Adding Secrets to SaaS Portal
I’m working in a SaaS environment and trying to figure out how to manage secrets. According to the documentation, the Xperience Portal should be able to handle them, but I haven’t been able to find anywhere in my project’s portal to actually store these. Has anyone come across this feature, or does it not exist?
If it isn’t available, what approaches or tools would you recommend for securely storing secrets in a SaaS application?
Answers
Managing configuration and secrets in Xperience by Kentico SaaS is on our public roadmap.
For now, I recommend hydrating your appsettings.json file (for each environment) with your secrets in your CD pipeline, before the package is uploaded to the Xperience Portal.
You can see how the Kentico Community Portal accesses secrets in a GitHub action.
Using this approach you can populate your various appsettings.json files with secret values from your CI/CD platform (e.g. GitHub, Azure DevOps). Then, zip the publish artifact and upload it to the Xperience Portal.
Xperience by Kentico has environment specific extension methods and will automatically use the correct environment's appsettings.json file if its available when the app is deployment.
To answer this question, you have to login first.