Would it make sense to be able to get a secret value by providing the key instead of the entry ID? The Developer Quick Start | Bitwarden Help Center shows using just the ID which feels a bit unnatural compared to say HashiCorp’s vault kv get.
One of the solutions I can imagine would be to add e.g. a
--key option to the get secret command e.g. as follows:
export SECRET_1=$(bws get secret --key secret_1)
Also the flow is not easy using the ID.
If I create a new secret via the web, and need to use that secret in github action. I then have to dig around for the ID either via browser urls og via the cli to optain the ID.
I would suggest that a flag more (as I guess a key can be the same in different projects)
bws get secret --project carpark --key lights
Hey Opichals and Kalle,
Thank you for reaching out and sharing your thoughts on the retrieval of secret values in Secrets Manager. Feedback from users like you help shape the Secrets Manager product and roadmap.
Regarding your suggestion, I agree that it could be a useful enhancement for ease of use. Unfortunately, as a result of end-2-end encryption we don’t really have a way of enforcing unique key names across all projects. If users were allowed to retrieve secrets based solely on the key, it could potentially lead to serious confusion when multiple secrets with the same name exist. The entry ID based retrieval ensures the uniqueness and integrity of the secret being accessed.
We have taken your suggestion into consideration, and we will continue to explore the possibility of providing users with the option to decide their preferred method of retrieving secrets, whether it be by using the entry ID or a name.
In the meantime, I’m happy to inform you that we have an upcoming release which includes a new feature in the Web GUI. This enhancement enables users to directly view Secret UUIDs within the interface. By introducing this feature, we aim to simplify the process of obtaining UUIDs, making it more convenient for users to locate and work with their secrets.