The Wix Secrets Backend v2 API contains functionality for managing secrets on your site. You can securely store API keys and other secrets on your site. Each secret's value is encrypted, and assigned a name of your choice and an ID. You can then use the name or ID to refer to the secret in your backend code rather than hardcoding its value.
With the Secrets API, you can safely:
- Create a secret.
- Delete a secret.
- Update a secret.
- Retrieve a secret value.
- Retrieve other information about your secrets, such as their names and descriptions.
It's important to note the following:
- Deleting a secret, or modifying a secret's name or value, breaks all code using the secret.
- You can't create or rename a secret with a name that's already in use.
Security considerations
- If you currently use private keys in your code, we recommend removing them and creating a secret with the Secrets API.
- To prevent malicious users from accessing the values of your secrets, use them only in backend code. Avoid using secret values in frontend code.
- Secret: Secrets are values that you don’t want to be publicly accessible, such as login credentials or API keys.
- API key: An API (Application Programming Interface) key is a unique code used to authenticate a user or program when making a call to an API.