Storing and calling user's secrets

Hi team, can you please explain the best way to store and use a user’s secrets (e.g. API keys) in

The flow is:

  • User logs into the application
  • User is presented with a form to enter their API key
  • User enters their API key
  • API key is stored in a vault/secrets manager
  • The application uses this API key to make calls on the user’s behalf

Hoping there’s a way to do this easily using I’m across the flyctl secrets command, but that is more helpful for the use of my own secrets.

Thank you!

It’s common to store an encryption key in your app’s secrets that you use to encrypt your user’s secrets. Then you can safely store the encrypted text in your database. Lots of web frameworks, like Rails, do this.

Hi Michael, thanks for your quick response - appreciate it. I was looking for a way to store them within the vault itself but yes this pattern is an option for sure. Thank you.