Integrations
Secrets Manager
How to securely store API keys and secrets for your VULK apps.
Secrets Manager
Overview
The Secrets Manager allows you to securely store API keys, tokens, and other sensitive data for your deployed apps. Secrets are encrypted in VULK and injected into the deployed app/backend runtime.
Accessing Secrets Manager
- Deploy your project with backend
- Go to Backend tab
- Click Secrets Manager
Available Secret Types
| Secret | Purpose |
|---|---|
JWT_SECRET | Authentication token signing |
STRIPE_SECRET_KEY | Payment processing |
RESEND_API_KEY | Email sending |
APP_URL | Your app's public URL |
Adding Custom Secrets
You can add any secret your app needs. The generated code will reference it via env.YOUR_SECRET_NAME or the equivalent runtime environment variable.
Security
How Secrets Are Stored
- You enter the secret in the Secrets Manager
- VULK encrypts and stores it in Secrets Manager
- The deployed runtime receives it as an environment secret
- Your app/backend can access it via
env.SECRET_NAME - The secret value is never visible again - only the name is shown
Best Practices
- Never commit secrets to code
- Use different keys for test/production
- Rotate secrets periodically
- Use strong, random values for JWT_SECRET
Viewing Configured Secrets
The Secrets Manager shows which secrets are configured with a checkmark icon. You cannot view the actual values after saving.
Updating Secrets
To update a secret:
- Enter the new value in the field
- Click Save
- The old value is replaced
The change takes effect immediately on the deployed runtime.