Skip to main content

Secrets

The Secrets module is responsible for the secure storage and management of sensitive information across the CogSol platform.

It enables other modules, particularly Script Tools, to access credentials, tokens, and configuration values safely, ensuring that sensitive data is never exposed in logs, source code, or user interfaces.

What Are Secrets?

In CogSol, secrets represent confidential key-value pairs that are required for secure integrations and automated processes.

Typical examples include:

  • API keys for third-party services
  • Authentication tokens
  • Database credentials
  • Cloud service access keys
  • Private configuration parameters for automation tools

Secrets are encrypted upon creation and stored in a secure vault, accessible only to authorized modules and users.

Purpose of the Secrets Module

The Secrets module provides a standardized and secure way to manage sensitive configuration values. Its goals are to:

  • Centralize secret management for all modules that require secure credentials.
  • Ensure security by encrypting and controlling access to confidential data.
  • Enable seamless integration between CogSol components and external APIs.
  • Simplify secret reference for Script Tools and other automated workflows.
  • Maintain environment separation, ensuring different secret sets per workspace (e.g., dev, testing, prod).

Key Components

Secret Storage

Secrets are stored in CogSol’s encrypted vault system.

Once a secret is created, its value is never displayed again, ensuring full confidentiality.

Each secret record includes:

  • Name (human-readable identifier)
  • Encrypted value

Secret References

Modules like Script Tools don’t store or read secrets directly.

Instead, they reference secrets by name, allowing CogSol to inject the decrypted value securely during runtime execution.

This indirection guarantees that secret values remain invisible to users, developers, and logs, while still being accessible to authorized automation processes.

Secrets Management Interface

The Secrets section in the platform provides a simple yet secure interface for managing credentials.

Creating a Secret

To create a new secret:

  1. Click New on the Secrets dashboard.
  2. Enter a Name (unique identifier for the secret).
  3. Enter the Value (the confidential key or token).
  4. Click Create.

Once created, the secret value is encrypted and cannot be viewed again for security reasons.

If a value is lost, a new secret must be created.

Listing and Editing Secrets

The list view displays all available secrets with their masked values (represented by dots).

Users can:

  • Edit a secret: update its value securely (re-encryption occurs automatically).
  • Delete a secret: permanently remove it from the vault (used when credentials are rotated or deprecated).