What's the core of this announcement?

Two Managed Agents capabilities enter public beta: scheduled deployments (agents execute automatically on a cron schedule) and environment variables in vaults (API keys stored tied to specific approved domains).

Does the agent see API keys stored in a vault?

No. The sandbox only holds a placeholder — the real key is attached at the network boundary, and only on requests to domains you allow. Update the key in the vault, and running sessions pick up the new value on their next call.

What release stage are these features in?

Both are in public beta on the Claude Platform.

What's new in Claude Managed Agents — scheduled deployments and environment variables in vaults

Q: How do scheduled deployments work?

Agents receive a cron schedule and automatically execute on that timetable. Each time the schedule fires, the agent starts a new session and completes its task, with no scheduler for you to build or host. You can pause, resume, or archive deployments at any time, and trigger additional runs on demand.

Two capabilities land in public beta on the Claude Platform. Scheduled deployments give an agent a cron schedule — each time the schedule fires, the agent starts a new session and completes its task, with no scheduler for you to build or host. Environment variables in vaults store API keys tied to specific approved domains: the agent never sees your key because the sandbox only holds a placeholder, and the real key is attached at the network boundary, only on requests to domains you allow. Supports the Browserbase, KERNEL, Notion, Ramp, and Sentry CLIs plus any CLI using HTTP authentication.

Official announcement →

This article is a summary based on official documentation.

Overview

Claude Managed Agents gains scheduled deployments and environment variables in vaults, both in public beta on the Claude Platform. Recurring tasks run on a cron schedule without a scheduler to build or host, and API keys for external services stay out of the agent’s reach — attached only at the network boundary.

Key features

Scheduled deployments — agents run on a cron schedule

Handing recurring work to an agent — nightly data syncs, weekly compliance scans, daily digests — meant building and hosting your own scheduler and waking the agent through the API. Agents now receive a cron schedule and automatically execute on that timetable: each time the schedule fires, the agent starts a new session and completes its task. Deployments can be paused, resumed, or archived at any time, and additional runs can be triggered on demand.

Use cases from the announcement: Rakuten runs weekly and monthly spreadsheet analysis and report generation, Actively AI regularly refreshes cross-account agentic search answers, and Ando uses it for autonomous channel monitoring and follow-up reminders.
Environment variables in vaults — API keys tied to approved domains

Authenticating an agent to CLI tools and external services meant placing API keys where the agent and sandbox could see them. API keys can now be stored as environment variables tied to specific approved domains. The agent never sees your key: the sandbox only holds a placeholder, and the real key is attached at the network boundary, only on requests to domains you allow. Update it in the vault, and running sessions pick up the new value on their next call.

Supported tools are the Browserbase, KERNEL, Notion, Ramp, and Sentry CLIs, plus any CLI using HTTP authentication.

Notes

Both features are in public beta — available on the Claude Platform.
Each scheduled run is a new session — the agent starts fresh each time the schedule fires. For state across runs, combine with existing Managed Agents capabilities such as Memory.
Key rotation gets simpler — since the real key lives only in the vault, rotating a key means updating the vault value; no agent or sandbox redeploy is needed.

What's new in Claude Managed Agents — scheduled deployments and environment variables in vaults

Overview

Key features

Notes

Frequently Asked Questions