# Credential Source Pattern (cross-cutting) (https://jackin.tailrocks.com/roadmap/credential-source-pattern/)



**Status**: Partially implemented — `EnvValue` covers literals, host-env references, structured `op://` refs, and on-demand `jackin-exec` delivery; auth/provider-key forms reuse those env values through shared console source pickers. A general `CredentialSource` abstraction spanning non-env consumers (command, OS secret store, file backends) has not been started in source.

## Shipped baseline [#shipped-baseline]

`EnvValue` (<RepoFile path="crates/jackin-core/src/env_value.rs">crates/jackin-core/src/env\_value.rs</RepoFile>) is the persisted operator-env vocabulary: `Plain(String)`, structured `OpRef` (canonical `op://` URI, display breadcrumb, optional account, `on_demand` flag), and `Extended { value, on_demand }` for literal/`$VAR` values that opt into on-demand delivery.

CLI/config paths and console pickers turn a selected or typed 1Password value into `EnvValue::OpRef`; typed non-`op` values stay `Plain`/`Extended`. Auth/provider-key forms use the same literal-vs-1Password source picker and persist credentials back through env values (<RepoFile path="crates/jackin-console/src/tui/auth_config.rs">crates/jackin-console/src/tui/auth\_config.rs</RepoFile>, <RepoFile path="crates/jackin-console/src/tui/input/auth.rs">crates/jackin-console/src/tui/input/auth.rs</RepoFile>).

`jackin-exec` filters `on_demand` env values out of launch env, advertises their names to the container via `JACKIN_EXEC_BINDINGS` (never the values), then resolves selected `op://`, host-env, or literal values through the host socket for one command (<RepoFile path="crates/jackin-runtime/src/runtime/launch/launch_pipeline.rs">crates/jackin-runtime/src/runtime/launch/launch\_pipeline.rs</RepoFile>, <RepoFile path="crates/jackin-protocol/src/lib.rs">crates/jackin-protocol/src/lib.rs</RepoFile>).

That baseline is env-shaped: it does not model `command`, OS secret store, or file backends, and there is no reusable type for non-env consumers (GitHub link tracking, task sources, daemon/MCP credential requests).

## Remaining work [#remaining-work]

1. `CredentialSource` enum + TOML deserialization for literal, host env, command, 1Password, OS secret store, and file backends — no such type exists in source yet.
2. Adapter from the shipped `EnvValue`/`OpRef` vocabulary into `CredentialSource`, so existing operator env, auth/provider-key forms, and `jackin-exec` behavior keep working during migration.
3. Missing shared backends: `command` (run without shell, minimal env, stdout-only secret), OS secret store (Keychain/`secret-tool`/Credential Manager), and `file`.
4. Secret wrapper (`SecretString` or equivalent) with zeroize-on-drop and redacted debug output.
5. Replace existing env-shaped credential lookups with the unified type where the consumer is not inherently an environment variable.
6. New consumers ([GitHub link tracking](/roadmap/github-link-tracking/), [task source abstraction](/roadmap/task-source-abstraction/), daemon/MCP credential requests) accept `CredentialSource` from day one instead of rolling their own resolution.
7. New docs page `docs/content/docs/(public)/guides/credentials.mdx`: shipped baseline, target backends, delivery modes, security tradeoffs, recommended pattern per use case.

## Out of scope [#out-of-scope]

* Vault / AWS Secrets Manager / GCP Secret Manager backends — defer until a real user asks; file-mount + K8s secrets covers most of the space.
* Per-source resolution caching with TTL — lazy-once-per-run is enough for V1.
* A `jackin secrets test` CLI that resolves every configured credential and reports status.

## Related work [#related-work]

* Research: [Credential Source Pattern — Design](/reference/research/security/credential-exposure/credential-source-pattern/) — multicode prior art, target TOML shape, resolution/forwarding model, open design questions.
* [1Password integration](/roadmap/onepassword-integration/) — existing consumer; refactors onto the new type.
* [Claude auth strategy](/reference/research/authentication/claude-auth-strategy/) — existing consumer; this pattern should be the abstraction it uses, not a parallel design.
* [GitHub link tracking](/roadmap/github-link-tracking/), [Task source abstraction](/roadmap/task-source-abstraction/) — new consumers.
* [jackin-remote](/roadmap/jackin-remote/) — credential forwarding model (local resolve, remote forward).
* [Agent Orchestration Program](/reference/research/agent-orchestration/program-research/)
