Overview
Organization Secrets in Kodexa provide a secure way to store and manage sensitive information like API keys, passwords, and connection strings at the organization level. This feature ensures that confidential data remains protected while being easily accessible across your projects and workflows.
Accessing Organization Secrets
To access Organization Secrets:
Navigate to your organization's management section in Kodexa
Click on the "Secrets" tab in the navigation menu
You'll see the Secrets management interface where you can view, add, and manage your organization's secrets
Adding a New Secret
To create a new organization secret:
Click the "Add Secret" button in the top right corner of the Secrets page
In the dialog that appears, fill in:
Name: Enter a descriptive name for your secret (e.g., "SecretName")
Value: Enter the actual secret value (this will be encrypted and stored securely)
Click "Add" to save the secret
You can cancel the operation at any time by clicking the "Cancel" button
Managing Existing Secrets
Once secrets are created, they appear in a list showing:
Secret Name: The identifier for each secret
Actions: Each secret has a Delete button for removal when no longer needed
โ ๏ธ Important: Deleting a secret is permanent and may affect any workflows or models currently using it.
Using Secrets in Your Workflows
Organization secrets can be utilized in various parts of your Kodexa workflows. For example, when configuring models or connectors that require sensitive information:
Look for the "Use organization secret" checkbox option
Check this box to enable secret selection
A dropdown will appear allowing you to select from your available organization secrets
Example Use Case: Azure Publisher Configuration
In the screenshot example, you can see how secrets are used in an Azure publisher configuration:
The Connection String field has a "Use organization secret" option
When enabled, you can select a pre-configured secret instead of entering the connection string directly
This keeps your Azure SAS connection string secure and centrally managed
Best Practices
Naming Convention: Use clear, descriptive names for your secrets to make them easily identifiable
Access Control: Only organization administrators can manage secrets
Regular Updates: Periodically review and update secrets, especially for external services
Documentation: Keep internal documentation about what each secret is used for
Rotation: Implement a regular rotation schedule for sensitive credentials
Security Features
All secrets are encrypted at rest
Secret values are never displayed after creation
Access to secrets is controlled at the organization level
Audit trails track secret usage and modifications
Common Use Cases
Organization Secrets are commonly used for:
API keys for external services
Database connection strings
Cloud storage credentials
Authentication tokens
Webhook URLs with embedded credentials