You may have noticed a file called secrets.yml in the config folder of a Rails 4.1 project. This feature was added as part of Rails 4.1 in order to have a common storage location for the keys and credentials for various services. You can use the secrets.yml for everything from AWS credentials to your secret_key_base (the default in Rails 4.1). Here is what the file typically looks like:


  secret_key_base: super_long_secret_key_for_development
  active_merchant_login: 896667
  active_merchant_password: supersecretpassword888

  secret_key_base: super_long_secret_key_for_test
  active_merchant_login: 896667
  active_merchant_password: supersecretpassword888

  secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
  active_merchant_login: <%= ENV["AM_LOGIN"] %>
  active_merchant_password: <%= ENV["AM_PASSWORD"] %>

I recommend adding this file to your .gitignore file to avoid accidently pushing your keys to git. You can also store your production keys in this file if you wish. The example above pulls them from the environment, but you certainly don't have to do this.

To access the various keys in the secrets.yml file you simply do:


For example, the following code returns our active merchant login from our earlier example:

Rails.application.secrets.active_merchant_login # returns 896667 on development/test

For an overview of the other new Rails 4.1 features, please be sure to check out the main RichOnRails website. That's it! Thanks for reading!