Managing your secrets

Unifier comes with an encrypted secrets manager to securely (and conveniently) manage your tokens and other secrets needed to run Unifier.

Managing secrets

To run the Secrets Manager CLI (or Token Manager, however you want to call it), execute the run script while passing the --tokens option.

  • On Linux and macOS, run sh run.sh --tokens.

  • On Windows, run ./run.bat --tokens.

Once you run this, the bootloader will ask for your encryption password. Once you've entered the correct password, you should see the tokens list:

You have 1 tokens.
1. TOKEN
Type "help" for a list of commands.
>

You can now view (but not see the actual secrets for security reasons), add, replace, delete, and re-encrypt your tokens! Everything else should pretty much be straightforward, just type the command you want and follow the steps.

To see a list of the commands, enter help in the command input.

What is a "Token identifier"?

A token identifier is basically a name you assign to a secret you add. Unifier and installed Modifiers will use these to know which token it should retrieve from the secrets for what purpose.

Usually, these should be all uppercase, alphanumeric (with the exception of -s and _s), and contain no spaces. But if your token identifier needs to break these conventions for your use case, you are free to do so.

Clearing your tokens

If you've forgot your encryption password (there's nothing you or we can do to retrieve your tokens), or you want to start fresh, you can clear your tokens. To do this, execute the run script while passing the --clear-tokens option.

  • On Linux and macOS, run sh run.sh --clear-tokens.

  • On Windows, run ./run.bat --clear-tokens.

The bootloader will prompt you to enter a new encryption password.

Troubleshooting

My password is correct, but the CLI keeps saying it's incorrect!

Please check that your encryption salt in your config.toml file is correct. Both your password and salt need to match in order for the decryption to work.

We plan to remove user-set encryption salts on Unifier v4 and instead make them randomly generated for each data encrypted.

PreviousSwitching Python versionsNextData backups

Last updated