Interesting, but not yet actually usable

Feature Requests Secrets Manager
1

I was looking at your secrets manager and it seems really interesting but I have 3 things I’d really need to be able to use it.

  1. Access secrets via REST API. Technically there must be an API that your CLI itself is using to pull down the data from the vault, but please document it so we can use the API directly. I have need to access a secret right from my own code so I need API access to get my secrets.

  2. Access secrets by key. The docs show access secrets by some arbitrary ID you assign, super confusing and unnatural. Let me access a secret value by key name. Too much effort to have to find a secret’s ID and make sure to reference that instead of a friendly key name.

  3. Ability to request webhook notification on change. On a service account basis I want to be able to provide an endpoint to receive a HTTP request when ever there is any change (new, updated, removed secret, as well as adding or removing the service account from accessing an existing secret). Obviously I don;t expect any details about what changed. But I would need to know something changed to wipe the servers local cache of secrets and refetch them all.

If you add these 3 things then this would be something that is usable.

As a bonus it could be useful to get write access via a service account, for example if I have to collect API keys for third parties from the users of my app (as I do with 1 app) I could use this to store those values rather than having to self encrypt and store in a database.

2

Hey Ryan, thanks for the feedback! For voting and discussion, can you break these out into separate posts? Alternatively I can move the discussion over to the community chat area, let me know!

Closing this one for now, but feel free to break out a feature request for each one.

3

Hey Ryan,

Thank you for your interest in Bitwarden Secrets Manager. Your feedback is appreciated and your key requirements have been noted. Here’s a summary of planned enhancements:

  1. REST API Access: The Bitwarden team is actively looking into providing API access to retrieve secrets programmatically, however the primary focus for the upcoming releases will be on additional SDKs and integrations.
  2. Access Secrets by Key: Accessing secrets by key name is a need that is recognized by the team and we will explore ways to incorporate this feature in future releases. For more information feel free to visit the other thread.
  3. Webhook Notifications: Implementing webhook notifications for added, updated, or removed secrets, as well as changes to service account access will be considered.

Your input on Bitwarden Secrets Manager is greatly appreciated. If you have any further suggestions or questions, please let the Bitwarden team know.

Best wishes,
Max