Should we avoid returning piece secret value from Domino REST to the client side?

[tdari]

I'm working on an enhancement about piece secrets. I wonder is there any reason to avoid returning the secrets value to the client side from the API?

class ListRepositorySecretsResponse(BaseModel):
    id: int
    name: str
    value: str //will be added
    is_filled: bool

it is already encrypted anyway :)

[vinicvaz]

Hey @tdari.

The secret value is encrypted and saved into Domino database and the only one that has right to decrypt it is the api itself.
The secret is injected into the Domino piece by the worker when the piece is being initializated.
The worker uses the {piece_name}/secrets/secrets-values endpoint to get the decrypted secret value, but this communication should be done only internally between services.
The default behavior of this endpoint is to allow any request but when deploying it to production we suggest to block any external requests to this endpoint since it will result in data leak.

Currently we don't plan to allow frontend to access secrets values, what would be the use case you are thinking for this?

[tdari]

Thanks, @vinicvaz. I was planning to add a show secret button for each secret. It's better to show the secret only when adding the secret.