{"id":26594029,"url":"https://github.com/fkucukkara/secretmanagement101","last_synced_at":"2025-03-23T15:33:13.506Z","repository":{"id":283985634,"uuid":"953478809","full_name":"fkucukkara/secretManagement101","owner":"fkucukkara","description":"This project demonstrates how to securely read app secrets using ASP.NET Core Minimal API.","archived":false,"fork":false,"pushed_at":"2025-03-23T13:20:31.000Z","size":4,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-03-23T14:25:42.351Z","etag":null,"topics":["netcore-webapi","secret-management"],"latest_commit_sha":null,"homepage":"","language":"C#","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/fkucukkara.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2025-03-23T13:18:18.000Z","updated_at":"2025-03-23T13:21:29.000Z","dependencies_parsed_at":"2025-03-23T14:25:45.908Z","dependency_job_id":"c6f23f22-6eae-4743-821f-aa021dc41f9b","html_url":"https://github.com/fkucukkara/secretManagement101","commit_stats":null,"previous_names":["fkucukkara/secretmanagement101"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fkucukkara%2FsecretManagement101","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fkucukkara%2FsecretManagement101/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fkucukkara%2FsecretManagement101/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fkucukkara%2FsecretManagement101/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/fkucukkara","download_url":"https://codeload.github.com/fkucukkara/secretManagement101/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245123470,"owners_count":20564513,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["netcore-webapi","secret-management"],"created_at":"2025-03-23T15:33:13.003Z","updated_at":"2025-03-23T15:33:13.470Z","avatar_url":"https://github.com/fkucukkara.png","language":"C#","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Minimal API with ASP.NET Core - Safe Storage of App Secrets\n\nThis project demonstrates how to securely read **app secrets** using **ASP.NET Core Minimal API**. It uses the local **User Secrets** manager for storing sensitive information during development, following Microsoft's recommended approach.\n\n## ๐Ÿ“‹ Project Overview\n\n- **Language**: C# (.NET 9.0 or later)\n- **Purpose**: Safely store and access development secrets (e.g., API keys) without hardcoding them.\n- **Feature**: Reads a secret (`ServiceApiKey`) from the local secrets manager and exposes it via a `/reveal-secret` endpoint.\n\n## ๐Ÿ“‚ Project Structure\n\n```\nโ”œโ”€โ”€ Program.cs\nโ””โ”€โ”€ README.md\n```\n\n## ๐Ÿ› ๏ธ Prerequisites\n\nEnsure the following are installed on your system:\n\n- .NET 9.0 SDK or later: [Download .NET](https://dotnet.microsoft.com/download)\n\n## ๐Ÿ“œ Code Explanation\n\n`Program.cs`:\n\n```csharp\nvar builder = WebApplication.CreateBuilder(args);\n\nvar app = builder.Build();\n\napp.UseHttpsRedirection();\n\napp.MapGet(\"/reveal-secret\", (IConfiguration config) =\u003e\n{\n var apiKey = config[\"ServiceApiKey\"];\n return apiKey ?? \"Secret not found\";\n});\n\napp.Run();\n```\n\nThis minimal API reads the `ServiceApiKey` from the **User Secrets** and returns it when you call the `/reveal-secret` endpoint.\n\n## ๐Ÿ” Managing Secrets\n\n1. **Initialize User Secrets**\n\nRun this command in the project root to enable **User Secrets**:\n\n```bash\n dotnet user-secrets init\n```\n\n2. **Add a Secret**\n\nStore the `ServiceApiKey` securely using the following command:\n\n```bash\n dotnet user-secrets set \"ServiceApiKey\" \"YourSuperSecretKey\"\n```\n\n3. **Location of Secrets**\n\nOn Windows, secrets are stored in:\n\n```\n%APPDATA%\\Microsoft\\UserSecrets\\\u003cuser_secrets_id\u003e\\secrets.json\n```\n\nOn Linux/macOS:\n\n```\n$HOME/.microsoft/usersecrets/\u003cuser_secrets_id\u003e/secrets.json\n```\n\nExample `secrets.json` file:\n\n```json\n{\n \"ServiceApiKey\": \"YourSuperSecretKey\"\n}\n```\n\n\u003e **Note:** The `user_secrets_id` is defined in the `.csproj` file after initialization.\n\n## โ–ถ๏ธ Running the Application\n\n1. Build and run the API:\n\n```bash\n dotnet run\n```\n\n2. Access the secret by calling the endpoint:\n\n```bash\n curl https://localhost:5001/reveal-secret\n```\n\nExpected output:\n\n```\nYourSuperSecretKey\n```\n\n## ๐Ÿ“š References\n\n- Official Documentation: [Safe storage of app secrets in development in ASP.NET Core](https://learn.microsoft.com/en-us/aspnet/core/security/app-secrets?view=aspnetcore-9.0\u0026tabs=windows)\n\n## ๐Ÿงน Cleaning Up\n\nTo remove the stored secret:\n\n```bash\n dotnet user-secrets remove \"ServiceApiKey\"\n```\n\nOr to clear all secrets:\n\n```bash\n dotnet user-secrets clear\n```\n\n## ๐Ÿ“Œ Notes\n\n- **Do not** store secrets in `appsettings.json` for production.\n- Use **Azure Key Vault** or other secure stores for production environments.\n\n## License\n[![MIT License](https://img.shields.io/badge/license-MIT-blue.svg)](LICENSE)\n\nThis project is licensed under the MIT License. See the [`LICENSE`](LICENSE) file for details.","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffkucukkara%2Fsecretmanagement101","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffkucukkara%2Fsecretmanagement101","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffkucukkara%2Fsecretmanagement101/lists"}