> ## Documentation Index
> Fetch the complete documentation index at: https://ona.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# User secrets

> Personal secrets available across all your projects and environments.

User secrets are personal to you - your API keys, tokens, and credentials available in every environment you create. They're ideal for personal access tokens that shouldn't be shared with the team.

**User secrets have the highest precedence.** They override project and organization secrets with the same name, letting you customize without affecting teammates.

## When to use user secrets

Use user secrets when the credential belongs to an individual rather than to the team.

Common examples:

* your personal GitHub or GitLab token
* your personal Linear or Notion token
* credentials for tools only you should use
* temporary tokens you are testing before standardizing them at project or organization scope

## Manage user secrets

Navigate to **Settings → My Account → Secrets**.

<img src="https://mintcdn.com/gitpod-13c83c2b/9oDzCvNF_Hamk7gi/images/docs/flex/secrets/user-secret-list.webp?fit=max&auto=format&n=9oDzCvNF_Hamk7gi&q=85&s=8f3b99f3d1e1376a52ade7febfb62fb7" alt="User secrets settings page showing list of personal secrets with type and name columns" width="2952" height="2024" data-path="images/docs/flex/secrets/user-secret-list.webp" />

From here you can create, edit, and delete secrets. Each secret can be an [environment variable](/ona/configuration/secrets/environment-variables), [file](/ona/configuration/secrets/files), or [container registry credential](/ona/configuration/secrets/container-registry-secret).

## Common user secrets

| Secret           | Purpose                     |
| ---------------- | --------------------------- |
| `LINEAR_API_KEY` | Personal Linear access      |
| `GITHUB_TOKEN`   | Personal GitHub token       |
| `NPM_TOKEN`      | Private npm registry access |

## When to use user vs project secrets

* **User secrets**: Personal tokens, credentials you don't want to share
* **Project secrets**: Shared team credentials, service accounts, project-specific config

## How user secrets interact with other scopes

If the same secret name exists at multiple levels:

1. user secret wins
2. project secret is used next
3. organization secret is the fallback

This is useful when the team defines a default token or endpoint but an individual needs to override it for debugging or personal access.

## Related

* [How secrets work](/ona/configuration/secrets/overview)
* [Project secrets](/ona/projects/project-secrets)
* [Organization secrets](/ona/organizations/organization-secrets)