Secrets management

Fused provides a built-in secrets manager to securely store and access sensitive credentials like API keys, database passwords, and tokens. Secrets are encrypted in the Fused backend and scoped to your account or organization.

Storing secrets

In Workbench, go to Preferences and find the Secrets section. Click "+ Add new secret" to add a key-value pair.

secrets management

Accessing secrets in UDFs

Use fused.secrets to retrieve stored secrets by name:

import fused

@fused.udf
def udf():
    api_key = fused.secrets["OPENAI_API_KEY"]

    import openai
    client = openai.OpenAI(api_key=api_key)
    ...

Security notes

Secrets are stored encrypted in the Fused backend.
Any secrets added to Fused are accessible by anyone in your team.
Never print or return secret values from UDFs — anyone calling the UDF could otherwise read them.
Use fused.secrets instead of .env files to keep credentials out of your codebase.

For more on writing UDFs securely, see Security best practices.

Storing secrets​

Accessing secrets in UDFs​

Security notes​

Storing secrets

Accessing secrets in UDFs

Security notes