_TOKEN` and `OPENAI_API_KEY`.

```python theme={null}
from wandb.sandbox import Sandbox, Secret

with Sandbox.run(
    secrets=[
        Secret(name="HF_TOKEN"),
        Secret(name="OPENAI_API_KEY"),
    ],
) as sandbox:
    result = sandbox.exec([
        "python",
        "-c",
        """
import os
if "HF_TOKEN" in os.environ:
    print(f"Hugging Face token found.")
if "OPENAI_API_KEY" in os.environ:
    print(f"OpenAI key token found.")
""",
    ]).result()
    print(result.stdout)
```

Inside the sandbox, access each secret through its environment variable. In this example, `HF_TOKEN` is available as `os.environ["HF_TOKEN"]`, and `OPENAI_API_KEY` is available as `os.environ["OPENAI_API_KEY"]`.

To customize the environment variable name for a secret, see [Use a custom environment variable name](#use-a-custom-environment-variable-name).

## Use a custom environment variable name

By default, a secret's environment variable name matches the secret name. To customize a sandbox's environment variable for a given secret, set the `env_var` parameter on `Secret` (`Secret(env_var="CUSTOM_NAME")`).

The following example checks that the `HF_TOKEN` secret is available in the sandbox:

```python theme={null}
from wandb.sandbox import Sandbox, Secret

with Sandbox.run(
    secrets=[
        Secret(name="HF_TOKEN", env_var="HUGGINGFACE_TOKEN")
    ],
) as sandbox:
    result = sandbox.exec([
        "python",
        "-c",
        """
import os
if "HUGGINGFACE_TOKEN" in os.environ:
    print(f"Hugging Face token found!")
""",
    ]).result()
    print(result.stdout)
```