Memex
  • 👋Welcome to Memex
  • Tutorials and Best Practices
    • Building with Memex 101
    • Vibe Coding Troubleshooting Guide
      • Common Challenges and Solutions
      • Debugging Strategies
      • When to Start Fresh vs. When to Persist
      • Ask Memex for Help
  • The Vibe Coding Phrasebook
  • Transitioning from Traditional Coding to Vibe Coding
  • USING MEMEX
    • The Basics
    • Conversations and projects
    • Working with long conversation
    • Advanced control features
    • Checkpoints
    • Secrets
    • Sharing conversations
    • Network Access
  • IN DEPTH
    • Best practices
    • Use-case examples
    • Vibe Coding Best Practices from 10,000 projects
  • Best Practices for Agentic Coding
  • Refactoring Your Vibe Coded Projects
  • Pricing and Billing
    • Plans
    • Billing FAQs
Powered by GitBook
On this page
  • How Memex Stores Secrets Securely
  • Accessing Secrets Management
  • Managing Your Secrets
  • Using Secrets with Memex
  • Legacy Format Migration
  • Security Best Practices

Was this helpful?

  1. USING MEMEX

Secrets

Secrets are sensitive pieces of information like API keys, database passwords, or access tokens that applications need to interact with external services or protect data. Managing these securely is crucial to prevent unauthorized access and protect your accounts and data.

Memex provides a built-in secrets management system to help you store and use this sensitive information securely without hardcoding it directly into your project files or chat messages.

How Memex Stores Secrets Securely

When you add a secret through the Memex interface:

  1. Secure Storage: The actual secret value is stored securely in your operating system's native keychain (like macOS Keychain or Windows Credential Manager) using the industry-standard keyring library. Memex itself doesn't store your raw secret values in its own files.

  2. Local Access: Secrets are stored locally on your machine and are only accessed when needed by processes initiated by Memex on your behalf.

  3. Key Tracking: Memex keeps a list of the keys (names) of the secrets you've stored, so it knows what's available, but it doesn't store the values alongside these keys in its configuration files.

This approach ensures that your sensitive credentials remain encrypted and managed by your system's secure storage, while Memex can still reference them by name when you instruct it to.

Accessing Secrets Management

You can manage your secrets through the Memex settings:

  1. Click the Settings icon (usually a gear ⚙️) in the Memex interface.

  2. Navigate to the Secrets tab.

Managing Your Secrets

The Secrets tab provides a simple interface for managing your stored secrets:

  • Viewing Secrets: You'll see a list of all the secret keys you have saved. The actual values are hidden by default for security.

  • Adding a New Secret:

    • Enter a unique Key (name) for your secret (e.g., OPENAI_API_KEY, DATABASE_PASSWORD). Use clear, descriptive names.

    • Enter the Secret Value (the actual API key or password).

    • You can click the View/Hide icon (👁️) to toggle the visibility of the value while typing.

    • Click Add Secret.

  • Updating a Secret:

    • Click the Edit icon (✏️) next to the secret key you want to update.

    • Enter the New Secret Value. The key (name) cannot be changed; if you need to change the name, delete the old secret and add a new one.

    • Click Update.

  • Copying a Key:

    • Click the Copy icon (📋) next to a secret key to copy the key name to your clipboard. This is useful when instructing Memex to use the secret.

Using Secrets with Memex

When you need Memex to use a secret you've stored (e.g., in code it's writing or a command it's running), simply refer to it by its key in your instructions:

User: Please use the API key stored as 'STRIPE_API_KEY' in Secrets to configure the payment gateway.
User: Connect to the database using the credentials stored in the 'DB_CONNECTION_STRING' secret.

Memex will then securely retrieve the corresponding value from your keychain when needed.

The first time you ask Memex to use them you'll get a prompt from your machine asking for permission to share them. You can choose to allow it going forward, only one time, or deny access.

Important:

  • Case Insensitivity: When retrieving secrets, Memex will attempt to find the key you specified, as well as its uppercase and lowercase versions, to avoid issues with inconsistent casing. For example, if you saved MyApiKey, Memex can find it if you ask for myapikey or MYAPIKEY. However, it's best practice to be consistent with your naming.

  • Secret Not Found: If Memex cannot find the secret key you referenced (even after checking case variations), it will inform you and suggest you add it via the Secrets Management UI.

Legacy Format Migration

Memex previously used a different format for storing secrets. If you have secrets stored in this older format, you will see a banner in the Secrets tab prompting you to migrate them.

  • Click the Migrate Secrets button.

  • Memex will attempt to convert your old secrets to the new key-value format.

  • A status message will indicate how many secrets were migrated successfully and if any failed.

Migration is recommended for compatibility and to take advantage of the simplified secrets management system.

Security Best Practices

  • Never Share Secrets Directly: Avoid pasting secret values directly into the chat with Memex or hardcoding them in project files. Always use the Secrets Management feature.

  • Use Descriptive Keys: Choose clear and unambiguous names for your secret keys.

  • Least Privilege: Only store secrets that are necessary for your projects managed with Memex.

  • Rotate Secrets: Regularly update important credentials (like API keys) in the source service and then update the corresponding value in Memex Secrets Management.

By using Memex's secrets management, you can build powerful applications and workflows while keeping your sensitive credentials secure.

PreviousCheckpointsNextSharing conversations

Last updated 1 month ago

Was this helpful?

Adding an api key to Secrets