Using secrets
Premium

Using Secrets in Request Fields

Secrets are accessed in the same way as collection and environment variables. The secrets can be accessed in headers, query, body, auth input fields similar to collection and environment variables.

Secrets need to be prefixed with $secrets followed by the secret name and then the key name, all separated by periods.

Pattern: $secrets.<secret-name>.<key-name>.

If you have a secret named dbCredentials with a key username, you can reference it as: $secrets.dbCredentials.username

Using Secrets in Scripts

You can also access secrets from within Pre-request and Post-request scripts using the bru.getSecretVar() function.

const secretValue = bru.getSecretVar('<secret-name>.<key-name>');
console.log(secretValue); // This will log the value of your secret
 
// Example: Using Azure Key Vault secrets in authentication
const apiKey = bru.getSecretVar('azure-secrets.api-key');
req.setHeader('Authorization', 'Bearer ' + apiKey);

Make sure your Azure Key Vault secret provider is properly configured and the secrets are fetched before using them in scripts. Verify that the secret names and key names match exactly with your Azure Key Vault configuration.

Configuring and Fetching Secrets Overview

Using secretsPremium

Using Secrets in Request Fields

Using Secrets in Scripts

Using secrets
Premium