diff --git a/dbt_project.yml b/dbt_project.yml
index 1cc6191..2cacd97 100644
--- a/dbt_project.yml
+++ b/dbt_project.yml
@@ -70,4 +70,5 @@ vars:
   API_INTEGRATION: AWS_LIVE_QUERY{{ "_STG" if target.name != "prod" else "" }}
   AWS_REGION: us-east-1
   STUDIO_TEST_USER_ID: '{{ env_var("STUDIO_TEST_USER_ID", "98d15c30-9fa5-43cd-9c69-3d4c0bb269f5") }}'
+  ENABLE_SNOWFLAKE_SECRETS: '{{ env_var("ENABLE_SNOWFLAKE_SECRETS", "") }}'
 
diff --git a/macros/core/_utils.yaml.sql b/macros/core/_utils.yaml.sql
index 8cf1e4c..dfb9f22 100644
--- a/macros/core/_utils.yaml.sql
+++ b/macros/core/_utils.yaml.sql
@@ -8,7 +8,6 @@
   api_integration: '{{ var("API_INTEGRATION") }}'
   sql: introspect
 
-
 - name: {{ schema }}.udf_user_tier
   signature: []
   func_type: SECURE
@@ -53,7 +52,7 @@
     - [request_id, STRING]
     - [user_id, STRING]
     - [key, STRING]
-  return_type: TEXT
+  return_type: OBJECT
   func_type: SECURE EXTERNAL
   api_integration: '{{ var("API_INTEGRATION") }}'
   options: |
diff --git a/macros/core/secrets.yaml.sql b/macros/core/secrets.yaml.sql
new file mode 100644
index 0000000..6c7ef03
--- /dev/null
+++ b/macros/core/secrets.yaml.sql
@@ -0,0 +1,87 @@
+{% macro config_core_secrets(schema="secrets") %}
+
+
+- name: {{ schema }}.udf_register_secret
+  signature:
+    - [request_id, STRING]
+    - [key, STRING]
+  func_type: SECURE
+  return_type: OBJECT
+  options: |
+    NOT NULL
+    RETURNS NULL ON NULL INPUT
+    IMMUTABLE
+    COMMENT = $$ Registers a secret with the given request ID and key. $$
+  sql: |
+    SELECT
+      _utils.UDF_REGISTER_SECRET(REQUEST_ID, _utils.UDF_WHOAMI(), KEY)
+
+- name: {{ schema }}.udf_get_secret
+  signature:
+    - [name, STRING]
+  func_type: SECURE
+  return_type: OBJECT
+  options: |
+    NOT NULL
+    RETURNS NULL ON NULL INPUT
+    IMMUTABLE
+    COMMENT = $$ Returns the secret value for the given secret name. $$
+  sql: |
+    SELECT
+      live.udf_api(
+        CONCAT_WS('/', {{ construct_api_route("secret") }}, _utils.UDF_WHOAMI(), NAME)
+        ):data::OBJECT
+
+- name: {{ schema }}.udf_get_secrets
+  signature: []
+  func_type: SECURE
+  return_type: OBJECT
+  options: |
+    NOT NULL
+    RETURNS NULL ON NULL INPUT
+    IMMUTABLE
+    COMMENT = $$ Returns all secrets for the current user. $$
+  sql: |
+    SELECT
+      {{ schema }}.udf_get_secret('')
+
+- name: {{ schema }}.udf_create_secret
+  signature:
+    - [name, STRING]
+    - [secret, OBJECT]
+  func_type: SECURE
+  return_type: [INTEGER, the HTTP status code - 200 indicates success]
+  options: |
+    NOT NULL
+    RETURNS NULL ON NULL INPUT
+    IMMUTABLE
+    COMMENT = $$ Creates a new secret with the given name and value. $$
+  sql: |
+    SELECT
+      live.udf_api(
+        CONCAT_WS('/', {{ construct_api_route("secret") }}, _utils.UDF_WHOAMI(), NAME),
+        SECRET
+        ):status_code::INTEGER
+
+- name: {{ schema }}.udf_delete_secret
+  signature:
+    - [name, STRING]
+  func_type: SECURE
+  return_type: [INTEGER, the HTTP status code - 200 indicates success]
+  options: |
+    NULL
+    RETURNS NULL ON NULL INPUT
+    IMMUTABLE
+    COMMENT = $$ Deletes the secret with the given name. $$
+  sql: |
+    SELECT
+      live.udf_api(
+        'DELETE',
+        CONCAT_WS('/', {{ construct_api_route("secret") }}, _utils.UDF_WHOAMI(), NAME),
+        {},
+        {},
+        ''
+        ):status_code::INTEGER
+
+
+{% endmacro %}
\ No newline at end of file
diff --git a/models/deploy/core/secrets.sql b/models/deploy/core/secrets.sql
new file mode 100644
index 0000000..36c33d0
--- /dev/null
+++ b/models/deploy/core/secrets.sql
@@ -0,0 +1,6 @@
+-- depends_on: {{ ref('_utils') }}
+-- depends_on: {{ ref('live') }}
+{% if var("ENABLE_SNOWFLAKE_SECRETS") %}
+  {% set config = config_core_secrets %}
+	{{ ephemeral_deploy_core(config) }}
+{% endif %}
diff --git a/models/deploy/core/secrets.yml b/models/deploy/core/secrets.yml
new file mode 100644
index 0000000..7d54d74
--- /dev/null
+++ b/models/deploy/core/secrets.yml
@@ -0,0 +1,45 @@
+version: 2
+models:
+  - name: secrets
+    columns:
+      - name: udf_register_secret
+        tests:
+          - test_udf:
+              name: test_secrets__udf_register_secret
+              args: >
+                'test', 'test'
+              assertions:
+              - result = {'request_id':'test','success':false}
+      - name: udf_get_secret
+        tests:
+          - test_udf:
+              name: test_secrets__udf_get_secret
+              args: >
+                'test'
+              assertions:
+                - >
+                  result::OBJECT = {'key': 'value'}
+      - name: udf_get_secrets
+        tests:
+          - test_udf:
+              name: test_secrets__udf_get_secrets
+              args: ''
+              assertions:
+                - >
+                  result = {'test': {'key': 'value'}}
+      - name: udf_create_secret
+        tests:
+          - test_udf:
+              name: test_secrets__udf_create_secret
+              args: >
+                'test', {'key': 'value'}
+              assertions:
+                - result = 200
+      - name: udf_delete_secret
+        tests:
+          - test_udf:
+              name: test_secrets__udf_delete_secret
+              args: >
+                'test_delete'
+              assertions:
+                - result = 200
\ No newline at end of file