Day 04 - Auth - leaky Secrets ?!

Hi team - so I am nit sure what I’m doing wrong (again)

What I understand is {{postman_api_key}} is set to the value of my personal PMAN API key.

However as soon as I set it I get the ‘Secrets Exposed’ message:

Also, the Auth doesn’t work.

However IF I use the ‘saved auth’ (same key) it works fine:

You should add any sensitive details to the current value and not the initial value. The current value is only stored locally, the initial values are synced.

1 Like

Thanks again Danny - it worked!!

I read this but didn’t fully grasp…

So that I do - Initial Value will be visible forever, esp when shared, ‘Current Value’ is only in current session?

The Initial values will continue to be synced, as long as the value is set in the field so that you can for example, use the same values on the app or web platform if you move between them, using the vscode extension, working with team mates in the same Workspace who want to use those values, using the Postman API to get variable values from the endpoints, etc.

The Current values are only seen by you and don’t leave that current session, these are not synced anywhere. These will only disappear if you remove them or if you end the session by logging out.

Awesome, thanks for the info!

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.