Store secrets like api key outside of data.json

Use case or problem

I’m using obsidian to write posts for a Hugo website, which I publish via on GitHub.

Lately, I activated Text Generator plugin which use OpenAI API and OpenAI rotated my API because it has been exposed.

Proposed solution

So, I’m looking for a solution to store my API outside of data.json like

  1. like with Ansible using an encrypted vault
  2. simply condense them all API inside one file which I could .git ignore it
  3. or even a better solution that I didn’t figure yet.

Current workaround (optional)

for now, I simply .gitignore .obsidian/plugins/*/data.json

We don’t take feature requests for community plugins here.

Plugins can already store secrets in a different location.
Please open a feature request on the plugin repository.

1 Like

I’m glad to hear that, do you have a documentation about how the community could make that works?

I will :wink:

Community plugins that I use that store API keys in clear text with a link to the issue related to that: