Skip to main content

Custom Secrets in Torq: Protect Sensitive Data

Securely create and use custom secrets within Torq workflows, ensuring data protection and confidentiality.

Updated over 10 months ago

Custom secrets in Torq enable the secure handling of sensitive authentication and authorization data within your workflows. This includes keys, passwords, usernames, API tokens/keys, and SSH keys. When used in a workflow, the actual secret values are concealed to ensure confidentiality.

How Are Custom Secrets Secured?

Torq employs Google KMS for secret storage, ensuring robust encryption and compliance with FIPS 140-2 L3 validated HSM standards. The program securely accessed these secrets as needed, and they are never displayed or logged, maintaining strict data protection.

Creating a Custom Secret

Option 1: Directly Within a Workflow

  1. Within your workflow, navigate to the step requiring sensitive data.

  2. In the sensitive data input field, type $.secrets. to trigger autocomplete for available secrets.

  3. Select +Create new secret, highlighted for easy access.

  4. Name the secret with a meaningful identifier, like {vendor}_api_key.

  5. Input the secret value you wish to safeguard.

  6. Confirm by clicking Add.

Screenshot of the dropdown menu of secrets from within the step parameters, +Create new secret is highlighted in a red box

Option 2: Through the Custom Secrets Integration

  1. Find Custom Secrets under Integrations > Steps.

  2. Initiate a new secret with Add.

  3. Assign a descriptive name to the secret, for instance, {vendor}_api_key.

  4. Enter the data you're protecting as the Secret value.

  5. Complete the process by selecting Add.

Screenshot of the new secret popup

Utilizing Custom Secrets in Workflows

To incorporate a custom secret into a workflow step, reference it with $.secrets. This method seamlessly integrates the protected data where needed without exposing the secret itself.

Gif of a Slack Slash Commands workflow on Torq accessing secrets
Did this answer your question?