How to manage user secrets in Asp.net Core?


Listening is fun too.

Straighten your back and cherish with coffee - PLAY !

 
 

Introduction

In this blog, we will see how to keep our sensitive information secret from others. In our project, we have sensitive information like passwords, API keys, connection string, etc. that we do not want to share with others. Because as we share our project with others then this information from the app setting and other path is also shared with others. So visual studio and asp.net core API provide the tools that are called User Secrets. In which we can store our information in that file and this file will store outside of the project file so it will not share with others.

What are User Secrets?

In our project, there will be sensitive information like passwords, API keys, connection string, etc. that we want to keep secrets from the others so visual studio and asp.net core API provide the tool which is known as User Secrets. For that, we can use the command-line tool. And we can add it from the visual studio directly. We will see it later on this blog with an example.

Secret Manager Tool

During the development of an asp.net core project, secret manager tool stores sensitive data. And it will store in separate location from the project tree. This tool does not encrypt the secrets. This secret is stored in JSON file. To add secret manager tool from visual studio, right click the project and add manage user secrets.

This will generate the empty file named secret.json and at a different location on the local machine.

Path will be looked like:

usersAppDataRoamingMicrosoftUserSecretssecret.json.

Add this tool from the visual studio as shown below.

detection-Angular




Example

There is no step vise declaration of example. Here we will use the command shell for project.


Enable secret storage

dotnet user-secrets init


e4875e8b-e969-4c69-b337-fc503a7b8431


The secret manager tool includes init command in .net core version 3.0 and later. We can use user secrets run the following command. This command will add usersecretId in .csproj file. After that add to as shown below.

In CLI, set directory to our project path then after run this command.


Set a secret

{
  "Key1": "Hello User!",
  "Key2": "Hello World!",
  "Country:INDIA": "GUJARAT"
}

We can also add secrets from the CLI command. We have added the property in the secret.json file manually as:

dotnet user-secrets set "Country:INDIA" "GUJARAT"

We can also set this key value pair from CLI command as below:

In the above CLI command, “Country” is an object which has the “INDIA” as property and its value is “GUJARAT”.

We can use this set from other directories too with “--project” keyword.

dotnet user-secrets set "Country:INDIA" "GUJARAT"  --project  

From this above command we can add secrets to another project specific to the project path.


Get the secrets

We can get all secrets from secret.json file with CLI “list” command. This command will fetch all property from secret.json file and display it.

dotnet user-secrets list
Key2 = Hello World!
Key1 = Hello User!
Country:INDIA = GUJARAT


Remove the secrets

We can remove one or all secrets from secret file with the help of “remove” command of CLI. After use the list command to see if it is removed or not. So, we have run the list command later as shown below command.

This will remove “Key2” from secret file. If we want to remove all properties from secret file then use “clear” command.

dotnet user-secrets remove "Key2"    
dotnet user-secrets list
Key1 = Hello User!
Country:INDIA = GUJARAT

We have seen example of user secrets with CLI. Now access these properties in the controller. Let’s see example.

Example

Controller

In this project, add controller or use the home controller as we did.


Searching forDedicated ASP.Net Core Web Developer ?

Your Search ends here.


Constructor

We have added Iconfiguration interface for fetching these secret properties and display it in the view. We have to just add constructor of controller and define the object of configuration.

private IConfiguration _config;
public HomeController(IConfiguration config)
{
this._config = config;
}

Method

In index method, to fetch property use configuration object and in square bracket name of the property and store the fetched value in the view bag.

public IActionResult Index ()
{
	ViewBag.Key1 = _config["Key1"];
	ViewBag.Key2 = _config["Key2"];
	ViewBag.Key3 = _config["Country:INDIA"];
	return View ();
}
using System;
using System.Collections.Generic;
using System.Diagnostics;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Configuration;
using WebApplication21.Models;
namespace WebApplication21.Controllers
{
    public class HomeController : Controller
    {
        private IConfiguration _config;

        public HomeController(IConfiguration config)
        {
            this._config = config;
        }
        public IActionResult Index()
        {
            ViewBag.Key1 = _config["Key1"];
            ViewBag.Key2 = _config["Key2"];
            ViewBag.Key3 = _config["Country:INDIA"];
            return View();
        }
        public IActionResult About()
        {
            ViewData["Message"] = "Your application description page.";
            return View();
        }
        public IActionResult Contact()
        {
            ViewData["Message"] = "Your contact page.";
            return View();
        }       
    }
}

View

Now create the view of index method and in which we will display that property with the view bag as below:


@{
    ViewData["Title"] = "Home Page";
}

@ViewBag.Key1

@ViewBag.Key2

@ViewBag.Key3

Output

Understanding-Action-Filters

Conclusion

In this blog, we have seen how to add secrets, how to manipulate them, and how to fetch or display them in a project. As we have seen here, there is no file named secret.json in our solution explorer not even in the project directory or folder. This is the main advantage of the user secrets that it will store our secret file outside of the project folder. It will not be share if you wanted to share your project with others.

How to manage user secrets in Asp.net Core?

Introduction

In this blog, we will see how to keep our sensitive information secret from others. In our project, we have sensitive information like passwords, API keys, connection string, etc. that we do not want to share with others. Because as we share our project with others then this information from the app setting and other path is also shared with others. So visual studio and asp.net core API provide the tools that are called User Secrets. In which we can store our information in that file and this file will store outside of the project file so it will not share with others.

What are User Secrets?

In our project, there will be sensitive information like passwords, API keys, connection string, etc. that we want to keep secrets from the others so visual studio and asp.net core API provide the tool which is known as User Secrets. For that, we can use the command-line tool. And we can add it from the visual studio directly. We will see it later on this blog with an example.

Secret Manager Tool

During the development of an asp.net core project, secret manager tool stores sensitive data. And it will store in separate location from the project tree. This tool does not encrypt the secrets. This secret is stored in JSON file. To add secret manager tool from visual studio, right click the project and add manage user secrets.

This will generate the empty file named secret.json and at a different location on the local machine.

Path will be looked like:

usersAppDataRoamingMicrosoftUserSecretssecret.json.

Add this tool from the visual studio as shown below.

detection-Angular




Example

There is no step vise declaration of example. Here we will use the command shell for project.


Enable secret storage

dotnet user-secrets init


e4875e8b-e969-4c69-b337-fc503a7b8431


The secret manager tool includes init command in .net core version 3.0 and later. We can use user secrets run the following command. This command will add usersecretId in .csproj file. After that add to as shown below.

In CLI, set directory to our project path then after run this command.


Set a secret

{
  "Key1": "Hello User!",
  "Key2": "Hello World!",
  "Country:INDIA": "GUJARAT"
}

We can also add secrets from the CLI command. We have added the property in the secret.json file manually as:

dotnet user-secrets set "Country:INDIA" "GUJARAT"

We can also set this key value pair from CLI command as below:

In the above CLI command, “Country” is an object which has the “INDIA” as property and its value is “GUJARAT”.

We can use this set from other directories too with “--project” keyword.

dotnet user-secrets set "Country:INDIA" "GUJARAT"  --project  

From this above command we can add secrets to another project specific to the project path.


Get the secrets

We can get all secrets from secret.json file with CLI “list” command. This command will fetch all property from secret.json file and display it.

dotnet user-secrets list
Key2 = Hello World!
Key1 = Hello User!
Country:INDIA = GUJARAT


Remove the secrets

We can remove one or all secrets from secret file with the help of “remove” command of CLI. After use the list command to see if it is removed or not. So, we have run the list command later as shown below command.

This will remove “Key2” from secret file. If we want to remove all properties from secret file then use “clear” command.

dotnet user-secrets remove "Key2"    
dotnet user-secrets list
Key1 = Hello User!
Country:INDIA = GUJARAT

We have seen example of user secrets with CLI. Now access these properties in the controller. Let’s see example.

Example

Controller

In this project, add controller or use the home controller as we did.


Searching forDedicated ASP.Net Core Web Developer ?

Your Search ends here.


Constructor

We have added Iconfiguration interface for fetching these secret properties and display it in the view. We have to just add constructor of controller and define the object of configuration.

private IConfiguration _config;
public HomeController(IConfiguration config)
{
this._config = config;
}

Method

In index method, to fetch property use configuration object and in square bracket name of the property and store the fetched value in the view bag.

public IActionResult Index ()
{
	ViewBag.Key1 = _config["Key1"];
	ViewBag.Key2 = _config["Key2"];
	ViewBag.Key3 = _config["Country:INDIA"];
	return View ();
}
using System;
using System.Collections.Generic;
using System.Diagnostics;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Configuration;
using WebApplication21.Models;
namespace WebApplication21.Controllers
{
    public class HomeController : Controller
    {
        private IConfiguration _config;

        public HomeController(IConfiguration config)
        {
            this._config = config;
        }
        public IActionResult Index()
        {
            ViewBag.Key1 = _config["Key1"];
            ViewBag.Key2 = _config["Key2"];
            ViewBag.Key3 = _config["Country:INDIA"];
            return View();
        }
        public IActionResult About()
        {
            ViewData["Message"] = "Your application description page.";
            return View();
        }
        public IActionResult Contact()
        {
            ViewData["Message"] = "Your contact page.";
            return View();
        }       
    }
}

View

Now create the view of index method and in which we will display that property with the view bag as below:


@{
    ViewData["Title"] = "Home Page";
}

@ViewBag.Key1

@ViewBag.Key2

@ViewBag.Key3

Output

Understanding-Action-Filters

Conclusion

In this blog, we have seen how to add secrets, how to manipulate them, and how to fetch or display them in a project. As we have seen here, there is no file named secret.json in our solution explorer not even in the project directory or folder. This is the main advantage of the user secrets that it will store our secret file outside of the project folder. It will not be share if you wanted to share your project with others.

  • Pin It
TOP