Secret Keys

Certain steps in your API testing scenario may require you to include sensitive information. For example, your HTTP requests may require credentials or secret keys; or you may be making a query to your database using our database connector, and you need to store your credentials. You may not want this information to be visible in the test definitions.

RapidAPI Testing has a special type of environment variable, called Secret Variables, that you can use in these scenarios. Let’s walk through how this works.

First, we will define these Secret Variables in the API Settings.

In order to accomplish this, follow below steps.

  1. Create a new environment. As an example, we will create one called Production.
  2. Hit “Add secret key”. In the new row that appears, name your variable in the “key” field, and enter the value in the “secret” field. For example, if I want to store a password, I will enter “password” as the key, and the actual password as the secret.

Then, similar to regular environment variables, you can use the secret keys you define here in your test definitions. For a simple example, let’s say that your GET request requires a password as headers. You can then simply add a header called Password, and enter {{password}} as the value. Upon execution, RapidAPI Testing will know to retrieve the environment variable from the API Setting called {{password}} to use as the value of the header in the GET request.