Custom secrets
- 20 Feb 2024
- 1 Minute to read
- DarkLight
Custom secrets
- Updated on 20 Feb 2024
- 1 Minute to read
- DarkLight
Article Summary
Share feedback
Thanks for sharing your feedback!
Custom secrets are any sensitive authentication/authorization data that you can use in a workflow. Some common examples of secrets include, but are not limited to:
- Key
- Password
- User name
- API token/key
- SSH keys
Important
The actual secret is not displayed when used in a workflow
The actual secret is not displayed when used in a workflow
How are custom secrets protected?
Torq uses Google KMS to store the secrets, providing strong, out-of-the-box encryption and compliance with FIPS 140-2 L3 validated HSM. The credentials are used strictly by the program and never displayed or saved in logs to maintain confidentiality.
Create a custom secret
There are two ways to create a new custom secret.
From the workflow
- Add the step in which sensitive data is required to the workflow.
- In the step input field where you want to enter the sensitive data, type:
$.secrets.. Autocomplete will show all the available secrets. - Click Create new secret.
- Enter a meaningful secret name, for example
{vendor}_api_key. - Enter the secret value (information that you want to protect).
- Click Add.
Custom secrets integration
- Go to Integrations > Steps and locate Custom Secrets.
- Click Add.
- Enter a meaningful Secret name, for example,
{vendor}_api_key. - Enter the Secret value (information that you want to protect).
- Click Add.
Use a custom secret in a workflow
When you want to pass the secret value in a step, you access the secret from $.secrets
.gif?sv=2022-11-02&ss=b&srt=o&spr=https&st=2024-05-15T13%3A48%3A22Z&se=2024-05-15T13%3A58%3A22Z&sp=r&sig=2vvWsXVw6EpoNLo27Ti2wSDvclr8bvv0JoTFbvcUcEU%3D)
Was this article helpful?