Documentation

FAQ: How should I handle data and secrets? in the NexoRouter documentation.

FAQ: How should I handle data and secrets?

Treat prompts, API keys, logs, and exported files as sensitive operational data.

API keys

  • Store keys in environment variables or secret managers.
  • Do not commit keys to Git.
  • Rotate leaked keys immediately.
  • Use separate keys per app or teammate.

Request data

  • Avoid sending secrets inside prompts.
  • Redact private data before sharing support examples.
  • Share request IDs instead of full request bodies when possible.

Logs

Usage Logs help debug requests. Limit who can access account dashboards and exports.

FAQ: How should I handle data and secrets? — NexoRouter