Secrets

Secrets are encrypted variables you can store in Cortex for your workspace environment. Secrets can be accessed for use in various Cortex features, such as:

• , to allow secure authenticated access to various third-party APIs.

• , when configuring an HTTP Request action.

Secrets are securely encrypted and stored in Cortex’s database, and the secret values are not accessible via public or private APIs once saved.

Accessing secrets

Secrets can only be accessed programmatically through features in Cortex. Secrets are generally referenced by configuration of the relevant feature through a templated string that uses Mustache-like syntax to reference the secret by tag. For instance, a plugin proxy header can reference a secret similar to the following example:

{
  "name": "Authorization",
  "value": "Bearer {{ secrets.my_secret }}"
}

Manging secrets via the Cortex API

It is possible to create, read, update, and delete secrets via the Cortex API. See the for more information.

Managing secrets in the Cortex UI

Creating secrets

For convenience, secrets can be optionally named in a human-friendly manner. For programmatic access, secrets must have a unique tag that contains only alphanumeric characters and dashes.

You must have the Create secrets permission to create secrets.

To create a secret:

2. In the modal, configure your secret:

   • Name: Enter a user-friendly name.

   • Identifier: Enter a unique identifier for the secret, made of letters, digits, and underscores.

     • Note that tags cannot be edited after they are created.

   • Secret value: Enter your secret value.

     • This is usually the value of an API token or some other value from a third-party integration.

3. Click Add secret.

Editing secrets

You must have the Create secrets permission to edit secrets.

To edit a secret:

2. In the modal, edit the secret name.

   • We recommend creating a user-friendly name for the secret.

3. Click Save.