Create and Manage Secrets

Secrets are objects that contain sensitive data, such as passwords, tokens, credit card numbers, or any other data that shouldn't be exposed. By using secrets, you do not have to hard code any sensitive data into your test scripts. When you run a test, whenever an enabled secret appears in reports or logs during and after run time, the value of the secret is replaced with asterisks (*).

Once you create your secrets, you can use them in your Performance tests. For more information on adding secrets to your test scripts, see Secrets in Advanced Test Options.

Blazemeter is designed to support secure testing workflows; however, the use of secrets during testing should be carefully evaluated and is at the customer’s discretion. To minimize risk, secrets should only be used when absolutely necessary.

If your test scenarios require the use of secrets, such as API keys, token, or credentials, be sure that:

only production and non-sensitive secrets are used.
all secrets are strictly limited in scope and privilege, and access only test-specific resources or data.
secrets should be temporary and rotated regularly.
you avoid the use of secrets that provide access to productions environments or sensitive customer data.

Secrets page

You can create and manage secrets on the Secrets page in your Workspace settings. All workspace members can view all secrets configured in the workspace. All roles except Viewer can create secrets. Once the secret is created, no one can see the value, protecting the sensitive data.

Permissions
Create a secret
Edit or delete a secret
Create a test with secrets

Permissions

The following are permissions for secrets:

Create a secret: All roles except viewer
Edit a secret: Account admins, Workspace managers, the member who created the secret
Delete a secret: Account admins, Workspace managers, the member who created the secret

Create a secret

In order to use secrets in your Performance tests, you need to create them.

To create a secret:

Log in to your BlazeMeter account.
Click the Cog icon at the top right of the BlazeMeter UI to open the Settings.
Navigate to Settings > Workspace > Secrets.
Click the + Add Secret button.
Enter the:
- Secret name: Can be any name you choose. You can only use lowercase letters, numbers, underscores, and hyphens.
- Secret value: Enter the value you want for your secret. Secret values must have a minimum of five characters.
- Description: (Optional) Enter a description of your secret.
Click Create Secret.

Edit or delete a secret

Workspace members with the correct permissions can edit or delete a secret by clicking the Edit or Delete icon in the Action column.

When editing a secret, you can only edit the Description. The Secret value cannot be viewed, but can be overridden by entering another value. To change the Secret name, you need to delete the secret and create another one with the new name.

Use secrets in your tests and virtual services

Now that you have configured your secrets, you can create Performance tests, GUI Functional tests, and use secrets with your virtual services. For more information on using secrets:

for Performance tests, see Manage Secrets for Performance Tests.
for GUI Functional tests, see Manage Secrets for GUI Functional Tests.
for Service Virtualization, see Manage Secrets for Service Virtualization.