back to docs

Secrets

Secrets provides a secure environment for storing sensitive information such as tokens, keys, and credentials used across the ChatBotKit services.

Secrets provides a secure environment for storing sensitive information such as tokens, keys, and credentials used across the ChatBotKit services. As a safeguard against exposure to external threats and to preserve data privacy, Secrets ensures that sensitive details remain protected within a secure vault. This feature is allowing customers to integrate and utilize secrets seamlessly within Skillset Abilities and other parts of the ChatBotKit Platform.

Key Features

Enhanced Security

Secrets serve as a secure vault where sensitive data is stored safely, ensuring that crucial information like tokens and credentials used for operating services and APIs are safeguarded from unauthorized access.

Seamless Integration

Within the ChatBotKit platform, Secrets can be easily referenced in Skillset Abilities. This integration simplifies the process of performing secure actions and requests by seamlessly substituting sensitive information with placeholders in code, thereby enhancing functionality without compromising security.

Data Privacy

The implementation of Secrets ensures that sensitive data required to perform actions never leaves the secure vault. It prevents any exposure of sensitive information to the underlying model or external entities, maintaining strict data confidentiality.

How To Use Secrets

To utilize the Secrets within ChatBotKit, follow these simple steps:

  1. Storing Secrets:
    • Navigate to the Secrets vault and securely store your sensitive information such as API keys, tokens, or credentials.
  2. Referencing Secrets in Skillset Abilities:
    • When creating or modifying a Skillset Ability that requires sensitive information, reference the stored secret in the action code using the syntax ${SECRET_NAME}. This placeholder is replaced at runtime with the actual secret value, ensuring secure access and use.

Example of referencing a secret in a Skillset Ability:

In order to fetch entries from a database matching search criteria, you must use the following action.

```fetch
POST https://api.example.com/v1/database/search HTTP/1.1
Content-Type: application/json
Authorization: Bearer ${SECRET_MY_API_TOKEN}

{
  "query": "${query|the search phrase or string}"
}
```