/

Accessing Secrets

Prerequisites

Before accessing secrets, make sure you've installed and initialized the Secrets Manager SDK.

Basic Usage

After initializing the SDK, you can retrieve secrets with a simple API call:

Python
from bytehide_secrets import SecretsManager

# Auto-initializes from environment variables
db_password = SecretsManager.get("database-connection")
print(f"Connection string: {db_password}")

Creating and Updating Secrets

You can create or update secrets directly from your application:

Python
from bytehide_secrets import SecretsManager

# Create a new secret
success = SecretsManager.set("api-key", "sk_test_abc123xyz")

# Update an existing secret
SecretsManager.set("database-connection", "postgresql://admin:secret@new-server:5432/myapp")

Error Handling

When a secret doesn't exist or there's an error, the SDK will raise an exception. Handle this gracefully:

Python
from bytehide_secrets import SecretsManager

try:
    secret = SecretsManager.get("non-existent-key")
except Exception as ex:
    # Handle missing secret
    print(f"Secret not found: {ex}")

    # You might want to create the secret or use a default value
    SecretsManager.set("non-existent-key", "default-value")

Best Practices

Cache Configuration

The SDK includes built-in caching to improve performance:

Python
from bytehide_secrets import SecretsManager

# Configure cache with 10 minutes TTL
SecretsManager.configure_cache(enabled=True, ttl_seconds=600)

# Clear cache
SecretsManager.clear_cache()

# Disable cache
SecretsManager.configure_cache(enabled=False)

Security Best Practices

  • Never print or log full secret values
  • Don't store secret values in plain text files
  • Clear secrets from memory when no longer needed
  • Use environment-specific secrets

Common Usage Patterns

Configuration Helper

Create a configuration helper for your application:

Python
from bytehide_secrets import SecretsManager

class AppConfig:
    @staticmethod
    def get_database_connection():
        return SecretsManager.get("database-connection")

    @staticmethod
    def get_api_key():
        return SecretsManager.get("api-key")

    @staticmethod
    def get_cache_timeout():
        value = SecretsManager.get("cache-timeout-minutes")
        try:
            return int(value)
        except (ValueError, TypeError):
            return 10  # Default to 10

Flask Integration

Integrate with Flask applications:

Python
from flask import Flask
from bytehide_secrets import SecretsManager

app = Flask(__name__)

# Load secrets into Flask config
app.config["DATABASE_URL"] = SecretsManager.get("database-connection")
app.config["API_KEY"] = SecretsManager.get("api-key")

Django Integration

Integrate with Django settings.py:

Python
from bytehide_secrets import SecretsManager

# Database configuration using secrets
DATABASES = {
    "default": {
        "ENGINE": "django.db.backends.postgresql",
        "HOST": SecretsManager.get("DB_HOST"),
        "NAME": SecretsManager.get("DB_NAME"),
        "USER": SecretsManager.get("DB_USER"),
        "PASSWORD": SecretsManager.get("DB_PASS"),
    }
}

Database Connection Example

Python
from bytehide_secrets import SecretsManager

def connect_to_database():
    """Example: Using secrets to connect to a database."""
    db_host = SecretsManager.get("DB_HOST")
    db_user = SecretsManager.get("DB_USER")
    db_pass = SecretsManager.get("DB_PASS")

    print(f"Connecting to {db_host} as {db_user}")
    # connection = connect(host=db_host, user=db_user, password=db_pass)

if __name__ == "__main__":
    connect_to_database()

Next Steps

Previous
Installation
Next
Multi-Environment Setup