Secure Variable Storage (SVS) is a feature that allows you to store sensitive information securely within RapidSpike. You can use this information in User Journeys when inputting information such as:
- Email addresses
- API keys
You can access Secure Variables in scripts but will never be displayed in your RapidSpike account. They are alike to Script Variables in that you can recall them later within your journey script.
Where are Secure Variables Stored
They are stored in an encrypted vault. Each RapidSpike account has its own dedicated variable vault which is protected using an encryption key unique to that account. Currently, this vault is hosted in AWS’s Secret Manager, a secure storage service, and it is encrypted using AWS’s Key Management Service for an added layer of protection.
Who can Manage Secure Variables
|Activate SVS||Admins, users|
|Create Variables||Admins, users|
|Read Variable Keys||Admins, Users and View Only users|
|Read Variable Values||Not allowed|
|Updating Variables||Not supported|
Creating Secure Variables
- Log in to your RapidSpike account.
- Go to Settings > Global Settings > Secure Variable Storage.
- Activate SVS if required
- Click Add Variable.
- Enter the key: This is the reference name that you will use in user journey scripts.
- Enter the value: This is the sensitive information you want to store securely.
- You can add more variables at once by clicking Add Another.
- Finally, click Save.
For security purposes, to update a variable, you need to delete it and recreate it with the new value. Only Admins can delete variables.
As an admin user, you have the ability to delete variables.
Deleting a variable makes it immediately unavailable to the scripts using it. Therefore, make sure you are certain that it’s no longer referenced or that you are going to recreate it with a new value.
Using Secure Variables In Scripts
To recall a secure variable in an action, you can use the syntax
$SecureVariable.Key. The key refers to the reference name of the secure variable you created.
The value of the secure variable will not show up within the script itself.