Storing authentication tokens

We've been creating resources in Retool with no problem. However most of the integrations we're setting up just use an authorization token in the header.

It's not very clear how to store these securely. Currently we're putting them in the header in the query set-up but this is available in plain text.

I've tried looking at custom auth and variables there but it seems to be the same story. You can set the token as a variable but it's still available in plain text.

Had a look here and didn't see much either: Custom API authentication

How can we store this type of auth tokens securely?

Hey @duncanm!

We're currently developing a feature to allow you to be able to store sanitized instance-wide variables. It isn't currently in public beta but if you reach out to us directly (e.g. via in-app chat) we'll see if we can turn the experimental feature flag on for you!

Thanks, I'll do that :slight_smile:

Is this open to GA or still in beta?
How can we get this feature added to our account.

Is this feature available on self-hosted instances?

Yes! Configuration Variables are now out of beta and are publicly available for orgs on the Team, Business, or Enteprise plans using version 3.4.0 or higher. You can read more about the feature on our new docs page!