Managing credentials is hard. Developers try to keep development credentials separate from Production ones by using weird pre-processor directives or convoluted
Fortunately, .NET Core 3.0 onward now ships with a built-in Secret Manager. These are called User Secrets and are stored on a per-user (duh!) basis typically at this path
To enable user secrets on a project, run the following command while present in the same directory where
Next create a secret in a key/value combination. For example,
To use this secret, you just have to call the
Note that user secrets does not replace any other means of inserting settings in your .NET application. You can still use them together just mindful of the fact that the order in which these settings are loaded defines overriding works.
if...else
statements. If you have ever worked with a development team, you know these quickly go out of hand. You might also have used environment variables to define configuration such as a database connection string. These work great but still cause some issue when moving between Windows and Linux OSes. For example, Bash does not like the :
based hierarchical structure defined by .NET Core. So you have to replace the :
with __
(double underscores). Environment variables are also harder to manage unless you are using a third party tool.Fortunately, .NET Core 3.0 onward now ships with a built-in Secret Manager. These are called User Secrets and are stored on a per-user (duh!) basis typically at this path
%APPDATA%\Microsoft\UserSecrets\<user_secrets_id>\secrets.json
. We need not worry about the location of this file as all this is abstracted away from the user.To enable user secrets on a project, run the following command while present in the same directory where
.csproj
is present:dotnet user-secrets init
This adds a UserSecretsId
element within a PropertyGroup
of the .csproj
file. By default, the inner text of UserSecretsId
is a GUID. The inner text is arbitrary, but is unique to the project.Next create a secret in a key/value combination. For example,
dotnet user-secrets set "ConnectionStrings:AppConfig" "MyConnString"
This user secret source is automatically inserted when CreateDefaultBuilder
method is called and environment is Development
.To use this secret, you just have to call the
Configuration
indexer as you would call normally.public void ConfigureServices(IServiceCollection services)
{
_appConfig = Configuration["ConnectionStrings:AppConfig"];
}
To remove
a secret or clear
all secrets or list
the secrets, use the corresponding remove, clear or list commands. If you are using Visual Studio, you can use the “Manage User Secrets” context menu to manage the secrets.Note that user secrets does not replace any other means of inserting settings in your .NET application. You can still use them together just mindful of the fact that the order in which these settings are loaded defines overriding works.
builder.ConfigureAppConfiguration((hostingContext, config) =>
{
...
config.AddJsonFile("appsettings.json", optional: true, reloadOnChange: true)
// Added before AddUserSecrets to let user secrets override
// environment variables.
config.AddEnvironmentVariables();
}
User Secrets are a great addition to the .NET Core toolbox. They provide a standardized way of managing development secrets without the need to write any extra code or convoluted logic.
Comments
Post a Comment
As far as possible, please refrain from posting Anonymous comments. I would really love to know who is interested in my blog! Also check out the FAQs section for the comment policy followed on this site.