| Secret type | Description | Example use case |
|---|---|---|
| Text | A string value. | Access token value |
| Binary | A file that you upload. | SSL certificate |
| Username & Password | Two-field credential for a username and password. | Basic authentication for RestAPIs |
| M2M OAuth | Multi-field credential used for client credential authentication. | REST APIs using bearer tokens |
Access control
Access to secrets is related to fabric access.- Secrets are tied to the fabric where they’re created.
- Anyone with access to that fabric can reference its secrets in projects.
- The secret value is never visible, even to the user who created it.
Create a secret
To add a new secret to a fabric:- From the left sidebar, open the Metadata page.
- Open the fabric where you want to store the secret.
- Go to the Secrets tab.
- Click + Add Secret.
-
In the dialog, choose the Secret Type.
Secret Type Parameters Text - Name: Label to identify the secret
- Value: String value
Binary - Name: Label to identify the secret
- Value: Upload a file (such as a certificate)
Username & Password - Name: Label to identify the secret
- Username: Username for authentication
- Password: Password for authentication
M2M OAuth - Name: Label to identify the secret
- Client ID: OAuth client identifier
- Client Secret: OAuth client secret key
- Auth URL: OAuth authorization server endpoint
- Scope (Optional): OAuth permissions scopes
- Click Create to save it to the fabric.
Reference a secret
Secrets are often used to hide credentials in connections.- Create a new connection.
- In fields that require credentials, a secret picker appears automatically.
- If the secret doesn’t exist yet, click the New Secret button, which opens the fabric’s Add Secret dialog.
- Once saved, the secret will appear in the picker.
- Select it, and Prophecy will validate the connection securely using that secret.