Ask HN: Where do you save your API keys?
Is there any specific on-line service to store API keys? Doppler (https://doppler.com) is my preferred tool for storing API keys. It centralizes where you manage all of your environmental variables and makes it so you never risk exposing your API keys in a code repo. There's a CLI tool that makes it easy to use all of your environment variables while you're developing and a ton of integrations for wherever you prefer to deploy your code. Feel free to ask me anything about Doppler or secrets management - I'm a developer advocate at Doppler. Looks like you are SOC 2 Type II compliant, which is better than nothing. However, it is very difficult for my organization to work with 3rd parties that are not ISO 27001 certified. Is Doppler working on ISO 27001 certification? Doppler is exploring adding the ISO 27001 certification in the near future. Check out Infisical: https://infisical.com We help developers manage API keys, DB access tokens, certificates, and other types of secrets across all of their infrastructure – providing smooth native integrations with k8s, terraform, github actions, any local development setup, and much more. Disclaimer: I'm one of the founders. i have a private repo with a script that backs all my .env* files up and then encrypts them and pushes them to github. hashicorp Vault