Skip to content
Arc XP

Create a Secure Secret and Use within Your Integration

If your integration is making requests to an API which requires an authorization token, that token can be securely stored and used through IFX. You may also have variables you need to define which change per environment, such as an API host URL. In this guide we will show you just how to handle these values.

Getting Started

IFX securely stores secrets for you in the format of name:value. While names and values can be modified, values will never be output once they’re stored.

Create or Manage a Secret

Using an API you can securely store one or more secrets for your integration. The API includes logic for you to create, edit or delete secrets. See Swagger doc.

Using a Secret

This section will guide you on how to use a stored secret within your integration. Once you add the secret to a constant file and in your handler, it will be deployed along with your integration to sandbox and prod.

Secrets are used at runtime. You do not have to re-deploy your code when you add/change secrets.

Steps

  1. Create a file in the root of your project called .env if you do not already have one — this file will be ignored and should not be checked in to your repo. If you accidentally commit secret or sensitive information, you should be sure to squash that commit so it does not exist in your repo.

  2. Inside of the .env file, define variables as needed. This file can be used to define variables that differ by environment, a URL for example.

Secrets and Variables on Local Environment

On local environment, you can store both secrets and variables. The value will be taken directly from the .env file.

.env
mytoken=12345
contentApiHost=https://api.sandbox.{myOrg}.arcpublishing.com

Within your code, the key is accessed by using process.env.['{key}']. Inside my handler:

console.log(process.env['mytoken'])
// Output: 12345


console.log(process.env['contentApiHost'])
// Output: https://api.sandbox.{myOrg}.arcpublishing.com

Secrets and Variables on Sandbox and Production

Secrets

On Sandbox and Production environments, the value for Secrets will be taken from Secrets Manager. In this case I would add to Secrets Manager with a payload:

{
  "secretName": "mytoken",
  "secretValue": "67890"
}
console.log(process.env['mytoken'])
// Output: 67890

Variables

For non-sensitive variables you can use your environment files.

Sandbox Variables

.env.sandbox
API_HOST=https://api.sandbox.org.arcpublishing.com
handlerFile.js
const apiHost = process.env.API_HOST;
// Value: https://api.sandbox.org.arcpublishing.com

Production Variables

.env.production
API_HOST=https://api.org.arcpublishing.com
handlerFile.js
const apiHost = process.env.API_HOST;
// Value: https://api.org.arcpublishing.com

Help us improve our documentation! Let us know if you do not find what you are looking for by posting suggestions to Our Ideas Portal.