Vault Module
The vault module provides access to the secrets stored in your secret store. vault only allows for retrieval of the unencrypted value of your secrets. It does not let you store new secrets in the secret store or modify the values of existing secrets.
To store new secrets, use Functions UI:
- Functions v1: Go to the Functions editor page and look for the My secrets button.
- Functions v2: Open the Revision of the Package that contains your Function and use the Assign secrets option.
Secrets in Admin Portal
You can also manage your secrets on the Keyset page of Admin Portal.
The Vault module is made available with the following require() statement:
const vault = require('vault');
The vault module provides a single method: get(<secretKey>). Just like other Functions modules, this method returns a Promise.
The following example shows how to retrieve a securely stored API key from the secret store in order to make an authenticated XHR request to another service.
Note that the following Function is of the On Request type.
export default (request, response) => {
const xhr = require('xhr');
const vault = require('vault');
return vault.get("myApiKey").then((apiKey) => {
const http_options = {
"method": "GET",
"headers": {
"API_KEY": apiKey
}
};
return xhr.fetch("https://httpbin.org/get", http_options).then((resp) => {
console.log(resp);
return response.send("OK");
});
Functions support
Functions provides a rich set of tools, and this documentation does not cover all of the potential situations you may encounter. If you need help with a situation not covered by the documentation, please contact PubNub Support