Documentation Index Fetch the complete documentation index at: https://mintlify.com/tailor-platform/sdk/llms.txt
Use this file to discover all available pages before exploring further.
Secret Manager provides secure storage for sensitive configuration values that your application needs at runtime.
Overview Secret Manager provides:
Secure storage for sensitive configuration values
Organized secrets within named vaults
Runtime access from executors and workflows
CLI management for secrets lifecycle
Concepts Vaults Vaults are containers that group related secrets together. Each workspace can have multiple vaults, typically organized by purpose or environment.
workspace/ ├── vault: api-keys │ ├── stripe-secret-key │ ├── sendgrid-api-key │ └── external-service-token └── vault: database ├── read-replica-password └── analytics-connection-string
Secrets Secrets are key-value pairs stored within a vault. Secret values are encrypted at rest and only accessible at runtime by authorized services.
Using Secrets In Webhook Operations Reference secrets in webhook headers using the vault/key syntax:
import { createExecutor , recordCreatedTrigger } from "@tailor-platform/sdk" ; import { order } from "../tailordb/order" ; export default createExecutor ({ name: "notify-external-service" , trigger: recordCreatedTrigger ({ type: order }) , operation: { kind: "webhook" , url: "https://api.example.com/orders" , headers: { "Content-Type" : "application/json" , Authorization: { vault: "api-keys" , key: "external-api-token" }, "X-API-Key" : { vault: "api-keys" , key: "api-secret" }, }, requestBody : ({ newRecord }) => ({ orderId: newRecord . id , amount: newRecord . total , }), } , }) ;
The secret reference format:
{ vault : "vault-name" , key : "secret-name" }
At runtime, these references are replaced with the actual secret values.
CLI Management Create a Vault tailor-sdk secret vault create --name api-keys
Add Secrets Create a secret
Update a secret
tailor-sdk secret create \ --vault-name api-keys \ --name stripe-secret-key \ --value sk_live_xxxxx
List Secrets List vaults
List secrets in a vault
tailor-sdk secret vault list
Delete Secrets Delete a secret
Delete a vault
tailor-sdk secret delete --vault-name api-keys --name old-key --yes
Security Best Practices Never commit secrets to version control Always use Secret Manager for sensitive values instead of hardcoding them in your application code or configuration files.
Organize secrets by purpose Group related secrets in vaults to make management easier and improve security through logical separation.
Example: External API Integration Here’s a complete example of using secrets for an external API integration:
import { createExecutor , recordCreatedTrigger } from "@tailor-platform/sdk" ; import { salesOrder } from "../tailordb/salesOrder" ; export default createExecutor ({ name: "sync-to-external-crm" , description: "Sync sales orders to external CRM system" , trigger: recordCreatedTrigger ({ type: salesOrder , condition : ({ newRecord }) => ( newRecord . totalPrice ?? 0 ) > 100000 , }) , operation: { kind: "webhook" , url: "https://crm.example.com/api/v1/orders" , headers: { "Content-Type" : "application/json" , "Authorization" : { vault: "api-keys" , key: "crm-api-token" }, "X-API-Key" : { vault: "api-keys" , key: "crm-api-key" }, }, requestBody : ({ newRecord }) => ({ orderId: newRecord . id , customerId: newRecord . customerID , totalPrice: newRecord . totalPrice , status: newRecord . status , createdAt: newRecord . createdAt , }), } , }) ;
To set up the secrets for this example:
# Create the vault tailor-sdk secret vault create --name api-keys # Add the secrets tailor-sdk secret create \ --vault-name api-keys \ --name crm-api-token \ --value "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..." tailor-sdk secret create \ --vault-name api-keys \ --name crm-api-key \ --value "sk_live_abc123xyz789"