Getting Started
Set up HLOS in under 5 minutes
HLOS Secrets is a secure vault for managing API keys and environment variables. This guide walks you through installation, authentication, and your first secret.
How HLOS Works
┌─────────────────────────────────────────────────────┐
│ YOUR INFRASTRUCTURE │ HLOS CLOUD │
│ ───────────────────── │ ────────────── │
│ • Agent runtime │ • Passport │
│ • LLM (Claude, GPT, etc.) │ • Wallet │
│ • Orchestration │ • Credentials │
│ • Business logic │ • Audit logs │
└─────────────────────────────────────────────────────┘
│
│ @hlos/cli or @hlos/staamp-mcp
▼
Agent calls HLOS for capabilities
HLOS never sees your prompts or dataYou build and host the agent. HLOS doesn't run your agent — it gives your agent a verifiable identity, secure credential access, and spending controls.
Prerequisites
- Node.js 18 or higher (
node --version) - npm or yarn package manager
- HLOS account (free to create)
Setup Steps
Install the CLI
Install the HLOS command-line interface globally via npm.
$ npm install -g @hlos/cli💡 Requires Node.js 18+ installed on your system.
Authenticate
Log in with your HLOS account. This will open a browser window for OAuth authentication.
$ hlos login💡 Your credentials are stored securely in your system keychain.
Create a Space
Spaces organize secrets by project or environment. Create one for your current project.
$ hlos spaces create my-project💡 Space names should be lowercase with hyphens (e.g., my-saas-app).
Add Your First Secret
Store a secret securely. You'll be prompted to enter the value.
$ hlos secrets set OPENAI_API_KEY💡 HLOS auto-detects the provider from key patterns (OpenAI, Stripe, etc.).
Pull Secrets Locally
Download secrets to a local .env.local file for development.
$ hlos pull💡 The .env.local file is automatically added to .gitignore.
Run with Secrets Injection
Start your app with secrets injected at runtime—nothing written to disk.
$ hlos run -- npm start💡 This is the most secure way to use secrets in development.