PersistentAI

Appearance

PersistentAI API Documentation / @persistent-ai/fireflow-types / ISecretsProvider

Interface: ISecretsProvider

Defined in: packages/fireflow-types/src/secrets/secrets-provider.ts:15

Abstract interface for pluggable secret storage backends.

Phase 1: FireFlowNativeProvider (Pg + HKDF + AES-256-GCM) Phase 2: OnePasswordProvider, HashiCorpVaultProvider, InfisicalProvider

Properties

deleteSecret()

deleteSecret: (secretId, ownerId) => Promise<void>

Defined in: packages/fireflow-types/src/secrets/secrets-provider.ts:49

Delete a secret.

Parameters

secretId

string

ownerId

string

Returns

Promise<void>

getSecretMetadata()

getSecretMetadata: (secretId, ownerId) => Promise<SecretMetadata | null>

Defined in: packages/fireflow-types/src/secrets/secrets-provider.ts:39

Get metadata for a single secret (no value).

Parameters

secretId

string

ownerId

string

Returns

Promise<SecretMetadata | null>

listSecrets()

listSecrets: (ownerId, filter?) => Promise<SecretMetadata[]>

Defined in: packages/fireflow-types/src/secrets/secrets-provider.ts:34

List secret metadata (no values) for an owner.

Parameters

ownerId

string

filter?

SecretFilter

Returns

Promise<SecretMetadata[]>

providerId

readonly providerId: string

Defined in: packages/fireflow-types/src/secrets/secrets-provider.ts:16

resolveSecret()

resolveSecret: (secretId, ownerId) => Promise<ResolvedSecret>

Defined in: packages/fireflow-types/src/secrets/secrets-provider.ts:29

Retrieve a secret's plaintext value. Used internally by VaultService for ECDH re-encryption. NEVER exposed to nodes directly - always re-encrypted first.

Parameters

secretId

string

ownerId

string

Returns

Promise<ResolvedSecret>

secretExists()

secretExists: (ownerId, name, secretType) => Promise<boolean>

Defined in: packages/fireflow-types/src/secrets/secrets-provider.ts:54

Check if a secret name+type combination exists for an owner.

Parameters

ownerId

string

name

string

secretType

string

Returns

Promise<boolean>

storeSecret()

storeSecret: (params) => Promise<string>

Defined in: packages/fireflow-types/src/secrets/secrets-provider.ts:22

Store a secret. Returns the secret ID. For external providers, this may be a no-op (read-only providers).

Parameters

params

StoreSecretParams

Returns

Promise<string>

testConnection()

testConnection: () => Promise<boolean>

Defined in: packages/fireflow-types/src/secrets/secrets-provider.ts:59

Test provider connectivity.

Returns

Promise<boolean>

updateSecret()

updateSecret: (secretId, ownerId, value) => Promise<void>

Defined in: packages/fireflow-types/src/secrets/secrets-provider.ts:44

Update a secret's value.

Parameters

secretId

string

ownerId

string

value

Record<string, string>

Returns

Promise<void>

Licensed under BUSL-1.1

Copyright © 2026 PersistentAI