Managing Secrets
JustWorkflowIt provides encrypted organization secrets that can be bound to workflow steps, giving your workflows secure access to API keys, credentials, and other sensitive values without exposing them in step definitions.
Creating Secrets
Section titled “Creating Secrets”curl -X POST https://api.justworkflowit.com/organizations/$ORG_ID/secrets \ -H "Authorization: Bearer $TOKEN" \ -H "Content-Type: application/json" \ -d '{ "key": "GITHUB_TOKEN", "value": "ghp_xxxxxxxxxxxx", "description": "GitHub API token for CI integrations" }'Secret values are encrypted at rest and never returned in API responses. Only the key, description, and metadata are visible via GetOrganizationSecret and ListOrganizationSecrets.
Binding Secrets to Steps
Section titled “Binding Secrets to Steps”Secrets are bound to specific workflow steps via secretBindings in the step’s integrationDetails. When the step executes, the engine creates short-lived tokens that resolve the bound secrets — tokens are scoped to a single step execution and automatically cleaned up afterward.
Managing Secrets
Section titled “Managing Secrets”| Operation | Description |
|---|---|
CreateOrganizationSecret | Store a new encrypted secret |
ListOrganizationSecrets | List secret metadata (never values) |
GetOrganizationSecret | View a single secret’s metadata |
UpdateOrganizationSecret | Update the value or description |
DeleteOrganizationSecret | Permanently remove a secret |