Apidog Docs
πŸ‡ΊπŸ‡Έ English
  • πŸ‡ΊπŸ‡Έ English
  • πŸ‡―πŸ‡΅ ζ—₯本θͺž
HomeLearning CenterSupport CenterAPI References
HomeLearning CenterSupport CenterAPI References
Discord Community
Slack Community
X / Twitter
πŸ‡ΊπŸ‡Έ English
  • πŸ‡ΊπŸ‡Έ English
  • πŸ‡―πŸ‡΅ ζ—₯本θͺž
  1. Vault secrets
  • Apidog Learning Center
  • Get started
    • Introduce Apidog
    • Basic concepts in Apidog
    • Navigating Apidog
    • Quick Start
      • Overview
      • Specify a new endpoint
      • Make a request to the endpoint
      • Add an assertion
      • Create a test scenario
      • Share your API documentation
      • Explore more
      • Send a request and save as an endpoint
    • Migration
      • Overview
      • Manual import
      • Scheduled import
      • Import options
      • Export data
      • Import from...
        • Import from Postman
        • Import OpenAPI (Swagger) spec
        • Import cURL
        • Import Markdowns
        • Import from Insomnia
        • Import from apiDoc
        • Import .har file
        • Import WSDL
  • Design APIs
    • Overview
    • Create a new API project
    • Endpoint basics
    • Components
    • Common fields
    • Global parameters
    • Endpoint change history
    • Batch endpoint management
    • Configure multiple request body examples
    • Schemas
      • Generate Schemas from JSON etc.
      • Build a schema
      • Overview
      • Create a new schema
    • Security schemes
      • Overview
      • Create a security scheme
      • Use the security scheme
      • Security scheme in online documentation
    • Advanced features
      • Custom endpoint fields
      • Import endpoints as test steps
      • Endpoint status
      • Appearance of parameter lists
      • Endpoint unique idenfication
  • Develop and Debug APIs
    • Overview
    • Generate requests
    • Send requests
    • Endpoint cases
    • Dynamic values
    • Validate responses
    • Design-first Mode & Request-first Mode
    • Generate code
    • Environments & variables
      • Overview
      • Using variables
      • Environments & services
    • Vault secrets
      • Overview
      • HashiCorp Vault
      • Azure Key Vault
      • AWS Secrets Manager
    • Pre/Post processors
      • Overview
      • Assertion
      • Extract variable
      • Wait
      • Database operations
        • Overview
        • MongoDB
        • Redis
        • Oracle Client
      • Using scripts
        • Overview
        • Postman scripts reference
        • Pre processor scripts
        • Post processor scripts
        • Public scripts
        • Calling other programming languages
        • Using JS libraries
        • Visualizing responses
        • Script examples
          • Assertion scripts
          • Using variables in scripts
          • Using scripts to modify request messages
          • Other examples
    • Dynamic values Modules
  • Mock API data
    • Overview
    • Smart mock
    • Custom mock
    • Mock priority sequence
    • Mock scripts
    • Cloud mock
    • Self-hosted runner mock
    • Mock language (Locales)
  • Automated tests
    • Overview
    • Test reports
    • Test scenarios
      • Create a test scenario
      • Pass data between requests
      • Flow control conditions
      • Import endpoints/endpoint cases from other projects
      • Sync data from endpoints/endpoint cases
      • Export test scenarios
    • Run test scenarios
      • Run a test scenario
      • Data-driven testing
      • Run test scenarios in batch
      • Scheduled tasks
      • Manage the runtime environment of APIs from other projects
    • Test APIs
      • Integration testing
      • Performance testing
      • End-to-end testing
      • Regression testing
    • Apidog CLI
      • Overview
      • Installing and running Apidog CLI
      • Apidog CLI Options
    • CI/CD
      • Overview
      • Integrate with Jenkins
      • Integration with Gitlab
  • Publish API Docs
    • Overview
    • API Technologies Supported
    • Quick share
    • View the API documentation
    • Publish docs sites
    • Folder tree settings
    • Custom layouts
    • Visibility settings
    • Endpoint SEO settings
    • Custom domain
    • Embedding values in document URLs
    • Documentation Search
    • Integrating Google Analytics with Doc Sites
    • CORS Proxy
    • API Versions
      • Overview
      • Create API versions
      • Publish API versions
      • Share endpoints with API versions
  • Send requests
    • Overview
    • gRPC
    • Use request proxy agents for debugging
    • SOAP/WebService
    • GraphQL
    • WebSocket
    • Socket.IO
    • SSE debugging
    • Create requests
      • Request History
      • Request basics
      • Parameters and body
      • Request headers
      • Request settings
      • HTTP/2
    • Authentication and authorization
      • Overview
      • CA and client certificates
      • Authorization types supported by Apidog
      • Digest Auth
      • OAuth 1.0
      • OAuth 2.0
      • Hawk Authentication
      • Kerberos
      • NTLM
      • Akamai EdgeGrid
    • Response and cookies
      • Overview
      • API response in Apidog
      • Create and send cookies
      • Debug requests
      • Save the request as an endpoint
  • Branches
    • Overview
    • Create a new sprint branch
    • Test APIs in a branch
    • Design API in a branch
    • Merge sprint branches
    • Manage sprint branches
  • Apidog MCP Server
    • Overview
    • Conntect API Specification within Apidog Project to AI via Apidog MCP Server
    • Conntect Online API Documentation Published by Apidog to AI via Apidog MCP Server
    • Conntect OpenAPI Files to AI via Apidog MCP Server
  • Best practices
    • How to handle API signatures
    • How to access OAuth 2.0 protected APIs
    • Apidog collaboration workflow
    • Managing authentication state in Apidog
  • Administration
    • Onboarding Checklist
      • Basic Concepts
      • Onboarding Guide
    • Managing Teams
      • Managing Teams
      • Managing Team Members
      • Member Roles & Permission Settings
      • Team Activities
      • Team Resources
        • General Runner
        • Team Variables
        • Request Proxy Agent
      • Real-time Collaborations
        • Team Collaboration
    • Managing Projects
      • Managing Projects
      • Managing Project Members
      • Notification Settings
      • Project Resources
        • Database Connection
    • Managing Organizations
      • Single Sign-On (SSO)
        • SSO Overview
        • Configure Microsoft Entra ID
        • Configure Okta
        • Configure SSO for an Organization
        • Managing user accounts
        • Mapping Groups to Teams
      • SCIM Provisioning
        • Intro to SCIM Provisioning
        • Microsoft Entra ID
        • Okta
      • Organization Resources
        • Self-hosted Runner
  • Billing
    • Overview
    • Credits
    • Unable to use credit cards?
    • Managing subscriptions
    • Upgrade plan
  • Add-ons
    • API Hub
    • Apidog Intellij IDEA plugin
    • Browser Extension
      • Chrome
      • Microsoft Edge
    • Request Proxy
      • Request proxy in Apidog web
      • Request proxy in shared docs
      • Request proxy in Apidog client
  • Account & preferences
    • Language settings
    • Data backup
    • Network proxy configuration
    • Hot keys
    • Updating Apidog
    • Generate OpenAPI access token
    • Deleting account
    • Account settings
  • References
    • API-Design First Approach
    • Apidog OpenAPI/Swagger Specificaiton Extensions
    • JSONPath
    • XPath
    • Regular Expressions
    • JSON Schema
    • CSV File Format
    • Install Java Environment
    • Runner deployment environment
    • Apidog flavored Markdown
  • Apidog Europe
    • Apidog Europe
  • Support Center
  1. Vault secrets

Vault Secret in Apidog

Vault secrets is available on Apidog Enterprise plan.
When using Apidog, you can fetch secrets from external vaults such as HashiCorp Vault, Azure Key Vault and AWS Secrets Manager, and use them like global variables when sending requests.
Administrators can configure integration with external vaults for teams and projects, and then users only need to log in with OAuth2.0 or enter their own access token to fetch secrets from the external vault.
The fetched secrets are encrypted and stored in your local client, ensuring they remain private and are not shared with anyone.

Configure vault providers#

On the team resources page, you can configure multiple vault providers for your team. Each provider can be assigned to different projects based on requirements.
SCR-20241212-qpuy.png
Within the project, you have the option to either customize the vault provider for that specific project or use a provider configured at the team level.
SCR-20241213-pnah.png
Learn more details here:
HashiCorp Vault
Azure Key Vault
AWS Secrets Manager

Link and fetch secrets#

Click the button next to the environment menu (upper-right corner of the project) and selectVault Secrets.
In thevalueinput box, configure the metadata for the secret stored in the external vault (e.g., engine, path, key). The required metadata varies depending on the vault provider.
SCR-20241213-pnfw.png
ClickFetch Secretsto fetch the secret, which will be securely encrypted and stored on your local client.
SCR-20241213-pnhv.png

Use secrets#

Secrets can be used in any context where a variable is supported, following the syntax {{vault:key}}.
SCR-20241213-pnnc.png
Within the script, you can use await pm.vault.get("key") to get the value of the secret. If you use console.log to print the value, the value will be masked.
SCR-20241213-pojf.png
Secret values are never shared with team members. However, variable names and metadata are shared to eliminate the need for reconfiguration. Team members can fetch the secrets using proper authorization, ensuring a balance between collaboration and privacy.

Advantages of using vaults for enterprises#

Secure Storage of Secrets: Vaults provide a secure way to store sensitive information such as API keys, passwords, certificates, and tokens, ensuring that they are protected against unauthorized access.
Access Control: Vaults allow organizations to define strict access control policies, ensuring that only authorized users or services can access particular secrets.
Encryption: Vaults often provide built-in encryption to protect data both at rest and in transit, adding an extra layer of security.
Auditing and Monitoring: Vaults offer auditing and monitoring capabilities to keep track of who accessed which secret and when. This helps in compliance and in detecting any unauthorized access attempts.
Integration with Other Services: Vaults are designed to integrate seamlessly with other cloud services (including Apidog) and DevOps tools, making it easy to manage secrets in a variety of environments.
Centralized Management: Vaults provide a centralized way to manage secrets across different applications, services, and environments, simplifying the overhead associated with secret management.
Risk Reduction: By reducing the chance of credentials being hardcoded into applications or leaking into source code, vaults help mitigate the risk of credential exposure.

Prerequisites for vault secrets with Apidog#

Secrets must already be stored in HashiCorp Vault, Azure Key Vault, or AWS Secrets Manager.
The organization or team must be subscribed to the Apidog Enterprise Plan.
Modified atΒ 2025-02-20 02:37:11
Previous
Environments & services
Next
HashiCorp Vault
Built with