Reading time 2 min

You can securely store and use API keys and credentials, tokens, passwords, and key-value pairs. APIsec vault is just like a password manager that securely stores all your credentials for ease of access.

In the below screenshot, you can see all the stored credentials. When you integrate an account with your APIsec account the credentials are automatically stored in the vault.

APIsec also allows you to add new credentials in the vault for later use.

To add new credentials:

1. click '+ New Credentials'.
   
2. Provide the name you would like to associate with the credentials. It is recommended to provide unique names for the ease of identification.
   
3. Select the account type against those credentials. There are number of account types available for API Gateways, Version Control, Notifications, Scanner Deployment, Issue Trackers, Report Storage, and Notifications.

Github was selected for this example Version Control. This account type only requires name and personal access token (PAT).
You can read the GitHub official documentation by clicking 'learn more' for generating the PAT.

Note: The credentials requirement varies according to the account type. Also, it is advised to provide the mandatory and optional account credentials for smooth integration.

4. click 'Create' and the credentials will be successfully added in the vault.

How does APIsec keep items in your vault secure?

APIsec stores the vault data in a postgreSQL database encrypted using PGP with a symmetric key.

APISec passes a secret key (called as session key) DB to encrypt and decrypt. The Key and its size can't be revealed.

For more details on how the PGP Encrption works refer Section "F.28.3. PGP Encryption Functions" at https://www.postgresql.org/docs/current/pgcrypto.html