Port secrets
Port provides a secure way to store sensitive data, such as tokens, passwords, and other secrets used in different Port components.
Port secrets can be used in:
- Port-hosted integrations - any integration that is installed using the "Hosted by Port" method, for example: Datadog.
- Self-service actions payload.
- Automations payload.
Usage
To view your organization secrets:
-
In your Port application, click on the
...button in the top right corner, and selectCredentials. -
In the
Credentialswindow, choose theSecretstab.
To create a new secret, click on the + Secret button.
One-time view
After creating a secret, you will be able to view its value only once.
Afterwards, you will be able to delete the secret or edit its value, but not to view it.
Referencing secrets
To reference a secret in your action or automation payloads, use the following syntax:
"token": "{{ .secrets.MY_SECRET_NAME }}"
Note that if your secret name contains hyphens or special characters, use bracket notation:
"token": "{{ .secrets["my-secret-name"] }}"
Security
- Port secrets reside in Port's infrastructure (hosted on AWS), per organization, meaning that no other organization has any access to your secrets.
- Secrets are
AES-256encrypted at rest, and are only decrypted when needed. - Secrets are encrypted in transit using
TLS 1.2.