About This Task

With secrets, you can:

• Securely manage API keys required for custom components to authenticate
• Manage both development and production API keys

Secrets create environment variables whose names you specify in the component's code to store API keys. You can create multiple secrets for one provider, such as one for a development key and another for a production key. This makes it possible to easily swap keys in the pipeline configuration.

Secrets and Connections

Both Connections and Secrets set environment variables for components. Provider connections use predefined variables, like OPENAI_API_KEY for the OpenAIGenerator. Secrets offer flexibility by letting you define custom variable names, which are useful for custom components or using multiple API keys for the same provider.

Add a Secret

Add a Secret on the Secrets Page

1. In deepset Cloud, click your initials in the top right corner and choose Secrets>Add New Secret.

   

2. Give your secret the same name as the environment variable where you want to store it.

3. Paste the API key into the Secret field and save it.

Use the Secret in Your Custom Component

Add the secret to the component's code by specifying the environment variable name, which must match the secret's name:

@component
class MyComponent
    def __init__(self, api_key: Secret = Secret.from_env_var("<ENV_VAR_NAME")):
    # the name of the environment variable must be the same as the name of the secret
        ...

If you have multiple secrets for one provider, you can easily switch between them in your pipeline YAML by updating the secret's name:

llm:
  type: dc_custom_component.components.my_components.component1.MyComponent # the path to your component
  init_parameters:
     api_key: {"type": "env_var", "env_vars": ["ENV_VAR_NAME"], "strict": False} # uses the `ENV_VAR_NAME` secret
     # to use another secret, update its name here