Cheat Sheet for Working with Rails Encrypted Credentials

Feature thumb rails encrypted credentials

Starting in Rails 5.2+, the framework now comes with a built in way to encrypt configuration credentials and environment variables. In previous versions an application would need to use a tool such as dotenv or figaro, and you could NEVER include the variable values in version control for security reasons. However, now all of the credentials are encrypted, and a single master key can decrypt them. This means that your team can add the credentials to version control and share them with much more ease.

Below is a cheat sheet that shows the common commands needed to work with Rails encrypted credentials.


Editing Credentials

rails credentials:edit

This will use your default text editor to edit the file.


Generate a New Application Secret

rails secret


Flat Syntax


Nested Syntax


Querying Flat Keys


=> "secretstuff"


Querying Nested Keys


=> "123"