What this setup unlocks
Use Braintrust for model evaluations, experiments, and traces while Trusty Squire injects the credential only into allowed provider requests.
- Record model traces and experiment results.
- Run repeatable evaluation datasets during development.
What your agent does
These public steps preserve the active registry flow while omitting captured account identifiers, brittle DOM selectors, and literal form values.
- 01
navigate
Open the Braintrust account console.
- 02
click oauth button
Choose google sign-in.
- 03
click
Continue through the account flow.
- 04
extract via regex
Capture the validated credential directly into the vault.
Credential saved to the vault
BRAINTRUST_API_KEYBRAINTRUST_API_KEY is a opaque api_key validated at 8 to 64 characters.
Use it without revealing the provider key
In the Vault, first make api.braintrust.devthe credential's primary allowed host. Then ask your agent to call grant_app_access. It returns a host-scoped egress base URL and a revocable token; the backend uses those values to list Braintrust projects.
// One-time Vault policy: make api.braintrust.dev
// the primary allowed host. Off-allowlist requests are refused.
// Then ask your agent to create a scoped grant:
grant_app_access({
service: "braintrust",
rate_limit_per_hour: 100
})
// Inject the returned fields from backend-only secret storage:
// SQUIRE_EGRESS_BASE_URL=<returned base_url>
// SQUIRE_EGRESS_TOKEN=<returned token>
const response = await fetch(
`${process.env.SQUIRE_EGRESS_BASE_URL}/v1/project?limit=10`,
{
headers: {
Authorization: `Bearer ${process.env.SQUIRE_EGRESS_TOKEN}`,
},
},
);
if (!response.ok) throw new Error(`Braintrust returned ${response.status}`);
const projects = await response.json();Provider request checked against Braintrust API: list projects on 2026-07-15.
SQUIRE_EGRESS_TOKEN in backend-only secret storage. Do not expose it in browser JavaScript, logs, or source control. grant_app_accessreturns this scoped token once through the MCP result, so it can enter agent context; it is not the provider key. Move it directly into your deployment's secret store, or useuse_credential when you need zero grant-token exposure. Grants are host-scoped, audited, and revocable without rotating the provider credential.Frequently asked questions
- How do I use the Braintrust API key without .env?
- Ask your coding agent: “Use Trusty Squire to sign me up for Braintrust, save the API key, allow api.braintrust.dev for server-side requests, and wire it into this app without exposing the raw key.” Trusty Squire captures the provider credential directly into its write-only vault instead of returning it for an .env file. BRAINTRUST_API_KEY is a opaque api_key validated at 8 to 64 characters.
- Can Trusty Squire automate Braintrust signup?
- For a new account, the reviewed skill uses google sign-in as the provider's signup path; for an existing identity, the same path signs in instead. Choose google sign-in. Continue through the account flow. A hard CAPTCHA, payment, phone requirement, or human-only decision still stops the run for you.
- How does Braintrust MCP provisioning keep the API key private?
- Trusty Squire is the MCP server between your coding agent and the vault. It stores the captured Braintrust credential as a write-only value, then returns a reference or scoped egress grant instead of the raw provider key. The backend grant can call only its configured provider host and remains revocable and auditable.
- What can I do with the generated Braintrust credential?
- Braintrust documents this bearer credential for its API, including project, experiment, dataset, prompt, and trace operations permitted by the organization.
- What should I verify before using Braintrust in production?
- The registry record does not include an organization name, project ID, data-plane region, or API-key role. Confirm those separately; EU and self-hosted organizations use a different API host.