Custom secrets in Torq enable the secure handling of sensitive authentication and authorization data within your workflows. This includes keys, passwords, usernames, API tokens/keys, and SSH keys. When used in a workflow, the actual secret values are concealed to ensure confidentiality.
How Are Custom Secrets Secured?
Torq employs Google KMS for secret storage, ensuring robust encryption and compliance with FIPS 140-2 L3 validated HSM standards. The program securely accessed these secrets as needed, and they are never displayed or logged, maintaining strict data protection.
Creating a Custom Secret
Option 1: Directly Within a Workflow
Within your workflow, navigate to the step requiring sensitive data.
In the sensitive data input field, type
$.secrets.to trigger autocomplete for available secrets.Select +Create new secret, highlighted for easy access.
Name the secret with a meaningful identifier, like {vendor}_api_key.
Input the secret value you wish to safeguard.
Confirm by clicking Add.
Option 2: Through the Custom Secrets Integration
Find Custom Secrets under Integrations > Steps.
Initiate a new secret with Add.
Assign a descriptive name to the secret, for instance, {vendor}_api_key.
Enter the data you're protecting as the Secret value.
Complete the process by selecting Add.
Utilizing Custom Secrets in Workflows
To incorporate a custom secret into a workflow step, reference it with $.secrets. This method seamlessly integrates the protected data where needed without exposing the secret itself.
