Skip to main content

Manage Secrets

In this section, you will find: details about roles in the StackSpot Account.

You can securely register Secrets in personal profiles, enabling the use of sensitive information such as access keys, tokens, and credentials in specific contexts.

See an example below:

Sometimes, you may need StackSpot to access a private GitHub repository for deployments or to clone code. To do this, you can register a Personal Access Token (PAT) as a secret in your personal profile. This token will allow StackSpot to authenticate and gain access to the repository.

Follow the steps below to register a Secret:

Prerequisites

  • You need to have one of the following permissions: developer, creator, or ai_developer. For more information, visit the Permissions page.

Steps to register a Secret

Step 1. Access the StackSpot Portal. You have two options to access the Portal:

  1. Access directly via the Account Portal;

  2. After logging into the StackSpot EDP Portal, click on your profile avatar.


Step 2. Go to your Profile and click the 'My Profile' option;

Step 3. Click the 'Secrets Manager' section;

Step 4. Now, click the 'Register secret' button to start the registration;

Step 5. Select the type of Secret you want to register and fill in the specific information according to the chosen type. See the details below:

Types of Secrets and required fields


1. API Key: used to authenticate client application requests to APIs. Fill in the following fields:

  • Secret Name
  • Header Name
  • Value
  • Expiration Date (Optional)

2. Bearer Tokens (OAuth): Tokens are issued as part of the OAuth2 authorization framework, allowing clients to access protected resources. Fill in the following fields:

  • Secret Name
  • Header Name
  • Header Value
  • Expiration Date (Optional)

3. Client Credentials: Commonly used for server-to-server communication; a client application must authenticate using client credentials. Fill out the fields:

  • Secret Name
  • Client ID
  • URL
  • Client Secret

4. Certificate: Client certificates facilitate mutual TLS authentication, ensuring identity verification and encrypted communication. Fill in the following fields:

  • Secret Name
  • Certificate: Drag and drop the files.
  • Private Key (Optional): Drag and drop the files. Only .key files are supported.
  • Expiration Date: The system will fill in the information automatically when you add the certificate.

5. Key/Value. Fill in the following fields:

  • Secret Name Registration Method: Choose either to upload a file or enter the information manually by adding the key and value.
  • Expiration Date (Optional)

Step 6. Click the 'Register Secret' button;

Step 7. Check your Secret in the listing screen after registration. You can view the following information:

  • Credential Type
  • Creation Date
  • Expiration Date
  • Secret Status

How to edit a Secret

danger

  • Make sure to copy and save the Secret information when you register it, as some data may not be displayed again.

  • Check where the Secret is used before making changes or deletions.

You can edit a registered Secret by following these steps:

Step 1. In the StackSpot Portal, go to the 'Secrets' section;

Step 2. Click the 'More Options' button;

Step 3. Click the 'Edit' button to edit the secret. Fill in the required fields:

  • New Header Name
  • New Value
  • Expiration Date (Optional)

How to delete a Secret

If a Secret has not been used for 30 days, it will automatically be marked as Inactive.

The StackSpot Portal notifies you of the deletion when there are 15, 10, and 1 day left before a Secret is deleted. From the moment the Secret becomes Inactive and you are notified, you have the following options:

  • Use the Secret again so that it is automatically reactivated and its status changes from Scheduled for Deletion to Active. You can reactivate it within the 30-day period.

  • Choose to delete the Secret now.

  • Schedule the deletion for 30 days.

See below the steps for the last two options: Delete a Secret now and Schedule Secret deletion.

Delete a Secret now

You can immediately delete a Secret if it has one of the following statuses:

  • Active
  • Inactive
  • Scheduled for Deletion
danger

Deleting a Secret is an irreversible process.

Step 1. In the 'Secrets' section, click the 'More Options' button;

Step 2. Click the 'Delete Secret' button;

Step 3. Then, select the Delete now option;

Before deleting, you can view and search where the Secret is being used.

Step 4. To finish, type the word DELETE. Then, click the 'Delete secret' button.

Done, you have finished deleting a Secret.

Schedule Secret deletion

Step 1. In the 'Secrets' section, click the 'More Options' button;

Step 2. Click the 'Delete Secret' button;

Step 3. Then, select the Schedule deletion option;

Step 4. To finish, type the word DELETE. Then, click the 'Delete secret' button.

Done, you have finished scheduling the deletion of a Secret.

Read More