Menu
In Visual Studio, right-click the project in Solution Explorer, and select Manage User Secrets from the context menu. This gesture adds a UserSecretsId element, populated with a GUID, to the project file.
In a Windows machine, they are stored in the %APPDATA%\Microsoft\UserSecrets\<user_secrets_id>\secrets. json file. In a Linux/macOS machine, they are stored in the ~/. microsoft/usersecrets/<user_secrets_id>/secrets.
Secrets are stored in a separate configuration file in encrypted form. The secrets are then decrypted at runtime using AWS Key Management Service. This way you can version your secrets along with your application's source code, while avoiding storing secrets in clear text.
"Manage user secrets" from a right click is only available in web projects.
There is a slightly different process for console applications
It requires manually typing the required elements into your csproj file then adding secrets through the PMC
I have outlined the process that worked for me in my current project step by step in this blog post :
https://medium.com/@granthair5/how-to-add-and-use-user-secrets-to-a-net-core-console-app-a0f169a8713f
tl;dr
Step 1
Right click project and hit edit projectName.csproj
Step 2
add <UserSecretsId>Insert New Guid Here</UserSecretsId> into csproj under TargetFramework
add <DotNetCliToolReference Include="Microsoft.Extensions.SecretManager.Tools" Version="2.0.0"/> within Item Group in csproj
Step 3
Open PowerShell (admin) cd into project directory and
enter dotnet user-secrets set YourSecretName "YourSecretContent"
This will create a secrets.json file in:
%APPDATA%\microsoft\UserSecrets\<userSecretsId>\secrets.json
Where userSecretsId = the new Guid you created for your csproj
Step 4
Open secrets.json and edit to look similar to this
{
"YourClassName":{
"Secret1":"Secret1 Content",
"Secret2":"Secret2 Content"
}
}
By adding the name of your class you can then bind your secrets to an object to be used.
Create a basic POCO with the same name that you just used in your JSON.
namespace YourNamespace
{
public class YourClassName
{
public string Secret1 { get; set; }
public string Secret2 { get; set; }
}
}
Step 5
Add Microsoft.Extensions.Configuration.UserSecrets Nuget package to project
Add
var builder = new ConfigurationBuilder()
.SetBasePath(Directory.GetCurrentDirectory())
.AddJsonFile("appsettings.json", optional: false, reloadOnChange: true)
.AddUserSecrets<YourClassName>()
.AddEnvironmentVariables();
&
var services = new ServiceCollection()
.Configure<YourClassName>(Configuration.GetSection(nameof(YourClassName)))
.AddOptions()
.BuildServiceProvider();
services.GetService<SecretConsumer>();
To your Program.cs file.
Then inject IOptions<YourClassName> into the constructor of your class
private readonly YourClassName _secrets;
public SecretConsumer(IOptions<YourClassName> secrets)
{
_secrets = secrets.Value;
}
Then access secrets by using _secrets.Secret1;
Thanks to Patric for pointing out that services.GetService<NameOfClass>(); should be services.GetService<SecretConsumer>();
Manage User Secrets is available from the context menu of .NET Core Console projects (not just ASP.NET Core projects) since Visual Studio 2019 (verified in version 16.1.3), once you reference the Microsoft.Extensions.Configuration.UserSecrets NuGet.
Dotnet Core 3.1 - simplest method I have found in situations when I just need to hide a password.
Create user secrets using command line from project folder
dotnet user-secrets init
dotnet user-secrets set mailpassword password1
in Program.cs
var config = new ConfigurationBuilder().AddUserSecrets<Program>().Build();
var secretProvider = config.Providers.First();
secretProvider.TryGet("mailpassword", out var secretPass);
//'secretPass' should now contain the password
//if the "mailpassword" secret is not found, then 'secretPass' will be null
If you are doing more things with configuration you may need to adjust the .First()
1.Add to your project file (Prior to dotnet 2.1 only):
<ItemGroup>
<DotNetCliToolReference Include="Microsoft.Extensions.SecretManager.Tools" Version="2.0.0" />
</ItemGroup>
2.Set
<PropertyGroup>
<UserSecretsId>a random user id: manually add</UserSecretsId>
</PropertyGroup>
Move to the migration project folder in Package Manager Console and add a key:value like:
dotnet user-secrets set "ConnectionStrings:DefaultConnection" "xxxxx"
Remember to be in the directory of that project (for Package manager console this means cd'ing into the project, not solution level)
<Project Sdk="Microsoft.NET.Sdk"> with <Project Sdk="Microsoft.NET.Sdk.Web"> and save. Now you can access to manage user secrets menu, edit it and save. Then you have to restore the first line of the csproj file to its defaults to be again a console app.
It's stupid but it works. Remember replace the usersecretsid property for every project or will just have one secrets.json for all your projects.
It appears that they haven't added that (at least to Visual Studio 2015) as an option for Console or DLL apps.
You can use this as a work around, but do so at your own risk, it will trick Visual Studio into believing that the dll project has Web capabilities as well.
Assuming Windows OS
Open File Explorer to C:\Program Files (x86)\MSBuild\Microsoft\VisualStudio\v{Version Number}\DotNet note: 14.0 is VS 2015, 15.0 is 2017 etc
backup the file named Microsoft.DotNet.targets
Add this line to Microsoft.DotNet.targets next to the other ProjectCabability tag
<ProjectCapability Include="DotNetCoreWeb" />
Save the file, and unload and reload your project / restart visual studio.
You may also need to delete your .suo file and/or your .vs folder
You should now see the context menu. It also changes the icon unfortunately. It seems to build just fine, but this is pretty untested so seriously, use at your own risk.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With