Secrets
Keep sensitive data out of plaintext.
To keep sensitive data like API keys and passwords secret, instead of including those in plaintext in code you can use the secret manager to store them and retrieve them in code only when needed. To do so, open the secret manager from the settings menu:
Storing secrets in the secret manager
Give the secret a name and token (value), and click add secret to save. Tokens can be multiple lines, which is useful for things like SSH and PGP keys.
You can view and edit your secrets from the table. Click the eye icon to view and the pencil icon to edit. Secrets are global resources, so changing a secret will immediately affect all applications that use said secret. You can also delete secrets from the table.
You can reference secrets in your deployed models using Truss. Follow the Truss secrets guide to learn how to let your models access secrets stored in Baseten.
You can retrieve the secret in your code using
context.get_secret('my_secret_name'). For example:slack_api_token = context.get_secret('slack_api_token')
slack_client = slack_sdk.WebClient(token=slack_api_token)
# Use slack_client to send messages, etc.
Last modified 6mo ago