Session Vault (Saved Logins)

Record and reuse authenticated browser sessions across agents.

What is the Session Vault?

The Session Vault stores encrypted browser sessions — cookies, local storage, and authentication state — so agents can reuse saved logins without needing credentials. Record a login once, and any agent can pick up where you left off.

How It Works

1. Record — Open a browser session from the Workspace, navigate to a website, and log in manually.
2. Save — Click "Save Login" and give it a label (e.g., "Stripe Dashboard", "LinkedIn").
3. Reuse — When creating a new browser session, select a saved vault session to start already logged in.
4. Agent Access — Agents can load vault sessions to access authenticated services autonomously.

Security

• AES-256-GCM encryption — all stored browser state is encrypted at rest with a team-specific key.
• Audit logging — every vault access (record, playback, delete) is logged with timestamp, user, and action.
• Team scoping — vault sessions are accessible only to members of the team that created them.
• No passwords stored — the vault stores browser cookies and session tokens, not plaintext credentials.

Managing Vault Sessions

From the Browser section in the Workspace sidebar, you can:

• View all saved sessions with domain, label, last used date, and use count.
• Delete sessions that are no longer needed.
• Re-record a session if the login has expired.

Best Practices

• Use descriptive labels — "Stripe Dashboard (Finance Team)" is better than "login1".
• Re-record sessions periodically — cookies and tokens expire, so refresh vault sessions before they go stale.
• Use service accounts when possible — record logins for dedicated bot/service accounts rather than personal accounts.
• Review the audit log — check which agents and users are accessing which saved sessions.