Create and manage secrets

Secrets are objects that store sensitive data, such as passwords, tokens, credit card numbers, or any other information that must not be exposed.

Secrets management helps you:

  • Protect sensitive data during test execution

  • Prevent exposure in logs and reports

  • Support compliance with internal security policies

  • Enable secure collaboration within workspaces

When you run a test, if an enabled secret appears in reports or logs during or after execution, its value is automatically masked with asterisks (*).

After you create secrets, you can reference them in your tests. For more information about adding secrets to your test scripts, see Secrets in Advanced test options.

If your secrets are stored externally, you can connect them to your BlazeMeter account using vaults. To learn more, see Create and manage vaults.

Secrets is a feature that is limited to Enterprise customers. To enable secrets, contact BlazeMeter Support or your account manager.

BlazeMeter is designed to support secure testing workflows; however, the use of secrets during testing should be carefully evaluated and is at the customer’s discretion. To minimize risk, secrets should only be used when absolutely necessary.

If your test scenarios require the use of secrets, such as API keys, token, or credentials, be sure that:
  • only production and non-sensitive secrets are used.
  • all secrets are strictly limited in scope and privilege, and access only test-specific resources or data.
  • secrets should be temporary and rotated regularly.
  • you avoid the use of secrets that provide access to productions environments or sensitive customer data.

Secrets page

You can create and manage secrets on the Secrets page in your Workspace settings. All workspace members can view all secrets configured in the workspace. All roles except Viewer can create secrets. Once the secret is created, no one can see the value, protecting the sensitive data.

 

Permissions

The following are permissions for secrets:

  • Create a secret: All roles except viewer

  • Edit a secret: Account admins, Workspace managers, the member who created the secret

  • Delete a secret: Account admins, Workspace managers, the member who created the secret

Create a secret

In order to use secrets in your performance tests, you need to create them.

To create a secret:

  1. Log in to your BlazeMeter account.

  2. Click the Cog icon at the top right of the BlazeMeter UI to open the Settings.

  3. Navigate to Settings > Workspace > Secrets.

  4. (Optional) Choose the Secret source. If you don't have any external vaults integrated, leave the default secret source.

  5. Click the + Add secret button.

  6. Enter the:

    • Secret name: Can be any name you choose. You can only use lowercase letters, numbers, underscores, and hyphens.

    • Secret value: Enter the value you want for your secret. Secret values must have a minimum of five characters.

    • Description: (Optional) Enter a description of your secret.

  7. Click Create Secret.

Edit or delete a secret

Workspace members with the correct permissions can edit or delete a secret by clicking the Edit or Delete icon in the Action column.

When editing a secret, you can only edit the Description. The Secret value cannot be viewed, but can be overridden by entering another value. To change the Secret name, you need to delete the secret and create another one with the new name.

Use secrets in your tests and Virtual Services

Now that you have configured your secrets, you can create performance tests, GUI functional tests, and use secrets with your Virtual Services. For more information on using secrets: