Skip to content


A secret is a piece of sensitive information that is used in a workload. This can be a password, an API key, or any other information that should not be exposed to the public.

Secrets are kept separate from the codebase and configuration files that are usually stored in version control.

There are two types of secrets on the NAIS platform:

  • 👷 Platform-provided secrets

    Platform-provided secrets are provisioned and managed by the platform.

    • These typically contain credentials used for integrating with services that NAIS supports, such as databases, Kafka and so on.
    • You will generally not deal with these secrets as their values are automatically made available to your workloads at runtime.
  • 🧑‍💻 User-defined secrets

    User-defined secrets are managed by you and your team.

    • These are typically used for integrating with third-party services or APIs that are not provided by NAIS, such as Slack or GitHub.
    • User-defined secrets can also be used to store sensitive information specific to your application, such as encryption keys or other private configuration.

🎯 Learn how to create and manage a secret in Console

🎯 Learn how to use a secret in your workload