Skip to main content

Secrets

A Secret contains sensitive data such as a password, a token, or a key and it is encrypted at rest. Once a secret has been specified within the DX Engine, it's original value cannot be seen again. Secrets are referenced using the secret function within JS expressions. Example: secret('myPassword').

When DX Engine secrets are exported/migrated, only the encrypted values are copied.

Alt text

Once a secret is created, only its name and description can be updated. The secret's value cannot be updated. If you need to update a secret's value, you must create a new secret with the new value and update all references to the old secret with the new secret.

Secrets Management API

Create a Secret

POST {{engineUrl}}/experience/secrets
X-Customer-Code: {{customerCode}}
X-Environment-Code: {{environmentCode}}
Authorization: Bearer {{dxEngineToken}}

{
"secretCode": "myPassword",
"name": "My password",
"value": "myPasswordValue"
}

Update a Secret

PUT {{engineUrl}}/experience/secrets/{{secretCode}}
X-Customer-Code: {{customerCode}}
X-Environment-Code: {{environmentCode}}
Authorization: Bearer {{dxEngineToken}}

{
"name": "My new password name",
"derscription": "My updated password description"
}

Remove a Secret

DELETE {{engineUrl}}/experience/secrets/{{secretCode}}
X-Customer-Code: {{customerCode}}
X-Environment-Code: {{environmentCode}}
Authorization: Bearer {{dxEngineToken}}