Reference · Glossary

Secrets manager

Central store for API keys, DB passwords, and signing secrets — injected at runtime, not committed to git.

#When to use

Production AI apps with OpenAI keys, webhook HMAC secrets, and DB credentials.

#When not to

Local `.env` files are fine for solo dev — still never commit them.

#Example

Cloud secret `OPENAI_API_KEY` mounted into the pod; readiness fails if the secret is missing.