# OpenBao (/docs/runtime/components/openbao)



Component Category [#component-category]

Access and security / secrets management

Component Description [#component-description]

OpenBao is an identity-based secrets and encryption management system for storing and controlling sensitive information.

Why It Is Used [#why-it-is-used]

In BullSequana AI Runtime, OpenBao helps centralize secret storage, access policies, and key management for platform services. This improves security, auditability, and operational consistency.

Learn More [#learn-more]

* [OpenBao documentation](https://openbao.org/docs/)
* [openbao/openbao on GitHub](https://github.com/openbao/openbao)

Interacts With [#interacts-with]

* `Keycloak`, through OIDC authentication configured directly in the platform manifests.
* `NGINX` and TLS/certificate resources, because OpenBao is exposed through ingress and secured endpoints.
* Kubernetes services and workloads, which consume injected secrets and rely on OpenBao-managed credentials.