Protecting sensitive data using Secret Manager in .Net Core

-

Accidentally pushing sensitive data stored in application config into source controls!!! Thankfully this happens to many not only you ๐Ÿ˜œ. It feels good when you have company doing mistakes or anything else.

So here is how make sure this does not happen again. There are multiple ways to protect, the one we will learn now is using Secret Manager tool in #dotnetcore.
All we have to do use dotnet user-secrets this command. Before using it remove the sensitive value of the property you are trying to hide.
In my case it is "TwilioAuthToken":"" in appsettings.json file.
Now in the terminal run this below command,
dotnet add package Microsoft.Extensions.SecretManager.Tools
We have the necessary tools required to run the commands on user-secrets.
Lets create a key value vault for our project in *.csproj file like this
<PropertyGroup>
<UserSecretsId>LocalKeyVault</UserSecretsId>
</PropertyGroup>
Once you have a vault create we can now add/remove key value using this command
dotnet user-secrets set TwilioAuthToken secretcodegoeshere
Done! Now accessing this using configuration["TwilioAuthToken"] gets me the config value from %AppData%\Microsoft\UserSecrets\LocalKeyVault\secrets.jsonWhich I am sure is not gonna get checked-in mistakenly๐Ÿ˜œ
-Photo by Micah Williams on Unsplash

Comments

Post a Comment

Popular posts from this blog

Launch .Net Core with VSCode for starters

-
Image
To use VSCode for .net core you would need Omnisharp extension so that we can debug our application just like as in Visual Studio. -- Photo by  SpaceX  on  Unsplash Using the dotnet new command we create a web and an API project dotnet new webapp appname.web dotnet new webapi appname.api Create a solution so that it wraps all the projects in one place dotnet new sln appname dotnet sln add appname.web appname.api After building the Web and the API projects we need to create the launch.json which VScode refers to build and debug the application. For a complete reference on doing these projects consider this great resource . You can always use VSCode terminal to run these above commands as well, also note you can open multiple terminals the same VSCode instance like this . Setup the launch.json by clicking on add configuration and select .Net core web app. we will need to add two such configurations one for web and another for web api. For web api yo
Read more

Chrome in a nut shell

-
Image
I've always been fascinated by Google's approach to invade "The Internet" (i got a gut feeling that this invasion is going to bring good.).Well it all started when Google released their browser Chrome. I will be sharing tiny bits of tip on chrome browser Chrome started in sep 2008 and am stuck with it ever since, the simple idea of creating a process for individual tabs and sandboxing it was the core what pulled me in.Understanding chrome was like reading a comic (literally). Chrome at a very high level Chrome has 4 release channels, Stable : Targets layman or people who want rock solid completely tested browser.Its more of fully polished product. Beta : This channel is the last filter the build goes through before going stable. Dev : This channel features the latest version of chrome build and prone to crashes.People who like to preview a lot of features (like me ;) ) and help google's open source project in a least possible way should be opting fo
Read more

Developing SMS Services in C#

-
Image
            This following project has been sticking my back since my engineering from past 4 years.Ever since then the same cookie was served in different plates. i meant to say one functionality was implemented for different applications. In this post i will be implementing the project for a college domain.Say there is a database that stores the student details like attendance,marks,profile,etc,.Our application will receive a message sent from cell phone and query the database to retrieve the result and send it back to the respective user. Now to receive & send a message we will be using a GSM modem(something similar to a cell phone) now the modem looks something like this the black slot on the PCB(printed circuit board) is to insert a sim card. "A picture is worth thousand words " so trying to put the whole process in nut shell..... I know this is not worth thousand words, forgive me will try to picturize better next time. Lets start CODING!! To c
Read more