Secrets are now managed via the WebOps interface to improve the security of sensitive data and streamline deployment processes. This change centralizes the handling of sensitive information, such as API keys, tokens, and passwords, directly within WebOps.

Previously, secrets were handled through the VTEX IO CLI secrets plugin. To enable secrets management, an empty vtex.env file needed to be present in the project root. The key-value pairs were stored in the secrets.revealed.json file, then encrypted into secrets.hidden.json before being committed to the main branch.

Now, this workflow has been deprecated, and secrets are managed directly through the WebOps interface, where you can create, update, and delete them. Secrets are loaded as environment variables during deployment and are no longer committed to your project’s codebase.

Secrets management via WebOps addresses the following concerns:

• To improve the security of sensitive data by eliminating secrets from source code and version control.
• To reduce operational overhead and potential sync errors that might arise from CLI-managed secrets files.
• To ensure that secrets are managed in a uniform way across all FastStore deployment providers.

If your store currently uses the deprecated secrets plugin via the VTEX IO CLI, follow these steps to migrate to WebOps secrets management:

1. Push a new commit to your repository to trigger migration.

2. After pushing the new commit, access the VTEX Admin and go to Storefront > WebOps.

3. In WebOps, go to the Secrets tab and verify if the secrets were correctly migrated.

4. Delete the secrets.revealed.json and secrets. hidden.json files from your store repository.

   Do not delete the vtex.env file. This file is still necessary for local development.

5. After finishing this process, you can manage secrets through WebOps in the VTEX Admin.

All FastStore deployments now use WebOps for secrets management by default. To manage your secrets, follow these steps:

1. Access your FastStore WebOps dashboard and navigate to the Settings tab.
2. In the Secrets tab, you can create, update, or delete secrets according to your needs.

For detailed instructions, see the Managing Secrets guide.