Skip to main content

Retrieve a secret

This recipe retrieves a Databricks secret. Use secrets to securely connect to external services and APIs.

Code snippet

app.py
import reflex as rx
import base64
from databricks.sdk import WorkspaceClient

w = WorkspaceClient()

def get_secret(scope, key):
    try:
        secret_response = w.secrets.get_secret(scope=scope, key=key)
        decoded_secret = base64.b64decode(secret_response.value).decode('utf-8')
        return decoded_secret
    except Exception as e:
        return None

class RetrieveASecretState(rx.State):
    scope_name: str = "my_secret_scope"
    secret_key: str = "api_key"
    is_loading: bool = False
    error_message: str = ""
    success_message: str = ""

    @rx.event(background=True)
    async def retrieve_secret(self):
        async with self:
            self.is_loading = True
            self.error_message = ""
            self.success_message = ""

        try:
            secret = get_secret(self.scope_name, self.secret_key)
            async with self:
                if secret:
                    self.success_message = "Secret retrieved! The value is securely handled in the backend."
                else:
                    self.error_message = "Secret not found or inaccessible. Please create a secret scope and key before retrieving."
        except Exception:
            async with self:
                self.error_message = "Secret not found or inaccessible. Please create a secret scope and key before retrieving."
        finally:
            async with self:
                self.is_loading = False

Resources

Permissions

Your app service principal needs the following permissions:

  • CAN READ on the secret scope

See Manage secret scope permissions for more information.

Dependencies

requirements.txt
databricks-sdk
reflex