{"id":3319,"date":"2018-03-24T07:01:01","date_gmt":"2018-03-24T01:31:01","guid":{"rendered":"https:\/\/www.botreetechnologies.com\/blog\/?p=3319"},"modified":"2020-12-08T11:26:32","modified_gmt":"2020-12-08T05:56:32","slug":"encrypted-credentials-a-new-way-to-use-secrets-in-rails-5-2","status":"publish","type":"post","link":"https:\/\/www.botreetechnologies.com\/blog\/encrypted-credentials-a-new-way-to-use-secrets-in-rails-5-2\/","title":{"rendered":"Encrypted Credentials in Ruby on Rails – A New Way to Securing Web App"},"content":{"rendered":"\n

Developers always want to keep their credentials safe. But they need to share it internally while development and it is possible that credentials can be made public mistakenly.<\/p>\n\n\n\n

To make our old secrets.yml<\/code><\/i> more secure Rails core team introduced Encrypted credentials in Rails 5.1.<\/p>\n\n\n\n

In Rails 5.1 there were two files secrets.yml.enc<\/code><\/i> and secrets.yml<\/code><\/i> and it was creating confusion for our beloved SECRET_BASE_KEY<\/code><\/i>. To remove this dilemma Rails core<\/a> team decided to remove those two files and having only one file where you can store your all secret stuff like AWS key, database password, API keys and whatever which you want to make secret from the outside world and even from you!<\/p>\n\n\n\n

So, lets see how to have this encrypted file, how to manage it, how to edit it and how to access it in your project.<\/p>\n\n\n\n

As encrypted credentials shipped with rails you have to install this version of rails. You can do it using this command:<\/p>\n\n\n\n

gem install rails --pre --no-ri --no-rdoc<\/code><\/p><\/blockquote>\n\n\n\n

After installing rails 5.2 create new project using this version and you will see two files in config<\/code><\/i> folder config\/master.key<\/code><\/i> and config\/credentials.yml.enc<\/code><\/i>. You can share master.key<\/code><\/i> with your team but don’t check into shared repository. Rails will be automatically adding it to .gitignore<\/code><\/i> file for you. master.key<\/code><\/i> is the key which is necessary to de-crypt encrypted credentials. The encrypted credentials are saved on config\/credentials.yml.enc<\/code><\/i>.<\/p>\n\n\n\n

Now, you might have questioned how to edit credentials.yml.enc<\/code><\/i>? You can not directly edit this file as all credentials are in encrypted form. You have to use the command rails credentials:edit<\/code><\/i> to edit them. You can do it using your favorite editor too. Here I am using Sublime.<\/p>\n\n\n\n

EDITOR=\"subl --wait\" bin\/rails credentials:edit<\/code><\/p><\/blockquote>\n\n\n\n

Now you can edit your credentials in yaml<\/i> format like we were doing in older version of rails for secrets.yml<\/code><\/i>.<\/p>\n\n\n\n

You can access the credentials anywhere in your application with Rails.application.credentials.key_name The biggest advantage I can see of encrypted credentials is you can push this file to git and you can have the track of history now.<\/p>\n\n\n\n

Thank you for reading!<\/p>\n\n\n\n

Click here for more<\/b> details…<\/strong><\/a><\/p>\n\n\n\n

At BoTree Technologies<\/a>, we build enterprise applications with our RoR team of 25+ engineers.<\/p>\n\n\n\n

We also specialize in Python, RPA, AI, Django, JavaScript and ReactJS.<\/p>\n\n\n\n

Consulting is free<\/a> – let us help you grow!<\/h3>\n\n\n\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

Developers always want to keep their credentials safe. But they…<\/p>\n","protected":false},"author":8,"featured_media":13759,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[73,10],"tags":[],"class_list":["post-3319","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-ruby-on-rails","category-technology"],"yoast_head":"\nEncrypted Credentials in Ruby on Rails - A New Way to Securing Web App<\/title>\n<meta name=\"description\" content=\"Developers always want to keep their credentials safe. But they need to share it internally while development and it is possible that credentials can be made public mistakenly.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.botreetechnologies.com\/blog\/encrypted-credentials-a-new-way-to-use-secrets-in-rails-5-2\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Encrypted Credentials in Ruby on Rails - A New Way to Securing Web App\" \/>\n<meta property=\"og:description\" content=\"Developers always want to keep their credentials safe. But they need to share it internally while development and it is possible that credentials can be made public mistakenly.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.botreetechnologies.com\/blog\/encrypted-credentials-a-new-way-to-use-secrets-in-rails-5-2\/\" \/>\n<meta property=\"og:site_name\" content=\"BoTree Technologies\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/BoTreeTechnologies\/\" \/>\n<meta property=\"article:published_time\" content=\"2018-03-24T01:31:01+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-12-08T05:56:32+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.botreetechnologies.com\/blog\/wp-content\/uploads\/2018\/03\/encrypted-credentials-in-ruby-on-rails.jpeg\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"683\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Sanjay Prajapati\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@BoTreeTech\" \/>\n<meta name=\"twitter:site\" content=\"@BoTreeTech\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Sanjay Prajapati\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.botreetechnologies.com\/blog\/encrypted-credentials-a-new-way-to-use-secrets-in-rails-5-2\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.botreetechnologies.com\/blog\/encrypted-credentials-a-new-way-to-use-secrets-in-rails-5-2\/\"},\"author\":{\"name\":\"Sanjay Prajapati\",\"@id\":\"https:\/\/www.botreetechnologies.com\/blog\/#\/schema\/person\/b628623fa9d946d2258f506a476b45e3\"},\"headline\":\"Encrypted Credentials in Ruby on Rails – A New Way to Securing Web App\",\"datePublished\":\"2018-03-24T01:31:01+00:00\",\"dateModified\":\"2020-12-08T05:56:32+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.botreetechnologies.com\/blog\/encrypted-credentials-a-new-way-to-use-secrets-in-rails-5-2\/\"},\"wordCount\":370,\"commentCount\":0,\"image\":{\"@id\":\"https:\/\/www.botreetechnologies.com\/blog\/encrypted-credentials-a-new-way-to-use-secrets-in-rails-5-2\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.botreetechnologies.com\/blog\/wp-content\/uploads\/2018\/03\/encrypted-credentials-in-ruby-on-rails.jpeg\",\"articleSection\":[\"Ruby on Rails\",\"Technology\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.botreetechnologies.com\/blog\/encrypted-credentials-a-new-way-to-use-secrets-in-rails-5-2\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.botreetechnologies.com\/blog\/encrypted-credentials-a-new-way-to-use-secrets-in-rails-5-2\/\",\"url\":\"https:\/\/www.botreetechnologies.com\/blog\/encrypted-credentials-a-new-way-to-use-secrets-in-rails-5-2\/\",\"name\":\"Encrypted Credentials in Ruby on Rails - A New Way to Securing Web App\",\"isPartOf\":{\"@id\":\"https:\/\/www.botreetechnologies.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.botreetechnologies.com\/blog\/encrypted-credentials-a-new-way-to-use-secrets-in-rails-5-2\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.botreetechnologies.com\/blog\/encrypted-credentials-a-new-way-to-use-secrets-in-rails-5-2\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.botreetechnologies.com\/blog\/wp-content\/uploads\/2018\/03\/encrypted-credentials-in-ruby-on-rails.jpeg\",\"datePublished\":\"2018-03-24T01:31:01+00:00\",\"dateModified\":\"2020-12-08T05:56:32+00:00\",\"author\":{\"@id\":\"https:\/\/www.botreetechnologies.com\/blog\/#\/schema\/person\/b628623fa9d946d2258f506a476b45e3\"},\"description\":\"Developers always want to keep their credentials safe. But they need to share it internally while development and it is possible that credentials can be made public mistakenly.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.botreetechnologies.com\/blog\/encrypted-credentials-a-new-way-to-use-secrets-in-rails-5-2\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.botreetechnologies.com\/blog\/encrypted-credentials-a-new-way-to-use-secrets-in-rails-5-2\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.botreetechnologies.com\/blog\/encrypted-credentials-a-new-way-to-use-secrets-in-rails-5-2\/#primaryimage\",\"url\":\"https:\/\/www.botreetechnologies.com\/blog\/wp-content\/uploads\/2018\/03\/encrypted-credentials-in-ruby-on-rails.jpeg\",\"contentUrl\":\"https:\/\/www.botreetechnologies.com\/blog\/wp-content\/uploads\/2018\/03\/encrypted-credentials-in-ruby-on-rails.jpeg\",\"width\":1024,\"height\":683,\"caption\":\"Securing Rails Applications with Encrypted Secrets(Credentials)\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.botreetechnologies.com\/blog\/encrypted-credentials-a-new-way-to-use-secrets-in-rails-5-2\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.botreetechnologies.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Encrypted Credentials in Ruby on Rails – A New Way to Securing Web App\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.botreetechnologies.com\/blog\/#website\",\"url\":\"https:\/\/www.botreetechnologies.com\/blog\/\",\"name\":\"BoTree Technologies\",\"description\":\"Committed to inspire generation.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.botreetechnologies.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.botreetechnologies.com\/blog\/#\/schema\/person\/b628623fa9d946d2258f506a476b45e3\",\"name\":\"Sanjay Prajapati\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.botreetechnologies.com\/blog\/wp-content\/uploads\/2020\/10\/sanjay-prajapati-150x150.png\",\"url\":\"https:\/\/www.botreetechnologies.com\/blog\/wp-content\/uploads\/2020\/10\/sanjay-prajapati-150x150.png\",\"contentUrl\":\"https:\/\/www.botreetechnologies.com\/blog\/wp-content\/uploads\/2020\/10\/sanjay-prajapati-150x150.png\",\"caption\":\"Sanjay Prajapati\"},\"description\":\"Sanjay is a Ruby on Rails Engineer, who also works with Javascript and React. He has strong experience in working with domains like eCommerce, Health and Insurance. In his spare time, he enjoys reading and writing blogs and he is excited to help add the company to his list of successes.\u200b\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Encrypted Credentials in Ruby on Rails - A New Way to Securing Web App","description":"Developers always want to keep their credentials safe. But they need to share it internally while development and it is possible that credentials can be made public mistakenly.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.botreetechnologies.com\/blog\/encrypted-credentials-a-new-way-to-use-secrets-in-rails-5-2\/","og_locale":"en_US","og_type":"article","og_title":"Encrypted Credentials in Ruby on Rails - A New Way to Securing Web App","og_description":"Developers always want to keep their credentials safe. But they need to share it internally while development and it is possible that credentials can be made public mistakenly.","og_url":"https:\/\/www.botreetechnologies.com\/blog\/encrypted-credentials-a-new-way-to-use-secrets-in-rails-5-2\/","og_site_name":"BoTree Technologies","article_publisher":"https:\/\/www.facebook.com\/BoTreeTechnologies\/","article_published_time":"2018-03-24T01:31:01+00:00","article_modified_time":"2020-12-08T05:56:32+00:00","og_image":[{"width":1024,"height":683,"url":"https:\/\/www.botreetechnologies.com\/blog\/wp-content\/uploads\/2018\/03\/encrypted-credentials-in-ruby-on-rails.jpeg","type":"image\/jpeg"}],"author":"Sanjay Prajapati","twitter_card":"summary_large_image","twitter_creator":"@BoTreeTech","twitter_site":"@BoTreeTech","twitter_misc":{"Written by":"Sanjay Prajapati","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.botreetechnologies.com\/blog\/encrypted-credentials-a-new-way-to-use-secrets-in-rails-5-2\/#article","isPartOf":{"@id":"https:\/\/www.botreetechnologies.com\/blog\/encrypted-credentials-a-new-way-to-use-secrets-in-rails-5-2\/"},"author":{"name":"Sanjay Prajapati","@id":"https:\/\/www.botreetechnologies.com\/blog\/#\/schema\/person\/b628623fa9d946d2258f506a476b45e3"},"headline":"Encrypted Credentials in Ruby on Rails – A New Way to Securing Web App","datePublished":"2018-03-24T01:31:01+00:00","dateModified":"2020-12-08T05:56:32+00:00","mainEntityOfPage":{"@id":"https:\/\/www.botreetechnologies.com\/blog\/encrypted-credentials-a-new-way-to-use-secrets-in-rails-5-2\/"},"wordCount":370,"commentCount":0,"image":{"@id":"https:\/\/www.botreetechnologies.com\/blog\/encrypted-credentials-a-new-way-to-use-secrets-in-rails-5-2\/#primaryimage"},"thumbnailUrl":"https:\/\/www.botreetechnologies.com\/blog\/wp-content\/uploads\/2018\/03\/encrypted-credentials-in-ruby-on-rails.jpeg","articleSection":["Ruby on Rails","Technology"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.botreetechnologies.com\/blog\/encrypted-credentials-a-new-way-to-use-secrets-in-rails-5-2\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.botreetechnologies.com\/blog\/encrypted-credentials-a-new-way-to-use-secrets-in-rails-5-2\/","url":"https:\/\/www.botreetechnologies.com\/blog\/encrypted-credentials-a-new-way-to-use-secrets-in-rails-5-2\/","name":"Encrypted Credentials in Ruby on Rails - A New Way to Securing Web App","isPartOf":{"@id":"https:\/\/www.botreetechnologies.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.botreetechnologies.com\/blog\/encrypted-credentials-a-new-way-to-use-secrets-in-rails-5-2\/#primaryimage"},"image":{"@id":"https:\/\/www.botreetechnologies.com\/blog\/encrypted-credentials-a-new-way-to-use-secrets-in-rails-5-2\/#primaryimage"},"thumbnailUrl":"https:\/\/www.botreetechnologies.com\/blog\/wp-content\/uploads\/2018\/03\/encrypted-credentials-in-ruby-on-rails.jpeg","datePublished":"2018-03-24T01:31:01+00:00","dateModified":"2020-12-08T05:56:32+00:00","author":{"@id":"https:\/\/www.botreetechnologies.com\/blog\/#\/schema\/person\/b628623fa9d946d2258f506a476b45e3"},"description":"Developers always want to keep their credentials safe. But they need to share it internally while development and it is possible that credentials can be made public mistakenly.","breadcrumb":{"@id":"https:\/\/www.botreetechnologies.com\/blog\/encrypted-credentials-a-new-way-to-use-secrets-in-rails-5-2\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.botreetechnologies.com\/blog\/encrypted-credentials-a-new-way-to-use-secrets-in-rails-5-2\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.botreetechnologies.com\/blog\/encrypted-credentials-a-new-way-to-use-secrets-in-rails-5-2\/#primaryimage","url":"https:\/\/www.botreetechnologies.com\/blog\/wp-content\/uploads\/2018\/03\/encrypted-credentials-in-ruby-on-rails.jpeg","contentUrl":"https:\/\/www.botreetechnologies.com\/blog\/wp-content\/uploads\/2018\/03\/encrypted-credentials-in-ruby-on-rails.jpeg","width":1024,"height":683,"caption":"Securing Rails Applications with Encrypted Secrets(Credentials)"},{"@type":"BreadcrumbList","@id":"https:\/\/www.botreetechnologies.com\/blog\/encrypted-credentials-a-new-way-to-use-secrets-in-rails-5-2\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.botreetechnologies.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Encrypted Credentials in Ruby on Rails – A New Way to Securing Web App"}]},{"@type":"WebSite","@id":"https:\/\/www.botreetechnologies.com\/blog\/#website","url":"https:\/\/www.botreetechnologies.com\/blog\/","name":"BoTree Technologies","description":"Committed to inspire generation.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.botreetechnologies.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.botreetechnologies.com\/blog\/#\/schema\/person\/b628623fa9d946d2258f506a476b45e3","name":"Sanjay Prajapati","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.botreetechnologies.com\/blog\/wp-content\/uploads\/2020\/10\/sanjay-prajapati-150x150.png","url":"https:\/\/www.botreetechnologies.com\/blog\/wp-content\/uploads\/2020\/10\/sanjay-prajapati-150x150.png","contentUrl":"https:\/\/www.botreetechnologies.com\/blog\/wp-content\/uploads\/2020\/10\/sanjay-prajapati-150x150.png","caption":"Sanjay Prajapati"},"description":"Sanjay is a Ruby on Rails Engineer, who also works with Javascript and React. He has strong experience in working with domains like eCommerce, Health and Insurance. In his spare time, he enjoys reading and writing blogs and he is excited to help add the company to his list of successes.\u200b"}]}},"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/www.botreetechnologies.com\/blog\/wp-json\/wp\/v2\/posts\/3319","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.botreetechnologies.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.botreetechnologies.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.botreetechnologies.com\/blog\/wp-json\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/www.botreetechnologies.com\/blog\/wp-json\/wp\/v2\/comments?post=3319"}],"version-history":[{"count":1,"href":"https:\/\/www.botreetechnologies.com\/blog\/wp-json\/wp\/v2\/posts\/3319\/revisions"}],"predecessor-version":[{"id":13762,"href":"https:\/\/www.botreetechnologies.com\/blog\/wp-json\/wp\/v2\/posts\/3319\/revisions\/13762"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.botreetechnologies.com\/blog\/wp-json\/wp\/v2\/media\/13759"}],"wp:attachment":[{"href":"https:\/\/www.botreetechnologies.com\/blog\/wp-json\/wp\/v2\/media?parent=3319"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.botreetechnologies.com\/blog\/wp-json\/wp\/v2\/categories?post=3319"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.botreetechnologies.com\/blog\/wp-json\/wp\/v2\/tags?post=3319"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}