CorvidReference

wix-secrets-backend

The wix-secrets-backend module contains functionality for retrieving secrets you safely store in your site's Secrets Manager.

The Secrets Manager allows you to store and encrypt API keys and other secrets on your site. With the Secrets API, you can safely work with secrets in your backend code.

Follow this general procedure for working with API keys or other secrets using the Secrets Manager:

  1. Get private information such as an API key from a 3rd-party service.
  2. Store the private information as a new secret in the Secrets Manager in your site's dashboard. Assign a name to the secret.
  3. In your backend code, instead of hardcoding the API key, use the getSecret() function with the secret name assigned in the Secrets Manager. When the code runs, the value of the secret is extracted from the Secrets Manager.

Note: By default, site contributors do not have permission to create secrets and view secret values in the Secrets Manager. Contributors who have access to the editor can retrieve a secret's value using code.

To use the Secrets API, import the getSecret() function from the wix-secrets-backend module:

   import {getSecret} from 'wix-secrets-backend';

Table of Contents

FUNCTIONS

?
Perform actions on an object.
getSecret( )Gets a secret by name.

getSecret( )

Gets a secret by name.

Description

The getSecret() function returns a Promise that resolves to the value of the secret that was stored in the Secrets Manager with the given name.

Note

To prevent malicious users from accessing the value of your secret, don't return the value of the secret to client side. Only use the secret's value in the backend.

Syntax

function getSecret(name: string): Promise<string>
PARAMETERS
?
Values that you pass to a function.
name
string
The name of the secret to get the value of.
RETURN VALUE
?
Value that a function evaluates to when it is finished running.
Promise<string>

Fulfilled - The value of the secret with the given name. Rejected - Error message.

Examples

Get a secret and use it to fetch a JSON from a 3rd-party service

import {getSecret} from 'wix-secrets-backend';
import {getJSON} from 'wix-fetch';

export function getSomeJSON() {
  return getSecret("myApiKeyName")
    .then((secret) => {
      return getJSON(`https://someapi.com/api/someendpoint?apiKey=${secret}`);
    })
    .catch((error) => {
      console.log(error);
    });
}

Get an API key and use it to fetch a JSON from a weather service

In this example, we use the Secrets API to get an API key from the Secrets Manager. We use the key in the backend to fetch a JSON with weather information from a 3rd-party service, and return the JSON to the client side.
/************************************
 * backend code - getWeather.jsw *
 ************************************/

 import {getSecret} from 'wix-secrets-backend';
 import {getJSON} from 'wix-fetch';

 export async function getWeatherJson() {
   const secret = await getSecret("openWeatherApiKey");
   return getJSON(`https://api.openweathermap.org/data/2.5/weather?q=London&units=metric&APPID=${secret}`);
 }

/********************
 * client-side code *
 ********************/

 import {getWeatherJson} from 'backend/getWeather';

 export async function getWeather_click(event) {
   let json = await getWeatherJson();
   $w('#weather').text = json.weather[0].description; // "mist"
   $w('#temp').text = json.main.temp; // 9.4 (degrees Celsius)
 }

Get an API key and use it to send an email with the SendGrid npm interface

In this example, we added the SendGrid package to our site using the Package Manager. We created a backend function that gets an API key from the Secrets Manager, sets it as the SendGrid API key, and sends an email using the SendGrid service. We call the function from the client side when a site visitor submits email information via a form.
/************************************
 * backend code - sendEmail.jsw *
 ************************************/

 import {getSecret} from 'wix-secrets-backend';
 import sendGridMail from '@sendgrid/mail';

 export async function sendEmail(recipient, sender, subject, body) {
   const secret = await getSecret("SendGridApiKey");
   sendGridMail.setApiKey(secret);
   const message = {
     "to": recipient,
     "from": sender,
     "subject": subject,
     "text": body
   };
   sendGridMail.send(message);
 }

/********************
 * client-side code *
 ********************/

 import {sendEmail} from 'backend/sendEmail';

 export function sendEmailButton_click(event) {
   sendEmail(
     $w("#toEmail").value,
     $w("#fromEmail").value,
     $w("#subject").value,
     $w("#emailContent").value
   )
   .then(() => {
     console.log("Email sent");
   })
   .catch((error) => {
     console.log(error);
   })
 }