Claude Console showing the Scheduled Deployments interface with a list of active agent deployments and their cron schedules Anthropic
by VibecodedThis

Claude Managed Agents Can Now Run on a Schedule and Use Secure Credential Vaults

Two new capabilities entered public beta on the Claude Platform on June 9: scheduled deployments that fire agents on a cron without any infrastructure you build, and vault-stored environment variables that keep API keys away from the model entirely.

Share

Anthropic added two new capabilities to Claude Managed Agents on June 9, both now in public beta on the Claude Platform: scheduled deployments and environment variable vaults.

Neither feature is technically complex on its own. Together, they address two things that have made production deployments of managed agents annoying: you had to build your own scheduler, and you had to figure out how to give agents access to authenticated services without handing them raw API keys.

Scheduled Deployments

A scheduled deployment is an agent with a cron expression attached. Each time the schedule fires, the agent starts a fresh session and completes its task. Anthropic handles the scheduling infrastructure; you don’t run anything.

You can pause, resume, or archive a deployment at any time, and trigger additional manual runs on demand. The sessions are ordinary managed agent sessions — same logging, same controls, just initiated by the clock instead of by a person.

Rakuten is using this for weekly and monthly data analysis: the agent reads spreadsheets, produces reports and slide decks, and handles production monitoring runs on a schedule. Actively AI replaced custom scheduling infrastructure they had built themselves after finding that scheduled deployments covered what they needed without the maintenance overhead.

The use cases Anthropic is highlighting are predictable — nightly data syncs, weekly compliance scans, daily digests — which is deliberate. The goal is to make recurring agent work feel as operational as a cron job, not as fragile as a script you have to keep running manually.

Vault Environment Variables

The second feature handles credential management. You can now register API keys in a vault, associate each with an environment variable name and a set of allowed domains, and the Claude Platform injects those keys at the network boundary rather than passing them through the agent’s context.

The model sees a placeholder. The actual credential only attaches when the agent makes an outbound request to an approved domain. Running sessions pick up updated credentials automatically when you rotate a key — you don’t have to restart or redeploy anything.

Notion used this to roll out its CLI alongside MCP tools. The team’s security requirements called for API tokens not to be accessible to the model. Vault environment variables gave them the behavior they needed: the CLI could authenticate to Notion’s API without the token ever appearing in the agent’s context window.

Browserbase used it to build browser skills that make authenticated CLI calls, with periodic validation of the credentials still working. KERNEL used it to connect agents to usage databases for real-time anomaly flagging.

What This Adds Up To

The April public beta of Claude Managed Agents established the platform. The May update added self-hosted sandboxes and MCP tunnels. This update adds the operational layer: recurring work and secure external access.

Together, those pieces start to resemble the kind of infrastructure you’d need if agents weren’t a demo but a system you depended on. The scheduling and credential pieces are table stakes for anything running in production without a human initiating each session.

Source: Anthropic

Share