Go Headless

Build Apps

Client

API Preview

Ricos

Develop Websites

REST

Velo

GraphQL (Alpha)

secret

Secret

Creates a new secret.

The `createSecret()` function returns a Promise that resolves secret ID when the secret is created.

>**Notes:**
> - The secret's name cannot start with `'wix'` or be identical to an existing secret's name.
> - Don't leave private keys in your code. Leaving them in your code is a security risk. Make sure to delete the keys from the code after running `createSecret()`.

import { secrets } from 'wix-secrets-backend.v2';
import { elevate } from 'wix-auth';

export function createNewSecret() {
  const secret = {
	  name: 's3_secret_key',
	  value: 'Fm8OfflH6bJOwWjenqAtLurLbkiMNvmhQHZV+118',
	  description: 'AWS secret access key'
  };

  const elevatedCreateSecret = elevate(secrets.createSecret);
  return elevatedCreateSecret(secret)
    .then((id) => {
      return id;
    })
    .catch((error) => {
      console.error(error);
    });
}

/*
 * Returns a Promise that resolves to:
 *
 * "5ec36ffb-2cec-489a-9c0e-d8f53fef5fd1"
 */


Create a new secret (dashboard page code)

import { Permissions, webMethod } from 'wix-web-module';
import { secrets } from 'wix-secrets-backend.v2';
import { elevate } from 'wix-auth';

export const createNewSecret = webMethod(Permissions.Anyone, () => {
  const secret = {
	  name: 's3_secret_key',
	  value: 'Fm8OfflH6bJOwWjenqAtLurLbkiMNvmhQHZV+118',
	  description: 'AWS secret access key'
  };

  const elevatedCreateSecret = elevate(secrets.createSecret);
  return elevatedCreateSecret(secret)
    .then((id) => {
      return id;
    })
    .catch((error) => {
      console.error(error);
    });
});

/*
 * Returns a Promise that resolves to:
 *
 * "5ec36ffb-2cec-489a-9c0e-d8f53fef5fd1"
 */


Create a new secret (export from backend code)

createSecret

Manage Secrets

string

Fulfilled - The ID of the created secret.
Rejected - Error message.

The unique ID of the secret to be deleted.

Deletes an existing secret by ID.

The `deleteSecret()` function returns a Promise that resolves when the secret is deleted. You can retrieve the secret `_id` using the [`listSecretInfo()`](#listsecretinfo) function.

>**Note:**
> Deleting a secret is irreversible and will break all code using the secret.

import { secrets } from 'wix-secrets-backend.v2';
import { elevate } from 'wix-auth';

export function deleteMySecret() {
  const id = "b741766c-eead-46fe-8e7f-fd01ff3d6e21";

  const elevatedDeleteSecret = elevate(secrets.deleteSecret);
  return elevatedDeleteSecret(id)
    .then(() => {
      console.log("Secret deleted");
    })
    .catch((error) => {
      console.error(error);
    });
}


Delete an existing secret (dashboard page code)

import { Permissions, webMethod } from 'wix-web-module';
import { secrets } from 'wix-secrets-backend.v2';
import { elevate } from 'wix-auth';

export const deleteMySecret = webMethod(Permissions.Anyone, () => {
  const id = "b741766c-eead-46fe-8e7f-fd01ff3d6e21";

  const elevatedDeleteSecret = elevate(secrets.deleteSecret);
  return elevatedDeleteSecret(id)
    .then(() => {
      console.log("Secret deleted");
    })
    .catch((error) => {
      console.error(error);
    });
});


Delete an existing secret (export from backend code)

import { Permissions, webMethod } from 'wix-web-module';
import { secrets } from 'wix-secrets-backend.v2';
import { elevate } from 'wix-auth';

const elevatedDeleteSecret = elevate(secrets.deleteSecret);
const elevatedListSecretInfo = elevate(secrets.listSecretInfo);

export const deleteFirstSecret = webMethod(Permissions.Anyone, () => {
  return elevatedListSecretInfo()
    .then((secrets) => {
      return elevatedDeleteSecret(secrets[0].id);
    })
    .then(() => {
      console.log('Secret deleted');
    })
    .catch((error) => {
      console.error(error);
    });
});


This example demonstrates how to delete the first secret stored in the Secrets Manager. First we retrieve the ID of the secret using the `listSecretInfo()` function. Then we delete the secret using the retrieved ID.

Retrieve an ID and delete a secret 

deleteSecret

void

Fulfilled - When the secret is successfully deleted. Rejected - Error message.

The name of the secret to get the value of.

name

Retrieves the secret value specified by the secret name.

The `getSecretValue()` function returns a Promise that resolves to the value of the secret with the specified given name.

>**Note:**
> Only use a secret's value in the backend code. Returning the secret value in the frontend is a security risk.

import { secrets } from 'wix-secrets-backend.v2';
import {getJSON} from 'wix-fetch';
import { elevate } from 'wix-auth';

const elevatedGetSecretValue = elevate(secrets.getSecretValue);
const elevatedListSecretInfo = elevate(secrets.listSecretInfo);

export function getSomeJSON() {
  return elevatedGetSecretValue('myApiKeyName')
    .then((secret) => {
      return getJSON(`https://someapi.com/api/someendpoint?apiKey=${secret}`);
    })
    .catch((error) => {
      console.error(error);
    });
}

export function getFirstSecretValue() {
  return elevatedListSecretInfo()
    .then((secrets) => {
      return elevatedGetSecretValue(secrets[0].name);
    })
    .catch((error) => {
      console.error(error);
    });
}


Get a secret and use it to fetch a JSON from a 3rd-party service (dashboard page code)

import { Permissions, webMethod } from 'wix-web-module';
import { secrets } from 'wix-secrets-backend.v2';
import { getJSON } from 'wix-fetch';
import { elevate } from 'wix-auth';

const elevatedGetSecretValue = elevate(secrets.getSecretValue);
const elevatedListSecretInfo = elevate(secrets.listSecretInfo);

export const getSomeJSON = webMethod(Permissions.Anyone, () => {
  return elevatedGetSecretValue('myApiKeyName')
    .then((secret) => {
      return getJSON(`https://someapi.com/api/someendpoint?apiKey=${secret}`);
    })
    .catch((error) => {
      console.error(error);
    });
});

export const getFirstSecretValue = webMethod(Permissions.Anyone, () => {
  return elevatedListSecretInfo()
    .then((secrets) => {
      return elevatedGetSecretValue(secrets[0].name);
    })
    .catch((error) => {
      console.error(error);
    });
});


Get a secret and use it to fetch a JSON from a 3rd-party service (export from backend code)

import { Permissions, webMethod } from 'wix-web-module';
import { secrets } from 'wix-secrets-backend.v2';
import { elevate } from 'wix-auth';

const elevatedGetSecretValue = elevate(secrets.getSecretValue);
const elevatedListSecretInfo = elevate(secrets.listSecretInfo);

export const getFirstSecretValue = webMethod(Permissions.Anyone, () => {
  return elevatedListSecretInfo()
    .then((secrets) => {
      return elevatedGetSecretValue(secrets[0].name);
    })
    .catch((error) => {
      console.error(error);
    });
});

/*
 * Returns a Promise that resolves to:
 *
 * "Fm8OfflH6bJOwWjenqAtLurLbkiMNvmhQHZV+118"
 */


This example demonstrates how to delete the first secret stored in the Secrets Manager. First we retrieve the ID of the secret using the `listSecretInfo()` function. Then we get the value of the secret using the retrieved ID.

Retrieve a name and get a secret's value 

/************************************
 * Backend code - getWeather.web.js *
 ************************************/

import { Permissions, webMethod } from 'wix-web-module';
import { secrets } from 'wix-secrets-backend.v2';
import { getJSON } from 'wix-fetch';
import { elevate } from 'wix-auth';

const elevatedGetSecretValue = elevate(secrets.getSecretValue);

export const getWeatherJson = webMethod(Permissions.Anyone, async () => {
  const secret = await elevatedGetSecretValue('openWeatherApiKey');
  return getJSON(`https://api.openweathermap.org/data/2.5/weather?q=London&units=metric&APPID=${secret}`);
});

/********************
 * Frontend code *
 ********************/

import { getWeatherJson } from 'backend/getWeather.web';

export async function getWeather_click(event) {
  let json = await getWeatherJson();
  $w('#weather').text = json.weather[0].description; // "mist"
  $w('#temp').text = json.main.temp; // 9.4 (degrees Celsius)
}

In this example, we use the Secrets API to get an API key from the Secrets Manager. We use the key in the backend to fetch a JSON with weather information from a 3rd-party service, and return the JSON to the frontend.

Get an API key and use it to fetch a JSON from a weather service 

/************************************
 * Backend code - sendEmail.web.js *
 ************************************/

import { Permissions, webMethod } from 'wix-web-module';
import { secrets } from 'wix-secrets-backend.v2';
import sendGridMail from '@sendgrid/mail';
import { elevate } from 'wix-auth';

const elevatedGetSecretValue = elevate(secrets.getSecretValue);

export const sendEmail = webMethod(Permissions.Anyone, async (recipient, sender, subject, body) => {
  const secret = await elevatedGetSecretValue('SendGridApiKey');
  sendGridMail.setApiKey(secret);
  const message = {
    'to': recipient,
    'from': sender,
    'subject': subject,
    'text': body
  };
  sendGridMail.send(message);
});

/********************
 * Frontend code *
 ********************/

import { sendEmail } from 'backend/sendEmail.web';

export function sendEmailButton_click(event) {
  sendEmail(
    $w('#toEmail').value,
    $w('#fromEmail').value,
    $w('#subject').value,
    $w('#emailContent').value
  )
    .then(() => {
      console.log('Email sent');
    })
    .catch((error) => {
      console.error(error);
    })
}

In this example, we added the SendGrid package to our site using the Package Manager. We created a backend function that gets an API key from the Secrets Manager, sets it as the SendGrid API key, and sends an email using the SendGrid service. We call the function from the client side when a site visitor submits email information via a form.

Get an API key and use it to send an email with the SendGrid npm interface 

getSecretValue

GetSecretValueResponse

Fulfilled - The value of the secret. Rejected - Error message.

Retrieves a list of objects containing information about all secrets.

The `listSecretInfo()` function returns a Promise that resolves to a list containing information about all secrets stored on your site.

> **Note:**
> - The secret's value does not get returned for security reasons. To retrieve a secret's value, use the [`getSecretValue()`](#getSecretValue) function.

import { secrets } from 'wix-secrets-backend.v2';
import { elevate } from 'wix-auth';

const elevatedListSecretInfo = elevate(secrets.listSecretInfo);

export function getSecretInfo() {
  return elevatedListSecretInfo()
  .then((secrets) => {
    return secrets;
  })
  .catch((error) => {
    console.error(error);
  });
}

/* Returns a Promise that resolves to:
 * {
 *   "secrets": [
 *     {
 *       "id": "2eebccce-6c01-469d-a278-433fd96ba111",
 *       "createdDate": "2020-05-26T06:16:46.000Z",
 *       "updatedDate": "2020-05-28T12:21:10.000Z",
 *       "name": "MyFirstSecret",
 *       "description": "This is my first secret"
 *     },
 *     {
 *       "id": "ef4b43d4-851d-4b52-a07f-9a500a888371",
 *       "createdDate": "2020-06-02T08:23:54.000Z",
 *       "updatedDate": "2020-06-02T08:23:54.000Z",
 *       "name": "MySecondSecret",
 *       "description": "This is my second secret"
 *     }
 *   ]
 * }
 */


Get information about your secrets (dashboard page code)

import { Permissions, webMethod } from 'wix-web-module';
import { secrets } from 'wix-secrets-backend.v2';
import { elevate } from 'wix-auth';

const elevatedListSecretInfo = elevate(secrets.listSecretInfo);

export const getSecretInfo = webMethod(Permissions.Anyone, () => {
  return elevatedListSecretInfo()
    .then((secrets) => {
      return secrets;
    })
    .catch((error) => {
      console.error(error);
    });
});

/* Returns a Promise that resolves to:
 * {
 *   "secrets": [
 *     {
 *       "id": "2eebccce-6c01-469d-a278-433fd96ba111",
 *       "createdDate": "2020-05-26T06:16:46.000Z",
 *       "updatedDate": "2020-05-28T12:21:10.000Z",
 *       "name": "MyFirstSecret",
 *       "description": "This is my first secret"
 *     },
 *     {
 *       "id": "ef4b43d4-851d-4b52-a07f-9a500a888371",
 *       "createdDate": "2020-06-02T08:23:54.000Z",
 *       "updatedDate": "2020-06-02T08:23:54.000Z",
 *       "name": "MySecondSecret",
 *       "description": "This is my second secret"
 *     }
 *   ]
 * }
 */


Get information about your secrets (export from backend code)

import { Permissions, webMethod } from 'wix-web-module';
import { secrets } from 'wix-secrets-backend.v2';
import { elevate } from 'wix-auth';

const elevatedListSecretInfo = elevate(secrets.listSecretInfo);
const elevatedDeleteSecretValue = elevate(secrets.deleteSecret);

export const deleteFirstSecret = webMethod(Permissions.Anyone, () => {
  return elevatedListSecretInfo()
    .then((secrets) => {
      return elevatedDeleteSecretValue(secrets[0].id);
    })
    .then(() => {
      console.log('Secret deleted');
    })
    .catch((error) => {
      console.error(error);
    });
});


listSecretInfo

ListSecretInfoResponse

Fulfilled - A list of objects containing information about your site's secrets. Rejected - Error message.

Updates the specified fields of an existing secret by ID.


The `updateSecret()` function returns a Promise that resolves when the secret is successfully updated. You can update one or more fields. Only fields passed in the `secret` object will be updated. All other properties will remain unchanged.

You can retrieve the `_id` parameter from the [`listSecretInfo()`](#listsecretinfo) function. The secret `_id` is different from the secret `name` used by the [`getSecretValue()`](#getsecretvalue) function.

> **Notes:**
> - Changing a secret's name or value will break all code using the secret.
> - You can't rename the secret with a name of an existing secret.
> - Don't leave private keys in your code! Leaving them in is a security risk. Make sure to delete the keys from the code after running `updateSecret()`.

import { secrets } from 'wix-secrets-backend.v2';
import { elevate } from 'wix-auth';

const elevatedUpdateSecretValue = elevate(secrets.updateSecret);

export function updateName() {
  const id = 'b741766c-eead-46fe-8e7f-fd01ff3d6e21';
  const secret = {
    name: 'my_new_secret_name'
  };

  return elevatedUpdateSecretValue(id, secret)
    .then(() => {
      console.log('Secret name updated');
    })
    .catch((error) => {
      console.error(error);
    })
}


Update a single property of a secret (dashboard page code)

import { Permissions, webMethod } from 'wix-web-module';
import { secrets } from 'wix-secrets-backend.v2';
import { elevate } from 'wix-auth';

const elevatedUpdateSecretValue = elevate(secrets.updateSecret);

export const updateName = webMethod(Permissions.Anyone, () => {
  const id = 'b741766c-eead-46fe-8e7f-fd01ff3d6e21';
  const secret = {
    name: 'my_new_secret_name'
  };

  return elevatedUpdateSecretValue(id, secret)
    .then(() => {
      console.log('Secret name updated');
    })
    .catch((error) => {
      console.error(error);
    })
});

Update a single property of a secret (export from backend code)

import { Permissions, webMethod } from 'wix-web-module';
import { secrets } from 'wix-secrets-backend.v2';
import { elevate } from 'wix-auth';

const elevatedUpdateSecretValue = elevate(secrets.updateSecret);

export const updateMultipleProperties = webMethod(Permissions.Anyone, () => {
  const id = 'b741766c-eead-46fe-8e7f-fd01ff3d6e21';
  const secret = {
    name: 'my_new_secret_name',
    description: 'New description',
    value: 'new.key.44aSQCljxL9FLvTVA.9dKbpwueYoQ8isyQhvun19pOT9gHEdgxam39LJ0Ts70'
  };

  return elevatedUpdateSecretValue(id, secret)
  .then(() => {
    console.log('All secret fields updated');
  })
  .catch((error) => {
    console.error(error);
  });
});


Update multiple properties of a secret 

updateSecret

Fulfilled - When the secret is updated.
Rejected - Error message.

velo-deps_wix-secrets-backend.v2_secrets

The plaintext, unencrypted value of the secret.

value

Object containing information for each secret.

secrets

The date and time the secreted was created.

_createdDate

The date and time the secret was last updated.

_updatedDate

An optional text describing the secret's purpose or any other notes about it.

description

A unique, meaningful name used for retrieving the secret at runtime with the `getSecretValue()` function. You can use alphanumeric characters and the following special characters: `_+=-@#$`. Spaces are not supported.

The confidential value to protect, such as an API key.

getSecretValue( )