3.12. Secrets and Security
The system uses a dedicated secret storage mechanism for securely storing sensitive data, such as:
- Authentication credentials
- Access keys for external services
- Passwords
- Other sensitive data
Secret Handling Principles:
- All sensitive data is automatically masked when displayed
- Secrets are never transferred to the client side
- Secret information is not stored in system logs
- When transferring settings between environments, secrets must be configured separately
Example:
-
In the navigation pane, select the Administration workspace 1.
-
Select the Settings shortcut group 2, and then select the IDP Provider Profiles shortcut 3.
-
Select a profile.
-
Select the Edit JSON Settings button.
-
In the row containing the key, the value is displayed in a masked format as sensitive data.
Note:
When transferring settings between environments, configuration packages do not contain the actual secrets. Therefore, in the new environment, you must re-enter all required keys, configure access to external APIs, and set passwords and other sensitive data again.