Secret Manager (`sdk.secrets`)

Securely access project-specific environment variables and API keys (like Stripe, Twilio, or AWS) without exposing them in your code.

Usage

export default async ({ sdk, body }) => {
  // Retrieve a secret stored in the project settings
  const stripeKey = await sdk.secrets.get('STRIPE_SECRET_KEY');
 
  if (!stripeKey) {
    throw new Error('Payment gateway not configured');
  }
 
  // Use the secret for external API calls
  const response = await sdk.fetch('https://api.stripe.com/v1/charges', {
    method: 'POST',
    headers: {
      'Authorization': `Bearer ${stripeKey}`
    },
    body: new URLSearchParams({ amount: body.amount, currency: 'usd' })
  });
  
  return await response.json();
};

API Reference

`sdk.secrets.get(key)`

key: (string) The name of the secret variable as defined in your Aerostack Project Settings.
Returns: Promise<string | null> The secret value or null if not found.

Safety

Encrypted at Rest: Secrets are encrypted before being stored.
Scoped: Hooks can only access secrets belonging to their own project.
No Hardcoding: Never hardcode API keys directly into your Logic Modules. Always use the Secret Manager.

Recipes & Patterns Getting Started

Secret Manager (sdk.secrets)

Usage

API Reference

sdk.secrets.get(key)

Safety

Secret Manager (`sdk.secrets`)

`sdk.secrets.get(key)`