Encrypted Stored Secrets

reidcooper · December 20, 2021, 3:53pm

Many SASS providers in the Software Development ecosystem provide capabilities that allow a user to store secret parameters, encrypted, to be referenced inside scripts.

I would like the ability to create encrypted secrets in my organization's workspace that can then be referenced and used within all the scripts that I wanna create. This ensures that the secrets are not stored as plain text within your system and prevents prying eyes.

For example:

Admin > Settings > Secrets

Add secret

MY_API_SECRET_AUTH_TOKEN = *******************

In a Javascript script

make_api_request( {{ secrets.MY_API_SECRET_AUTH_TOKEN }} );

Github has a good article that explains their implementation - Encrypted secrets - GitHub Docs

rchl · September 28, 2022, 9:22am

It seems like Manage secrets with environment variables should cover your use case?

Those would have to be added during deploy rather than through the UI, I guess.

evanatonecare · March 10, 2023, 8:04am

The managed secrets are definitely exposed to resources and queries that use them (like a REST request parameter), but I have yet to be able to access secrets from a JS code query