Secrets and Environment variables

Secrets and environment variables

When integrating with third-party services, you commonly need to supply an API key or other credentials when interacting with it. It is not a good idea to store these keys directly in your flows, as it increases the likelihood of them being forgotten, or leaked.

Midio has a separate system for storing these values as either secrets or environment variables. There is also a special node (Get Environment Variable) that you can use for accessing these values in your code. You can also configure different values for the same key, to be used for the different environments your application can run in (which currently is either the editor, or as a deployed app).

We recommend storing sensitive data as secrets. Secrets have an additional guarantee that regular variables do not have: they are encrypted for as long as they exist in the Midio engine, and are only decrypted once they leave with an HTTP request to whatever service you access.

Managing secrets and variables

Environment secrets and variables are declared in project settings and are available in the project they are declared in.

To create a secret or variable:

  1. Click on the hamburger menu in the project panel.

  2. Click on Add secret/variable.

  3. Fill out the form to create a secret/variable. The form will look slightly different if you a creating a variable.

  4. Click Add and watch it appear in the table!

    • If you created it in only one environment, the new secret/variable should appear as a missing value if you toggle to the other environment.

From the secrets/variables window you can update or delete the environment value by clicking on the menu that appears on the table row. You can also duplicate the value into the other environment from here.

Secret types

Midio currently only support Bearer tokens as the secret type. A bearer token is a type of access token used in HTTP authentication. It is a string that proves the sender is authorized to access a specific API or service. When included in the Authorization header of an HTTP request (as Authorization: Bearer <token>), it tells the server that the request comes from an authenticated client.

In Midio, when assigning a Bearer secret to a headers object, the Bearer <token> formatting is done automatically.

Support for more secret types will be added in the future.

Using secrets and variables

To use secrets and variables in the editor, make sure you have created a value in the Development environment.

Fetching an environment secret or variable can be done by using the Get Environment Variable node.

Raw values of regular environment variables are available in the Midio engine, which means you can access the string value associated with the key directly in the editor.

But since the raw value of secrets are not available in the Midio engine, you will instead see a placeholder value.

To use a secret, you have to use a node that is aware of how to handle a secret value, like Fetch or Llm Chat Complete. There are two ways to pass a secret bearer token to these nodes: either directly, or as the value of the Authorization HTTP header key.

All HTTP requests in Midio have to go through these nodes, but you might not use them directly. For instance, the Chat complete node in the open-ai package uses Fetch to make the HTTP request. This node has an api key input parameter that you can pass a secret bearer token to, since it internally passes this value to an Authorization HTTP header.

Production application

When you deploy your Midio code, make sure any environment variable or secret your application needs has a value for the production environment. You can choose to deploy anyway, but be aware that your application will not have access to variables only defined for the development environment.

PreviousDebuggingNextOAuth 2.0

Last updated

Was this helpful?