Could someone explain the technical difference between saving data using store.set and storage.setSecret ? I understand that all tenant data are encrypted with the custom key according this doc :
The Key-Value Store also lets you store key-value pairs in a secure, encrypted manner
Does the method storage.setSecret has some kind of double encryption, or any additional access limitation ? Who has access to secret data ? Atlassian team or Jira/Confluence Cloud admin ?
I couldn’t find this information in the documentation, and my client has concerns about storing sensitive data. It would be helpful if this information were included in the documentation.
@danielwester interesting question. I am not aware of any productized way for an Atlassian to fetch data stored as a secret by a Forge app. I believe that these methods, setSecret and getSecret, are provided with the intention of providing a way to store/get sensitive data that live within Forge storage, but not be exposed via query search methods.
It would be awesome if it was documented so we can point to it our security docs. AWS does a really good job versioning and making then link able with this. It makes compliance easy.