# Secrets and Environment variables

## Secrets and environment variables

When integrating with third-party services, you commonly need to supply an **API key** or other credentials when interacting with it. It is not a good idea to store these keys directly in your flows, as it increases the likelihood of them being forgotten, or leaked.

Midio has a separate system for storing these values as either **secrets** or **environment variables**. There is also a special node ([`Get Environment Variable`](/midio-docs/built-in-nodes/core-std.md#getenvironmentvariable)) that you can use for accessing these values in your code. You can also configure different values for the same key, to be used for the different environments your application can run in (which currently is either the **editor**, or as a **deployed app**)**.**

We recommend storing sensitive data as **secrets**. Secrets have an additional guarantee that regular variables do not have: they are encrypted for as long as they exist in the [Midio engine](/midio-docs/the-midio-engine.md), and are only decrypted once they leave with an HTTP request to whatever service you access.

### Managing secrets and variables

Environment secrets and variables are declared in project settings and are available in the project they are declared in.

To create a secret or variable:

1. Click on the hamburger menu in the project panel.

   <div align="left"><figure><img src="/files/NB1jfHhGRQnlS4prjGVK" alt="" width="375"><figcaption></figcaption></figure></div>
2. Click on Add secret/variable.
3. Fill out the form to create a secret/variable. The form will look slightly different if you a creating a variable.\
   ![](/files/EDtOBZQn7UXp4qMSyHR7)
4. Click Add and watch it appear in the table!
   * If you created it in only one environment, the new secret/variable should appear as a missing value if you toggle to the other environment.

From the secrets/variables window you can update or delete the environment value by clicking on the menu that appears on the table row. You can also duplicate the value into the other environment from here.

### Secret types

Midio currently only support **Bearer** tokens as the **secret type**. A **bearer token** is a type of access token used in HTTP authentication. It is a string that proves the sender is authorized to access a specific API or service. When included in the `Authorization` header of an HTTP request (as `Authorization: Bearer <token>`), it tells the server that the request comes from an authenticated client.

In Midio, when assigning a **Bearer** secret to a headers object, the `Bearer <token>` formatting is done automatically.

{% hint style="success" %}
Support for more secret types will be added in the future.
{% endhint %}

### Using secrets and variables

To use secrets and variables in the editor, make sure you have created a value in the Development environment.

Fetching an environment secret or variable can be done by using the [`Get Environment Variable`](/midio-docs/built-in-nodes/core-std.md#getenvironmentvariable) node.

<figure><img src="/files/Yrl3koL0RogQhw43tMGL" alt="" width="375"><figcaption></figcaption></figure>

Raw values of regular environment ***variables*** are available in the Midio engine, which means you can access the string value associated with the key directly in the editor.

<figure><img src="/files/hPbbGX4SmObOPXiOudNW" alt="" width="375"><figcaption></figcaption></figure>

But since the raw value of ***secrets*** are not available in the Midio engine, you will instead see a placeholder value.

To use a secret, you have to use a node that is aware of how to handle a secret value, like [`Fetch`](/midio-docs/built-in-nodes/http.md#fetchurl) or `Llm Chat Complete`. There are two ways to pass a secret bearer token to these nodes: either directly, or as the value of the `Authorization` HTTP header key.

<figure><img src="/files/ipONVs9cO5enbBwA182P" alt="" width="375"><figcaption></figcaption></figure>

All HTTP requests in Midio have to go through these nodes, but you might not use them directly. For instance, the `Chat complete` node in the `open-ai` package uses [`Fetch`](/midio-docs/built-in-nodes/http.md#fetch) to make the HTTP request. This node has an `api key` input parameter that you can pass a secret bearer token to, since it internally passes this value to an `Authorization` HTTP header.

<figure><img src="/files/No6ki3LFmEkMdQlnKD8k" alt="" width="375"><figcaption></figcaption></figure>

## Production application

When you deploy your Midio code, make sure any **environment variable or secret** your application needs has a value for the **production** environment. You can choose to deploy anyway, but be aware that your application will not have access to variables only defined for the **development** environment.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.midio.com/midio-docs/guides/secrets-and-environment-variables.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.