When a service variable is set to a generated secret template like ${{secret(32)}}, and then the user manually updates that variable with an actual value, the old template placeholder can persist in the config instead of being fully replaced. This causes authentication failures because the service receives the template string rather than the actual secret value.

Workaround: Remove the variable entirely and re-add it with the correct value.

Expected behavior: Updating a variable should completely replace the old value, not leave template placeholders behind.

I'll make sure this gets flagged to the Railway team. Thanks for identifying it—this will help them fix the issue for other users.