Today, we will be demonstrating how to securely store Keys using the Secrets Manager.
We will first store a secret to be used on the website. We can access the secrets manager either on the dashboard under Dev tools or from our editor in our Dev menu development tools, Secrets Manager.
Our Secrets Vault will open, and here, we can store a new Secret. We will give it a logical name so we can identify it in our code and paste the string value of our secret. Remember, if you are creating your own secret, it should be long enough and include numbers and a mix of characters so it lessens the chances of being exploited back in our editor will create a backend web module file and write up the code that we need to import our secret in our case we will be using the secret as a key in a call to a third party API to retrieve a gif let's walk through the code that we added here first we will import all the necessary APIs we need including our permissions for our function the secrets function 'fetch' to call our API and the functions from Wix or to elevate permissions for the secrets API make sure to use both the web modules and the Wix or permissions with care so that your functions are not abused our secret is retrieved in an async operation. Once it's returned, we can place it in our fetch URL.
We then return a response from the request as well as specific content that we need and for good measure We'll add some basic error handling I'll place a link to some demo code in the comment section so you can try it yourself with some basic modifications now that we have our code. Let's test it using the Run functions Button. As you can see, we get the string value for the link for our GIF returned to us. All this lift is to add the necessary code to the homepage and make sure that we retrieve the gift when we click on the button. In addition to using Secrets, as we just showed, our API allows you to store and update Secrets securely, so beyond applying secrets to authenticate your site, as just demonstrated, you can also create and use tokens to authenticate users trying to access information on your site. We all know just how valuable information we store online. The Secrets Manager is the vault in which you should keep your keys and tokens so that website visitors can use your site with confidence. See you next time!
