Secret Manager
The secret manager protects sensitive provider credentials inside DBModeler with a master-password-based encrypted vault.
What the secret manager stores
Section titled “What the secret manager stores”The vault is meant for secrets such as:
- GitHub and GitLab Personal Access Tokens
- GitLab OAuth profiles
- cloud-provider refresh tokens
This keeps long-lived credentials out of plain browser state.
Security model
Section titled “Security model”DBModeler derives an encryption key from your master password using Argon2id, then stores the encrypted vault with AES-GCM.
Important practical behavior:
- secrets are only readable while the vault is unlocked
- vault metadata and encrypted payload are stored separately
- PATs can still remain memory-only when you choose not to persist them
Unlock flow
Section titled “Unlock flow”When a secure action needs access to the vault, the UI requests the master password through the app’s prompt bus.
This avoids coupling provider flows directly to password-entry UI logic.
Why it matters
Section titled “Why it matters”The secret manager is what makes browser-only integrations practical without treating browser persistence as fully trusted.
It is especially important when you use:
- cloud providers with refresh tokens
- multiple GitLab OAuth profiles
- longer-lived repository credentials
Caveats
Section titled “Caveats”- If the vault is locked, persisted secrets are unavailable until unlocked.
- If the master password is lost, the vault cannot be recovered through the app.
- The vault is local to your browser environment unless you deliberately move or recreate that state elsewhere.
Next: Supported Databases