In DDOE, Secrets and API Keys are sensitive credentials (tokens, keys, passwords) securely stored in the Secrets Manager. They enable applications, models, and pipelines to authenticate with external services (e.g., AWS, GCP, Azure, APIs) without exposing credentials in code or configs.
Secrets
Secrets are encrypted credentials (like tokens, keys, or passwords) managed by the DDOE Secrets Manager. They let pipelines and services securely connect to external systems (AWS, GCP, Azure, APIs) without exposing credentials in code.
Organizations can define Secrets to access resources such as cloud storage (GCS, S3), STS, and container registries (ECR, GCR). After setting up a cloud integration, a storage driver with details like bucket and folder must be created.
By creating and storing secrets and integrating them with Pipelines and Application, our platform offers a comprehensive solution for all your secret management needs.
Key Features:
Fully encrypted at rest and in transit
Scoped to project or organization level
Supports versioning and updates without code changes
Integrates with both application services and automation pipelines
Examples:
AWS access key & secret
GCP service account JSON
Azure client secret
GitHub private codebase
Secret Manager Helps to?
Create and Store Secrets: Easily create a unique name for your secret and store it as a key-value pair. This key-value pair can include anything from API keys to database credentials.
Retrieve Secrets: Access your stored secrets whenever you require them. Our platform ensures secure retrieval, allowing only authorized users to access the information.
Integrate with Pipeline and Application: Utilize your secrets across various Pipelines, or Function as a Service (Application), within our platform. This seamless integration enhances functionality and efficiency.
Manage Access: Control who can access, modify, or delete secrets. Our robust access controls ensure that only authorized users can manage secrets.
API Keys
API Keys in DDOE are secure, token-based credentials that allow programmatic access to the DDOE platform APIs. These keys are typically generated to enable automated systems, bots, or external tools to interact with DDOE (e.g., to upload data, manage annotations, or trigger services) based on defined permission scopes.
Key Features:
Can be generated directly from the UI or via API
Permissions and project access are configurable
Ideal for use in CI/CD, automation, or external integrations
Tokens can be revoked or rotated at any time
Examples:
A CI/CD pipeline using an API Key to deploy code or trigger processing
An external script using the key to upload images or retrieve annotation results
Cloud Storage Integrations
Access Secrets and API Keys
Access the data Secrets tab by clicking on the Integrations from the left-side panel. The Integrations page displays Integration and Secrets available in your organization by tabs and enable a more provider-focused view.
Create Secrets and API Keys
Create a unique name for your secret and store it as a key-value pair for easy access whenever you need it. To create a secret in DDOE platform, do the following steps:
Who can create?
Only users with the Organization Admin or Owner roles are authorized to create secrets. Learn more
Click Integrations from left panel.
Click Secrets tab.
Click Create Secret. Also, you can click on the down-arrow next to the Create Integration and select Create Secret. A side panel is displayed.
Secret name: Enter a unique name for your secret.
Secret: Enter the secret value in the Secret field.
Provider (optional): Select the relevant secret provider to help you easily identify the secrets.
Click Create Secret to finalize the process.
Add Secrets to Applications
You can add secrets to your application, which helps secure their connections when the application tries to connect to an external resource.
Add Secrets to Pipelines
You can add secrets to your pipelines, which helps secure their connections when the pipeline tries to connect to an external resource.
Search and Filter
By default, the Integrations tab is displayed, select the secret tab. The following list provides the specific criteria of search and filters for Secrets:
To search: Search secrets by Secrets Name.
To Filter:
Filter the listed secrets by the following provider, for example, AWS, Hugging Face, NVIDIA, Open AI, etc.
Filter secrets based on the email ID of the creator.
Secrets Table: Columns and Functions
The Secrets tab displays available Secrets in your organization in a list view. The column values are populated according to the Secrets.
Column Name | Description |
|---|---|
Provider | It displays the icon of the storage provider. |
Secret Name | The name of the Secret. |
Created at | The creation date of the Secret. |
Created by | The Avatar of the user who created the Secret. You can see the email ID of the user when you hover. |
Copy Secret ID: Click on the Copy icon to copy the secret ID.
Edit Secret: Click on the Pencil icon to edit Secret Name and Secret value.
Delete Secret: Click on the Trash icon to delete a secret from your organization.