[Hold][WIP] Workflow Endpoint: how to encrypt secrets

[Paul-Cornell]

Work in progress. Still waiting for renamed "retrieve" endpoint, and certificate signing.

For now, see:

• Main secrets how-to page: https://unstructured-53-doc-4-secrets-api.mintlify.app/api-reference/workflow/secrets
• Updated Google Drive source connector API how-to page (scroll to bottom, look for yellow caution box especially): https://unstructured-53-doc-4-secrets-api.mintlify.app/api-reference/workflow/sources/google-drive

[awalker4]

Added some comments! I can add a commit to this branch to update the code samples once the new certificate flow is ready. Some other thoughts:

• I think the pattern of showing redacted on the encrypted text is a bit noisy. It's instructive to show the ---BEGIN PUBLIC KEY--- headers and such, but the other text will always be garbled nonsense, so there's nothing to "hide". Maybe just ellipses?

{
    "encrypted_aes_key": "x3+......9zD",
    "aes_iv": "k2N......g==",
    "encrypted_value": "gM1......A2m",
    "type": "rsa_aes"
}

[awalker4]

See this notebook for an updated flow once https://github.com/Unstructured-IO/platform-api/pull/544 is merged. The response from GET /users/secrets/encryption-certificate can be passed directly into the encrypt function that is now copied into the SDK. The result from this can likewise go straight to the store_secret function.