🔑 Secrets

Learn how to manage secrets via CommandK


A secret is any sensitive information such as an API Key, Token, Password, SSH Key, Certificates, etc. In CommandK, all secrets are defined within an 📚 App.


Every secret has:

  • Metadata: Properties to index and categorize secrets.
  • Values: Actual data, defined per deployment environment.

Additionally, you can link each secret with a known provider: Stripe, Twilio, AWS DynamoDB, etc. This is useful for implementing provider-specific operations.


Rotation of Secrets

We're building auto-rotation based on a secret's provider. It's in beta right now—reach out if you're keen to try.

Secret values can vary across environments, but you can centrally manage all environments via the unified control plane.

Secret Storage

Secrets are securely stored in the CommandK Vault. You can choose where the CommandK Vault resides: CommandK cloud or your private cloud.


SOC-2 Type-1

Our SOC-2 Type 1 certification is currently in progress.

Consuming Secrets

You can consume secrets by leveraging our built-in integrations