Secrets & Safety
Secrets & Safety
Use Laravel encrypted casts by writing credentials into api_key_encrypted and api_secret_encrypted.
Do not log provider definitions directly
Use SearchProviderDefinition::toSafeArray() for logs and audit metadata. It redacts secret values by design.
Operational checklist
- Set provider keys in environment-specific secret storage.
- Insert or update encrypted columns through Eloquent.
- Keep
attemptsfor debugging, not raw HTTP payloads with headers. - Rotate keys provider by provider using priority fallback.
Last updated:
Edit this page
Recent commits
