Secret

The Secret feature is used to securely store and manage sensitive information (such as API Keys). This feature separates sensitive data from frontend configurations, ensuring credentials are not exposed in the client browser or frontend code, and are only resolved and used in a secure backend runtime environment.

💡

Currently, Secrets can only be used in an Actionflow.

Common Scenarios

Store an API Key as a Secret, and use it in the Call API node of an Actionflow.

Configuration Guide

Add a Secret

💡

Only the Owner and Managers of a project have the permission to add, edit, and delete Secrets.

Navigate to the Settings -> Secret page, add a new Secret, and fill in the parameters:

Parameter	Description	Type	Required
Name	The display name used to identify the secret. Cannot be empty, must be unique, has no length limit, can use any characters.	String	Yes
Value	The actual sensitive credential content (entered via a password input box, hidden after saving). Cannot be empty, has no length limit, can use any characters.	String	Yes
Description	Explanation of the secret’s purpose, used for team collaboration.	String	No

Click the Save button to complete the addition. The Secret will only truly take effect after the backend synchronizes the changes.

Use a Secret

In the data binding of an Actionflow node, bind the corresponding Secret. Select the path: Context -> Secret -> [Your Secret].

⚠️

To prevent leakage, Secrets cannot be directly bound to the output node of an Actionflow.

Edit and Delete Secrets

Owners and Managers can edit the Name, Value, and Description. Deleting Secrets is also supported (Note: if the Secret is bound in an Actionflow, an error will occur upon deletion). Edits and deletions take effect after the backend synchronizes the changes.

Verify if a Secret is Active

Since the value of a Secret cannot be viewed in the editor or the logs, it is usually necessary to determine whether a Secret has taken effect by checking if the actual execution result meets expectations.