> ## Documentation Index > Fetch the complete documentation index at: https://docs.lucid.foundation/llms.txt > Use this file to discover all available pages before exploring further. # Secrets & API Keys > Pluggable credential injection for MCP tool authentication. ## Secrets & API Keys Lucid provides a flexible system for managing credentials and API keys, essential for authenticating with the MCP tool. This system is designed to replace the legacy NangoBridge, offering a more modular and pluggable approach to credential management. ### CredentialAdapter Interface At the core of this system is the `CredentialAdapter` interface, which allows for different methods of credential injection. This interface supports multiple adapters, each serving a specific purpose: * **EnvVarAdapter**: This adapter reads tokens directly from environment variables. It is part of the open-source (OSS) offerings and is ideal for simple setups where credentials are stored in the environment. * **DatabaseAdapter**: Also part of the OSS offerings, this adapter retrieves tokens from a `credential_store` table in your database. It is suitable for more secure and centralized credential management. * **CompositeAdapter**: This adapter allows you to chain multiple adapters together. It will use the first non-null credential it finds, providing a flexible way to combine different credential sources. * **NangoAdapter**: Specifically for cloud environments, this adapter handles OAuth flows using Nango. It is dynamically imported and not part of the OSS package, making it suitable for more complex authentication scenarios that require OAuth. ### Production Configuration In a production environment, a common configuration is to use the `CompositeAdapter` with a combination of the `NangoAdapter` and `EnvVarAdapter`. This setup allows for a robust and flexible credential management system, where OAuth flows can be handled by the `NangoAdapter` if available, and environment variables can serve as a fallback. By leveraging these adapters, developers can tailor their credential management strategy to fit their specific needs, ensuring secure and efficient authentication for their applications.