Our applications often depend on 3rd party services that require API tokens, Client IDs & Secrets, Passwords and other sensitive data. This data should not be checked into your source repository for numerous reasons. Having control over who has access to keys is important, especially for larger organizations. In this episode I will show you one technique for managing these keys without having to check them into git.