HealthSamurai · Aitem · Feb 25, 2026
diff --git a/docs/configuration/secret-files.md b/docs/configuration/secret-files.md
@@ -31,7 +31,7 @@ flowchart LR
 
 | Environment variable | Description | Default |
 | --- | --- | --- |
-| `AIDBOX_VAULT_CONFIG` | Path to the vault config JSON file that maps named secrets to file paths and resource scopes. | empty (feature disabled) |
+| `BOX_VAULT_CONFIG` | Path to the vault config JSON file that maps named secrets to file paths and resource scopes. | empty (feature disabled) |
 
 See [Aidbox Settings Reference](../reference/all-settings.md) for the full list of environment variables.
 
@@ -47,15 +47,23 @@ This setting requires a restart to take effect. The config file itself is re-rea
   "secret": {
     "client-secret": {
       "path": "/run/secrets/client-secret",
-      "scope": ["Client/my-client"]
+      "scope": {
+        "resource_type": "Client",
+        "id": "my-client"
+      }
     },
     "kafka-jaas": {
       "path": "/run/secrets/kafka-jaas",
-      "scope": ["AidboxTopicDestination/kafka-dest-1"]
+      "scope": {
+        "resource_type": "AidboxTopicDestination",
+        "id": "kafka-dest-1"
+      }
     },
     "jwt-key": {
       "path": "/run/secrets/jwt-key",
-      "scope": ["TokenIntrospector"]
+      "scope": {
+        "resource_type": "TokenIntrospector"
+      }
     }
   }
 }
@@ -64,7 +72,7 @@ This setting requires a restart to take effect. The config file itself is re-rea
 
 Each entry under `"secret"` maps a secret name to:
 
-<table><thead><tr><th width="100">Field</th><th>Description</th></tr></thead><tbody><tr><td><code>path</code></td><td>Absolute path to the file containing the secret value</td></tr><tr><td><code>scope</code></td><td>Array of resource references that are allowed to access this secret. Entries can be <code>"ResourceType/id"</code> (specific instance, e.g. <code>"Client/my-client"</code>) or <code>"ResourceType"</code> (any instance of that type, e.g. <code>"Client"</code>)</td></tr></tbody></table>
+<table><thead><tr><th width="100">Field</th><th>Description</th></tr></thead><tbody><tr><td><code>path</code></td><td>Absolute path to the file containing the secret value</td></tr><tr><td><code>scope</code></td><td>Object that controls which resources can access this secret. Required field: <code>resource_type</code> (e.g. <code>"Client"</code>, <code>"TokenIntrospector"</code>). Optional field: <code>id</code> — when specified, only the resource with that exact id can access the secret (e.g. <code>"id": "my-client"</code>). When <code>id</code> is omitted, any resource of the given type can access it.</td></tr></tbody></table>
 
 ## Extension pattern
 
@@ -123,7 +131,7 @@ Reading the Client back returns the extension, not the resolved value:
 
 ## Scope enforcement
 
-Aidbox verifies that the resource requesting a secret is listed in the secret's `scope` array. If the requesting resource is not in scope, Aidbox returns an error.
+Aidbox verifies that the resource requesting a secret matches the secret's `scope`. It checks the `resource_type` field and, if present, the `id` field. If the requesting resource does not match the scope, Aidbox returns an error.
 
 ## Secret rotation
 

diff --git a/docs/reference/all-settings.md b/docs/reference/all-settings.md
@@ -910,6 +910,16 @@ Activates debugging features for access policy development, including the `_debu
 
 <details><summary>Details</summary><table data-header-hidden="true"><thead><tr><th width="200"></th><th></th></tr></thead><tbody><tr><td>ID</td><td><code>security.dev-mode</code></td></tr><tr><td>Type</td><td>Bool</td></tr><tr><td>Recommended value</td><td><code>true</code></td></tr><tr><td>Default value</td><td><code>false</code></td></tr><tr><td>Environment variable</td><td><code>BOX_SECURITY_DEV_MODE</code></td></tr><tr><td>Deprecated environment variables</td><td><code>AIDBOX_DEV_MODE</code></td></tr><tr><td>Sensitive</td><td><code>false</code> — value will be visible in plaintext in Admin UI</td></tr><tr><td>Set via</td><td>Admin UI → Settings<br />Environment variables</td></tr><tr><td>Hot reload</td><td><code>true</code> — setting can be changed at runtime</td></tr></tbody></table></details>
 
+### Vault config path<a href="#vault.config" id="vault.config"></a>
+
+```yaml
+BOX_VAULT_CONFIG: "/etc/aidbox/vault-config.json"
+```
+
+Path to the vault config JSON file that maps named secrets to file paths and resource scopes. When set, Aidbox reads the config at startup and resolves secret-backed resource fields from mounted files at runtime. See [External Secrets](../configuration/secret-files.md) for full documentation.
+
+<details><summary>Details</summary><table data-header-hidden="true"><thead><tr><th width="200"></th><th></th></tr></thead><tbody><tr><td>ID</td><td><code>vault.config</code></td></tr><tr><td>Type</td><td>String</td></tr><tr><td>Default value</td><td>(no default — feature disabled)</td></tr><tr><td>Environment variable</td><td><code>BOX_VAULT_CONFIG</code></td></tr><tr><td>Sensitive</td><td><code>false</code> — value will be visible in plaintext in Admin UI</td></tr><tr><td>Set via</td><td>Environment variables</td></tr><tr><td>Hot reload</td><td><code>false</code> — setting requires system restart</td></tr></tbody></table></details>
+
 ## Modules
 
 Modules settings

diff --git a/docs/tutorials/other-tutorials/azure-key-vault-external-secrets.md b/docs/tutorials/other-tutorials/azure-key-vault-external-secrets.md
@@ -188,7 +188,10 @@ data:
       "secret": {
         "client-secret": {
           "path": "/run/azure-secrets/client-secret",
-          "scope": ["Client/basic"]
+          "scope": {
+            "resource_type": "Client",
+            "id": "basic"
+          }
         }
       }
     }
@@ -197,7 +200,7 @@ data:
 
 Each entry under `"secret"` maps a secret name to:
 
-<table><thead><tr><th width="100">Field</th><th>Description</th></tr></thead><tbody><tr><td><code>path</code></td><td>Absolute path to the file containing the secret value</td></tr><tr><td><code>scope</code></td><td>Array of resource references allowed to access this secret. Entries can be <code>"ResourceType/id"</code> (specific instance, e.g. <code>"Client/basic"</code>) or <code>"ResourceType"</code> (any instance of that type, e.g. <code>"Client"</code>)</td></tr></tbody></table>
+<table><thead><tr><th width="100">Field</th><th>Description</th></tr></thead><tbody><tr><td><code>path</code></td><td>Absolute path to the file containing the secret value</td></tr><tr><td><code>scope</code></td><td>Object that controls which resources can access this secret. Required field: <code>resource_type</code> (e.g. <code>"Client"</code>). Optional field: <code>id</code> — when specified, only the resource with that exact id can access the secret. When <code>id</code> is omitted, any resource of the given type can access it.</td></tr></tbody></table>
 
 ## Step 8. Deploy Aidbox
 
@@ -221,7 +224,7 @@ spec:
         - name: aidbox
           image: healthsamurai/aidboxone:latest
           env:
-            - name: AIDBOX_VAULT_CONFIG
+            - name: BOX_VAULT_CONFIG
               value: "/etc/aidbox/vault-config.json"
             # Add other required env vars
           volumeMounts:

diff --git a/docs/tutorials/other-tutorials/hashicorp-vault-external-secrets.md b/docs/tutorials/other-tutorials/hashicorp-vault-external-secrets.md
@@ -167,7 +167,10 @@ data:
       "secret": {
         "client-secret": {
           "path": "/run/vault-secrets/client-secret",
-          "scope": ["Client/basic"]
+          "scope": {
+            "resource_type": "Client",
+            "id": "basic"
+          }
         }
       }
     }
@@ -176,7 +179,7 @@ data:
 
 Each entry under `"secret"` maps a secret name to:
 
-<table><thead><tr><th width="100">Field</th><th>Description</th></tr></thead><tbody><tr><td><code>path</code></td><td>Absolute path to the file containing the secret value</td></tr><tr><td><code>scope</code></td><td>Array of resource references allowed to access this secret. Entries can be <code>"ResourceType/id"</code> (specific instance, e.g. <code>"Client/basic"</code>) or <code>"ResourceType"</code> (any instance of that type, e.g. <code>"Client"</code>)</td></tr></tbody></table>
+<table><thead><tr><th width="100">Field</th><th>Description</th></tr></thead><tbody><tr><td><code>path</code></td><td>Absolute path to the file containing the secret value</td></tr><tr><td><code>scope</code></td><td>Object that controls which resources can access this secret. Required field: <code>resource_type</code> (e.g. <code>"Client"</code>). Optional field: <code>id</code> — when specified, only the resource with that exact id can access the secret. When <code>id</code> is omitted, any resource of the given type can access it.</td></tr></tbody></table>
 
 ## Step 7. Deploy Aidbox
 
@@ -201,7 +204,7 @@ spec:
         - name: aidbox
           image: healthsamurai/aidboxone:latest
           env:
-            - name: AIDBOX_VAULT_CONFIG
+            - name: BOX_VAULT_CONFIG
               value: "/etc/aidbox/vault-config.json"
             # Add other required env vars
           volumeMounts: