There are four kinds of secrets/keys used in the Health Bot Service as keys:
app_secret is used to secure communications between the partner and the Health Bot Service and is determined by the user security setting.
webchat_secret is used to secure communications between the partner application and the Health Bot Service.
API_JWT_secret is used for securing the management API; for example, the programmatic import/export of scenarios.
Instrumentation key is the Application Insights key provided by the Bot's administrator to collect runtime data including errors and warnings.
See how to use keys in security here: API Security.