Secrets
You do not need to keep API tokens or other sensitive data as plain-text rules. ClipReplace treats secret values as Keychain-backed data and uses them only after the required authentication step.
What secret values are
Secret values are replacement items whose storage and display should be handled differently from normal text values.
Examples:
- API keys
- short-lived tokens
- internal fixed passwords
- connection details you do not want to expose casually
How they differ from normal values
Normal values can be stored and reused directly. Secret values are handled through Keychain and may require authentication or per-run input before replacement.
Authentication flow
Replacements that include secrets always assume a macOS authentication step.
- The user runs
Replace. - If any active rule needs a secret value, the app requests the required authentication or input.
- Replacement runs only with values that passed that step successfully.
Values that must be entered at runtime are collected through the dedicated input window.
Handling after replacement
Results that contain secret values should be treated as temporary data for immediate paste.
Returned to clipboard
After replacementThe replaced text is written back to the clipboard so it can be pasted into the original destination app right away.
Automatic clear
90 secondsClipboard results that contain secret values are treated as data for this Mac only and cleared automatically after 90 seconds.
Separated from crash diagnostics
ClipReplace does not intentionally attach clipboard contents or secret values to Crashlytics reports.
Operational assumption
Secret replacement is a paste-time workflow, not a long-term storage workflow. Store long-lived secrets in a separate secure system and use ClipReplace only to insert them when needed.