Datastore - Automation Anywhere EKB Docs

The Datastore tab allows you to manage variables and encrypted secrets used by your project’s workflows. It is split into two tabs — Datastore for plain-text variables and Vault (Encrypted) for sensitive secrets.

Datastore
Vault (Encrypted)

The Datastore tab stores non-sensitive plain-text variables used by workflows. Values are scoped to a specific level using the Scope dropdown.

Scope

Use the Scope dropdown to filter and manage variables at a specific level:

Scope	Description
Project	Variables shared across all flows within the project.
Flow	Variables scoped to a specific workflow.
Run	Variables that exist only during a single workflow execution.

Variables Table

Column	Description
Key	The variable name used to reference the value in workflows.
Value	The stored value.
Type	The data type of the value: `string`, `number`, `boolean`, or `object`.
Tags	Optional tags assigned to the variable.
Actions	Edit (pencil) or delete (trash) the variable.

Use the Search datastore field to find a variable by key name.

Add a Variable

Select the + Add Value button.
Fill in the Create Variable form:
Field Description
Name The key name used to reference this variable in workflows.
Type The data type of the value: String, Number, Boolean, or Object.
Value The value to store.
Select Add to save the variable.

Field	Description
Name	The key name used to reference this variable in workflows.
Type	The data type of the value: String, Number, Boolean, or Object.
Value	The value to store.

The Vault (Encrypted) tab stores sensitive secrets using Fernet encryption (AES-128-CBC). Secrets stored here can be referenced in workflows and integrations without exposing their raw values.Typical values stored in the Vault include API keys, authentication tokens, passwords, certificates, and external service credentials.

Scope

Use the Scope dropdown to manage secrets at the appropriate level:

Scope	Description
Project	Secrets shared across all flows within the project.
Flow	Secrets scoped to a specific workflow.
Run	Secrets that exist only during a single workflow execution.

Secrets Table

Column	Description
Key	The secret name used to reference the value in workflows.
Value	Masked for security — the raw value is never displayed after creation.
Type	The data type of the secret.
Actions	Edit or delete the secret.

Use the Search datastore field to find a secret by key name.

Add a Secret

Select the + Add Secret button.
Fill in the Create Variable form:
Field Description
Name The key name used to reference this secret in workflows.
Type The data type of the value: String, Number, Boolean, or Object.
Value The secret value to encrypt and store.
Select Add to save the secret.

Field	Description
Name	The key name used to reference this secret in workflows.
Type	The data type of the value: String, Number, Boolean, or Object.
Value	The secret value to encrypt and store.

Vault values are encrypted at rest. Once saved, the raw value cannot be retrieved — only replaced. Store a secure copy of any secrets before saving them here.

Variable Resolution Order

When a workflow retrieves a variable, the system resolves values according to the following priority: Run → Flow → Project The most specific scope takes precedence. If the same variable exists at both the Flow and Project level, the Flow-level value will be used. Example:

Scope	Variable	Value
Project	`API_URL`	`https://api.company.com`
Flow	`API_URL`	`https://sandbox.api.company.com`

When the flow runs, it will use the Flow-level value since it overrides the Project-level value.

​Scope

​Variables Table

​Add a Variable

​Scope

​Secrets Table

​Add a Secret

​Variable Resolution Order

Scope

Variables Table

Add a Variable

Scope

Secrets Table

Add a Secret

Variable Resolution Order