Skip to content

Settings

Configure security, access, and integration settings for your Zijus agent.

Secrets Management

Overview

Securely store sensitive credentials (API keys, tokens, etc.) for workflow use. Secrets are: - Encrypted at rest with AES-256 - Never exposed in logs or LLM interactions - Accessible only via the GetSecret tool

Creating a Secret

  1. Navigate to Settings > Secrets
  2. Click + Add Secret
  3. Provide:
  4. Name: Reference for workflows (e.g., stripe_api_key)
  5. Value: The sensitive data
  6. Description (Optional): Usage context

Usage in Workflows

# Correct usage
api_key = await CallTool('GetSecret', SECRET="stripe_api_key")

# Avoid (logs values):
print(api_key)

Management

  • Deletion:
  • Blocked if referenced in active workflows
  • Requires workflow modification first
  • Audit: All accesses are logged

Token Management

Token Types

Type Use Case Max Validity
API Third-party integrations 1 year
Email Agent email communication 2 years
Widget Embedded chat sessions Unlimited

Creating Tokens

  1. Go to Settings > Tokens
  2. Click Generate New Token
  3. Specify:
  4. Name (e.g., "CRM Integration Token")
  5. Expiry date
  6. Description (optional)

Security Practices

  • 🔐 Tokens are displayed once upon creation
  • âŗ 7-day expiry notifications
  • 🗑ī¸ Immediate revocation available

Access Control (RBAC)

Current Roles

Role Capabilities
Admin Full system control
Developer Create/edit workflows
Analyst View analytics only

Granting Access

  1. Admin navigates to Settings > Users
  2. Enters target user's work email
  3. Selects role from dropdown
  4. Clicks Grant Access

ℹī¸ Users must re-login to apply new permissions

Upcoming Features

  • Custom role creation
  • Permission granularity controls

Widget Configuration

Embedding Steps

  1. Navigate to Settings > Widget
  2. Customize:
  3. Colors: Match your brand
  4. Icons: Upload custom logo
  5. Features: Toggle file upload/voice input
  6. Click Get Code
  7. Paste generated script in website <body>

Example Output:

<script>
  window.zijusWidget = {
    agentId: "AGN-12345",
    theme: {
      primaryColor: "#3a86ff",
      headerText: "Support Assistant"
    }
  };
</script>
<script src="https://cdn.zijus.com/widget/v2.js" async></script>

Email Settings

Setup Process

  1. Create a long-lived token (Settings > Tokens)
  2. Navigate to Settings > Email
  3. Configure:
  4. Display Name: "Acme Support Bot"
  5. Footer Text: "This is an automated message"
  6. Access Control:
    • Public (all senders)
    • Domain-restricted (e.g., "@company.com")
    • Allowlist (specific emails)

Security Notes

  • 🔄 Token must be active
  • ✉ī¸ Email-bound tokens can't be deleted
  • 🔍 Inbound emails are scanned for spam

Sample Email Flow

sequenceDiagram
    User->>Agent: Email to agent@zijus.com
    Agent->>Workflow: Triggers email_handler
    Workflow->>User: Sends response

Best Practices

  1. Secrets
  2. Rotate quarterly
  3. Use descriptive names

  4. Never hardcode in workflows

  5. Tokens

  6. Set minimum viable validity
  7. Revoke unused tokens

  8. Store securely (e.g., password manager)

  9. Access Control

  10. Follow principle of least privilege
  11. Audit quarterly
  12. Use SSO where possible

Troubleshooting

Issue Solution
Can't delete secret Check workflow dependencies
Token not working Verify expiry date
Widget not loading Check browser console for errors
Email delays Review agent's workflow latency