Syncplify Server! V7

Appearance

GetSecret

ts
function GetSecret(name: string): string;

Retrieves the plaintext value of a named secret from the current virtual site's secret store. Returns an empty string if the secret does not exist or contains a blank value.

Secrets are encrypted at rest in the database and can only be read by scripts running inside the worker process, they are never exposed through the REST API or the Admin UI.

IMPORTANT

The secret store and GetSecret are available as of Syncplify Server! v7.0.16. Users running an older version do not have access to this feature.

Parameters

NameTypeDescription
namestringThe case-sensitive name of the secret to retrieve.

Returns

The plaintext string value of the secret. Returns "" (empty string) on any error, including when the named secret does not exist.

Example

ts
var apiKey = GetSecret("my-api-key");
if (apiKey == "") {
  Log("Secret not found, aborting.");
} else {
  var hc = new HttpCli();
  var res = hc.Url("https://api.example.com/notify")
               .Header("Authorization", "Bearer " + apiKey)
               .Timeout(15)
               .Get();
  Log("Response status: " + res.StatusCode());
}

TIP

Combine GetSecret with the OTFE feature of remote client objects to keep encryption keys out of your scripts:

ts
var cli = new SftpClient();
cli.Options.OTFE      = true;
cli.Options.OTFEKey   = GetSecret("transfer-encryption-key");

NOTE

Secrets are managed from the Admin UI → Scripting / Event-Handling → Secrets page. Secret values are write-only from the UI perspective, only script code can read them back using GetSecret.