Secrets
Keep sensitive data out of plaintext.
To keep sensitive data like API keys and passwords secret, instead of including those in plaintext in code you can use the secret manager to store them and retrieve them in code only when needed. To do so, open the secret manager from the settings menu:
Storing secrets in the secret manager
Give the secret a name and token (value), and click add secret to save. Tokens can be multiple lines, which is useful for things like SSH and PGP keys.
You can view and edit your secrets from the table. Click the eye icon to view and the pencil icon to edit. Secrets are global resources, so changing a secret will immediately affect all applications that use said secret. You can also delete secrets from the table.

Using secrets in models

You can reference secrets in your deployed models using Truss. Follow the Truss secrets guide to learn how to let your models access secrets stored in Baseten.

Using secrets in applications

You can retrieve the secret in your code using context.get_secret('my_secret_name'). For example:
slack_api_token = context.get_secret('slack_api_token')
slack_client = slack_sdk.WebClient(token=slack_api_token)
# Use slack_client to send messages, etc.
Copy link
Outline
Using secrets in models
Using secrets in applications