Skip to content

docs: Clarify secret access, production storage, and Cloud secrets#663

Merged
developerjamiu merged 2 commits into
mainfrom
docs/clarify-secrets-653
Jul 1, 2026
Merged

docs: Clarify secret access, production storage, and Cloud secrets#663
developerjamiu merged 2 commits into
mainfrom
docs/clarify-secrets-653

Conversation

@developerjamiu

Copy link
Copy Markdown
Contributor

Closes #653.

The configuration docs explained how to declare secrets but not how to read them, which left a few recurring questions unanswered (the most common: "can I use getPassword in my Flutter app?"). This adds three subsections to the Secrets section of 07-configuration.md:

  • Accessing Secrets in Code — secrets are server-side only and never reach the Flutter app. Read them with session.passwords['name'] / session.serverpod.getPassword('name') inside endpoints, or pod.getPassword('name') at startup. The stripeApiKey example threads through from where it's declared above.
  • Secrets in Productionconfig/passwords.yaml and credential files are gitignored by default; in production, set secrets via SERVERPOD_PASSWORD_* env vars or your host's secret manager.
  • Secrets on Serverpod Cloud — short pointer to scloud password set (with --from-file for JSON credentials), linking to the Cloud passwords/secrets reference for the full story.

Scope is deliberately the configuration page plus a cross-link; the Cloud side is already covered in the Cloud docs, so this doesn't duplicate it.

Verification

  • getPassword / session.passwords against framework source (serverpod.dart, session.dart); confirmed no getPassword in serverpod_client (server-side only).
  • Default .gitignore entries for passwords.yaml and firebase_service_account_key.json against the starter template.
  • The Cloud scloud password set / --from-file round-trip run against a live Cloud project (set, listed as SET (User), encrypted).
  • Docs build passes; no broken links.

@developerjamiu developerjamiu changed the title Clarify secret access, production storage, and Cloud secrets docs: Clarify secret access, production storage, and Cloud secrets Jun 30, 2026
@developerjamiu developerjamiu added documentation Improvements or additions to documentation enhancement New feature or request labels Jun 30, 2026
@developerjamiu developerjamiu requested review from a team and Zfinix June 30, 2026 07:50
Comment thread docs/06-concepts/07-configuration.md Outdated
Comment thread docs/06-concepts/07-configuration.md Outdated
@developerjamiu developerjamiu requested a review from Zfinix July 1, 2026 12:03
@developerjamiu developerjamiu merged commit 6ee7ab2 into main Jul 1, 2026
4 checks passed
@developerjamiu developerjamiu deleted the docs/clarify-secrets-653 branch July 1, 2026 13:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

documentation Improvements or additions to documentation enhancement New feature or request

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Clarify secrets: startup vs endpoint access, and Serverpod Cloud

2 participants