Secrets

Secrets

Secrets are encrypted environment variables that can be used to store sensitive information, such as passwords and API keys. You set a key and a value for your secret: the key serves as the name of the secret, while the value contains your sensitive information.

Unlike regular Environment Variables, secrets are encrypted to ensure their contents remain hidden once encrypted. This security feature is crucial for protecting sensitive data within TagoIO. Secrets are especially beneficial when scripts need to access confidential information without revealing it to users or developers. You can utilize secrets in your Analysis code by retrieving them through the Analysis context.

To start using this feature, access your Admin panel, navigate to the Account menu, and select 'Secrets'.

Creating a Secret

To create a secret, access the 'Secrets' page within your Admin panel and click on '+ New Secret'. It is mandatory to define a Key, Value, and Tags for every secret you create.

  1. Secret Key: this is the identifier for your secret, which you will use when writing your Analysis scripts.
    Please note that Keys cannot be edited once the secret is created, so choose your keys carefully.
  2. Secret Value: this is the sensitive information that will be encrypted. This field is where you should input any confidential data.
  3. Tags: this is our labeling system, which is used across various assets within TagoIO. You will utilize the Tag system to give your analysis access to the secrets. Learn more about the Tags System here.
After entering all the necessary information, click 'Save' to create your secret. Each secret is assigned a unique ID, which can be found by selecting a secret from your list and navigating to the 'More' tab.

How to use Secrets

Secrets can be integrated into your Analysis scripts in a similar manner to Environment Variables. They are accessible via the context.environment parameter when writing your scripts, which allows you to pass variable values into your script's context.

Additionally, you can overwrite a Secret's value in an Analysis by creating an environment variable with the same Secret Key.


Check out our SDK documentation.

Granting your Analysis access to your Secret

Before utilizing secrets as environment variables in your script, ensure that your analysis has the necessary permissions to access the information within your secret. This is achieved by using the Tags you assigned to your secret to create a policy within the Access Management module. See the example below:



For further information on creating an Access Management policy, read more about Creating a Policy here.



    • Related Articles

    • Environment Variables

      Environment Variable is a very useful resource to send variables values to the context of your script. You can, for example, add tokens of accounts and devices to be used later in the script when it runs. The Analysis will get these variables as ...