Secrets

The way to manage sensitive data on foreq

Secrets are values created within a project scope to securely store sensitive data, such as API keys, ensuring that this information is encrypted at rest and can be reused across all project routes.

Overview

Secrets are accessed by going to the project settings page and going to the Setings tab. Once there a user can can provide key-value pairs of secrets.

Configuration parameters like headers, destination URL and body can access a secret by using ${secrets.YOUR_SECRET_KEY}

Examples

These are some examples of ways to use secrets in a request configuration. Supposing a secret has been created with key=SECRET_INFO and value=developer. The following examples show how to use the secrets in a request configuration and what the expected output would be

Destination URL

text

https://destination-server.com?key=${secrets.SECRET_INFO}

Output

text

https://destination-server.com?key=developer

json

{
	"Authorization": "Basic api:${secrets.SECRET_INFO}",
	"not-sensitive-header": "hello_world"
}

Output

json

{
	"Authorization": "Basic api:developer",
	"not-sensitive-header": "hello_world"
}

Body

if "Use incoming request body" is unchecked and the body is provided in the route configuration.

json

{
	"sensitive-information": "${secrets.SECRET_INFO}"
}

Output

json

{
	"sensitive-information": "developer"
}

If "Use incoming request body" is checked, use the format instead

json

{
    "args": {},
    "body": {
	    "sensitive-information": "${secrets.SECRET_INFO}"
    }
}

The request body would have only the body section of the incoming request payload with the values of secrets provided.

Secrets ​

Overview ​

Examples ​

Destination URL ​

Header ​

Body ​

Secrets

Overview

Examples

Destination URL

Header

Body