Skip to main content
All CollectionsBuild AutomationsIntegrations
Custom Secrets in Torq: Protect Sensitive Data
Custom Secrets in Torq: Protect Sensitive Data

Securely create and use custom secrets within Torq workflows, ensuring data protection and confidentiality.

Updated over 2 months ago

Custom secrets in Torq enable the secure handling of sensitive authentication and authorization data within your workflows. This includes keys, passwords, usernames, API tokens/keys, and SSH keys. When used in a workflow, the actual secret values are concealed to ensure confidentiality.

How Are Custom Secrets Secured?

Torq employs Google KMS for secret storage, ensuring robust encryption and compliance with FIPS 140-2 L3 validated HSM standards. The program securely accessed these secrets as needed, and they are never displayed or logged, maintaining strict data protection.

Creating a Custom Secret

Option 1: Directly Within a Workflow

  1. Within your workflow, navigate to the step requiring sensitive data.

  2. In the sensitive data input field, type $.secrets. to trigger autocomplete for available secrets.

  3. Select +Create new secret, highlighted for easy access.

  4. Name the secret with a meaningful identifier, like {vendor}_api_key.

  5. Input the secret value you wish to safeguard.

  6. Confirm by clicking Add.

Screenshot of the dropdown menu of secrets from within the step parameters, +Create new secret is highlighted in a red box

Option 2: Through the Custom Secrets Integration

  1. Find Custom Secrets under Integrations > Steps.

  2. Initiate a new secret with Add.

  3. Assign a descriptive name to the secret, for instance, {vendor}_api_key.

  4. Enter the data you're protecting as the Secret value.

  5. Complete the process by selecting Add.

Screenshot of the new secret popup

Utilizing Custom Secrets in Workflows

To incorporate a custom secret into a workflow step, reference it with $.secrets. This method seamlessly integrates the protected data where needed without exposing the secret itself.

Gif of a Slack Slash Commands workflow on Torq accessing secrets
Did this answer your question?