Store project credentials in `.env` files

Published

September 4, 2024

Learn how to store project identifier credentials in a .env file instead of using inline credentials. This topic is relevant for model developers who want to follow best practices for security when running notebooks.

Why is this recommended?

Storing credentials in a .env file is considered a best practice for security. Embedding credentials directly within the code makes them more susceptible to accidental exposure when sharing code or collaborating on projects.

Keeing project credentials in a separate file also allows for precise access control and ensures that sensitive credentials are not publically accessible.

Prerequisites

You are logged in to ValidMind.
The model is already registered in the model inventory.¹
You are a Developer or assigned another role with sufficient permissions to perform the tasks in this guide.²

¹ Register models in the inventory

² Manage permissions

Steps

Create a new file in the same folder as your notebook and name it .env.

This is a hidden file, so you may need to change your settings to view it.
Locate the code snippet for your model.
- These credentials can be found on the Getting Started page for models registered in the model inventory.
- Copy the values from this page and paste them into your .env file in the following format:
```
VM_API_PROJECT=<Project Identifier>
VM_API_HOST=<API Host URL>
VM_API_KEY=<API Key>s
VM_API_SECRET=<API Secret>
```

Insert this code snippet above your project identifier credentials:

%load_ext dotenv
%dotenv dev.env

The updated notebook should look like this:

%load_ext dotenv
%dotenv .env

import validmind as vm

vm.init(
  api_host = "http://localhost:3000/api/v1/tracking",
  project = "..."
)

Run the cell. Instead of using inline credentials, this cell will now load your project credentials from a .env file.

Why is this recommended?

Prerequisites

Steps

What’s next