The secrets object is a object that can be used to securely store sensitive information like passwords and API keys. Secrets can be accessed using the _secret operator.
The secrets object only exists on the backend server, and therefore the _secret operator can only be used in connections and requests.
We intend to support multiple secrets strategies in the future (for example AWS Secrets Manager or Docker secrets). Current secrets can only be set with environment variables.
Environment variables strategy
Secrets can be set by creating an environment variable prefixed with LOWDEFY_SECRET_. The secret will then be available in the secrets object with the remaining part ot the name as key.
For example, if the environment variable LOWDEFY_SECRET_MY_SECRET is set to supersecret, then _secret: MY_SECRET will return supersecret.
Only strings can be set as environment variables. To store a object as a secret, the object can be JSON stringified, and parsed using the _json.parse operator.
To store secrets that contain newline characters, the secret can be base64 encoded, and decoded using the _base64.decode operator.
To use secrets in the local development environment, environment variables can be set using a .env file. Create a file called .env at the root of the project directory. Then set environment variables as:
# .env
LOWDEFY_SECRET_MY_SECRET=supersecret