Secrets Manager

Goal

Providing a safe and secure way of storing sensitive values that are used by Corvid site (in user-code). This comes as an alternative to hard-coding such values in backend-code, which was the safest way to limit access to those keys to the site's code and site-owner only.

Concepts

Secret

A secret is composed of the following fields:

name - mandatory. Used to retreive the secret value.
value - mandatory. The sensitive value we'd like to use in user-code
description - optional. Some human-friendly description of the secret (e.g., "github token")
id - read-only. The id assigned to the secret value by the Secrets-Manager, and does not change (contrary to the name, which might be updated by the user). Used for all API opertaions, expect for getting a secret by name.
created_at, updated_at - timestamps of creation and last-update of the secret (partial or full)

Using a secret value

Expect for managing the keys in the Business-Manager "Secerts Manager" section, the secret value can be cosumed by Corvid backend-code, using the Secrets EDM.

Was this helpful?

Yes

Secret Object

Properties

idstringRead-onlyformat GUID

A globally-unique, immutable identifier assigned to the secret upon creation.

namestringmaxLength 50

A unique, human-friendly name for the secret. Used for retrieving the secret easily at runtime.

descriptionstringmaxLength 200

An optional text describing the secret's purpose or any other notes about it.

valuestringminLength 1maxLength 3500

The confidential value that is intended to be stored encrypted.

createdDatestringRead-onlyformat date-time

The creation timestamp of the secret.

updatedDatestringRead-onlyformat date-time

The last-update timestamp of the secret.

Was this helpful?

Yes

GetGet Secret Value

Returns the secret value stored against the given name

Endpoint

GET

https://www.wixapis.com/_api/cloud-secrets-vault-server/api/v1/secrets/name/{name}

Was this helpful?

Yes

GetList Secret Info

Returns a list of info objects, describing each secret without its value

Endpoint

GET

https://www.wixapis.com/_api/cloud-secrets-vault-server/api/v1/secrets

Was this helpful?

Yes

PostCreate Secret

Creates a new secret

Endpoint

POST

https://www.wixapis.com/_api/cloud-secrets-vault-server/api/v1/secrets

Event TriggersThis method triggers the following events:

Secret Created

Was this helpful?

Yes

PutUpdate Secret

Updates all the fields of an existing secret at once

Endpoint

PUT

https://www.wixapis.com/_api/cloud-secrets-vault-server/api/v1/secrets/{id}

Event TriggersThis method triggers the following events:

Secret Updated

Was this helpful?

Yes

DeleteDelete Secret

Deletes an existing secret

Endpoint

DELETE

https://www.wixapis.com/_api/cloud-secrets-vault-server/api/v1/secrets/{id}

Event TriggersThis method triggers the following events:

Secret Deleted

Was this helpful?

Yes

PatchPartially Update Secret

Updates some or all of the fields of an existing secret

Endpoint

PATCH

https://www.wixapis.com/_api/cloud-secrets-vault-server/api/v1/secrets/{id}

Was this helpful?

Yes

Secret Created

Event BodyEvent Body Event data is received as a JSON Web Token (JWT). It may be delayed. Be sure to verify the data was sent by Wix.

Event Data

idstring

Unique event ID. Allows clients to ignore duplicate webhooks.

entityFqdnstring

Fully qualified domain name of the entity associated with the event. Expected wix.velo.secrets_vault.v1.secret.

slugstring

Event name. Expected created.

entityIdstring

ID of the entity associated with the event.

eventTimestringformat date-time

Event timestamp.

triggeredByAnonymizeRequestboolean

Whether the event was triggered as a result of a privacy regulation application (for example, GDPR).

originatedFromstring

If present, indicates the action that triggered the event.

createdEventobject

Event information.

Was this helpful?

Yes

Secret Deleted

Event BodyEvent Body Event data is received as a JSON Web Token (JWT). It may be delayed. Be sure to verify the data was sent by Wix.

Event Data

idstring

Unique event ID. Allows clients to ignore duplicate webhooks.

entityFqdnstring

Fully qualified domain name of the entity associated with the event. Expected wix.velo.secrets_vault.v1.secret.

slugstring

Event name. Expected deleted.

entityIdstring

ID of the entity associated with the event.

eventTimestringformat date-time

Event timestamp.

triggeredByAnonymizeRequestboolean

Whether the event was triggered as a result of a privacy regulation application (for example, GDPR).

originatedFromstring

If present, indicates the action that triggered the event.

deletedEventstruct

Event information.

Was this helpful?

Yes

Secret Updated

Event BodyEvent Body Event data is received as a JSON Web Token (JWT). It may be delayed. Be sure to verify the data was sent by Wix.

Event Data

idstring

Unique event ID. Allows clients to ignore duplicate webhooks.

entityFqdnstring

Fully qualified domain name of the entity associated with the event. Expected wix.velo.secrets_vault.v1.secret.

slugstring

Event name. Expected updated.

entityIdstring

ID of the entity associated with the event.

eventTimestringformat date-time

Event timestamp.

triggeredByAnonymizeRequestboolean

Whether the event was triggered as a result of a privacy regulation application (for example, GDPR).

originatedFromstring

If present, indicates the action that triggered the event.

updatedEventobject

Event information.

Was this helpful?

Yes