Secrets Manager Installation
Before you begin
You'll need:
- A ByteHide account and project token
- Node.js 12+ or a modern JavaScript environment
- npm or yarn package manager
Key Features
- Easy initialization with environment variables or programmatic setup
- Environment-aware secrets for dev, staging, and production
- Synchronous and asynchronous APIs for flexible usage
- Automatic caching with configurable TTL
- Memory encryption options for additional security
- Support for Node.js backend and browser environments
Installation Options
Add the ByteHide Secrets SDK to your project using one of these methods:
npm
npm install @bytehide/secrets
yarn
yarn add @bytehide/secrets
Environment Setup
Required Environment Variables
The SDK requires these environment variables:
BYTEHIDE_SECRETS_TOKEN- Your ByteHide project tokenBYTEHIDE_SECRETS_ENVIRONMENT- The environment name (defaults to "production" if not set)
Node.js Projects
- Create a
.envfile in your project root:
BYTEHIDE_SECRETS_TOKEN=your-project-token
BYTEHIDE_SECRETS_ENVIRONMENT=development
Browser Projects
For browser-based projects, you'll need to inject environment variables at build time:
Webpack
// webpack.config.js
const webpack = require('webpack');
module.exports = {
// ...
plugins: [
new webpack.DefinePlugin({
'window.env': JSON.stringify({
BYTEHIDE_SECRETS_ENVIRONMENT: 'production',
BYTEHIDE_SECRETS_TOKEN: 'your-project-token'
})
})
]
};
Vite
// vite.config.js
import { defineConfig } from 'vite';
export default defineConfig({
define: {
'window.env': {
BYTEHIDE_SECRETS_ENVIRONMENT: 'production',
BYTEHIDE_SECRETS_TOKEN: 'your-project-token'
}
}
});
Initialize the SDK
The SDK can be initialized automatically or manually.
Automatic Initialization
If you've set up environment variables, the SDK will auto-initialize:
import { SecretsManager } from "@bytehide/secrets";
// No explicit initialization needed if environment variables are set
async function main() {
const apiKey = await SecretsManager.get("API_KEY");
console.log("API key:", apiKey);
}
Manual Initialization
For testing or special scenarios, you can initialize manually:
import { SecretsManager } from "@bytehide/secrets";
// Not recommended for production - use environment variables instead
SecretsManager.unsecureInitialize("your-project-token", "development");
const secret = SecretsManager.getSync("TEST_SECRET");
Security Notice
The unsecureInitialize method is not recommended for production as it may expose your token. Always use environment variables in production environments.
Verify Installation
After initializing the SDK, verify it's working by accessing a test secret:
import { SecretsManager } from "@bytehide/secrets";
// Async verification
async function verifySetup() {
try {
const secret = await SecretsManager.get("TEST_SECRET");
console.log("Secret retrieved successfully!");
return true;
} catch (error) {
console.error("Error accessing secret:", error);
return false;
}
}
// Or synchronous verification
try {
const secret = SecretsManager.getSync("TEST_SECRET");
console.log("Secret retrieved successfully!");
} catch (error) {
console.error("Error accessing secret:", error);
}
Configuring Caching
By default, the SDK caches secrets in memory with a 5-minute TTL (time-to-live). You can customize this:
// Disable caching
SecretsManager.configureCache(false);
// Or set a custom TTL (in milliseconds)
SecretsManager.configureCache(true, 10 * 60 * 1000); // 10 minutes
// Clear the cache manually
SecretsManager.clearCache();
Production Deployment
In production, set environment variables through your hosting platform:
- Vercel/Netlify: Environment variables section
- AWS Lambda/EC2: Environment configuration
- Heroku: Config vars
- Docker: ENV directives or environment flags
- Kubernetes: ConfigMaps or Secrets