# Constants Constants provide secure storage for API keys, passwords, database URLs, and other configuration values used by your Buzzy applications and Functions. Secret constants are encrypted using AES encryption to ensure sensitive data remains protected. ## What are Constants? Constants are key-value pairs that store configuration data for your applications: * **API Keys**: Store authentication tokens for external services * **Database URLs**: Connection strings for external databases * **Configuration Values**: Base URLs, default settings, and other config * **Passwords**: Encrypted storage for sensitive credentials * **Environment Settings**: Different values for development, staging, production ## Types of Constants ### Regular Constants * Stored as plain text * Suitable for non-sensitive configuration * Examples: API base URLs, default settings, public configuration ### Secret Constants * Encrypted using AES encryption with a secure key * Automatically encrypted when marked as "secret" * Examples: API keys, passwords, database credentials, private tokens ## Creating Constants ### Through the UI 1. Navigate to your app's Constants panel 2. Click "Add Constant" 3. Configure the constant: * **Name**: Unique identifier (e.g., `API_KEY`, `DATABASE_URL`) * **Value**: The actual value to store * **Description**: What this constant is used for * **Secret**: Check if this should be encrypted 4. Click "Create Constant" ### Naming Conventions Use descriptive, uppercase names with underscores: * `OPENAI_API_KEY` * `STRIPE_SECRET_KEY` * `DATABASE_URL` * `EMAIL_SERVICE_PASSWORD` * `API_BASE_URL` ## Using Constants in Functions Constants can be referenced in Function environment variables using the `BUZZYCONSTANTS()` syntax: ### Direct Reference ```javascript // In Function environment variable configuration API_KEY = BUZZYCONSTANTS('OPENAI_API_KEY') BASE_URL = BUZZYCONSTANTS('API_BASE_URL') ``` ### Dot Notation ```javascript // Alternative syntax API_KEY = BUZZYCONSTANTS.OPENAI_API_KEY BASE_URL = BUZZYCONSTANTS.API_BASE_URL ``` ### In Function Code ```javascript export const main = async (event) => { // Access the resolved values through environment variables const apiKey = process.env.API_KEY; const baseUrl = process.env.BASE_URL; const response = await axios.post(`${baseUrl}/api/endpoint`, { data: event.body }, { headers: { 'Authorization': `Bearer ${apiKey}`, 'Content-Type': 'application/json' } }); return { statusCode: 200, body: response.data }; }; ``` ## Security Features ### AES Encryption Secret constants are encrypted using AES encryption: * Encryption key is stored securely on the server * Values are encrypted before storage in the database * Automatic decryption when accessed by authorized functions * No plain text storage of sensitive values ### Access Control * Constants are scoped to individual applications * Only users with edit permissions can view/modify constants * Secret values are masked in the UI by default * Audit trail for constant creation and modification ### Best Practices * Always mark sensitive data as "secret" * Use descriptive names that indicate the purpose * Regularly rotate API keys and update constants * Don't include secrets in function code or comments ## Managing Constants ### Viewing Constants * Constants panel shows all constants for your app * Secret values are masked with asterisks by default * Click the eye icon to temporarily reveal secret values * Non-secret values are always visible ### Editing Constants 1. Click the edit icon next to a constant 2. Modify the name, value, description, or secret status 3. Click "Save" to update the constant 4. Functions using this constant will automatically get updated values ### Deleting Constants 1. Click the delete icon next to a constant 2. Confirm deletion in the dialog 3. **Warning**: Deleting a constant may break functions that depend on it ## Common Use Cases ### API Integration ```javascript // Constants OPENAI_API_KEY (secret) = "sk-..." OPENAI_BASE_URL = "https://api.openai.com/v1" OPENAI_MODEL = "gpt-4" // Function environment variables OPENAI_API_KEY = BUZZYCONSTANTS('OPENAI_API_KEY') OPENAI_BASE_URL = BUZZYCONSTANTS('OPENAI_BASE_URL') OPENAI_MODEL = BUZZYCONSTANTS('OPENAI_MODEL') ``` ### Database Connection ```javascript // Constants DB_HOST = "your-database-host.com" DB_NAME = "production_db" DB_USER = "api_user" DB_PASSWORD (secret) = "secure_password" // Function environment variables DATABASE_URL = BUZZYCONSTANTS('DB_HOST') DATABASE_NAME = BUZZYCONSTANTS('DB_NAME') DATABASE_USER = BUZZYCONSTANTS('DB_USER') DATABASE_PASSWORD = BUZZYCONSTANTS('DB_PASSWORD') ``` ### Multi-Environment Setup ```javascript // Development Constants API_BASE_URL = "https://api-dev.example.com" DEBUG_MODE = "true" // Production Constants API_BASE_URL = "https://api.example.com" DEBUG_MODE = "false" ``` ### Webhook Configuration ```javascript // Constants STRIPE_WEBHOOK_SECRET (secret) = "whsec_..." STRIPE_PUBLISHABLE_KEY = "pk_..." STRIPE_SECRET_KEY (secret) = "sk_..." // Function environment variables WEBHOOK_SECRET = BUZZYCONSTANTS('STRIPE_WEBHOOK_SECRET') STRIPE_PK = BUZZYCONSTANTS('STRIPE_PUBLISHABLE_KEY') STRIPE_SK = BUZZYCONSTANTS('STRIPE_SECRET_KEY') ``` ## Advanced Features ### Formula Support Constants support JSONata expressions for dynamic values: ```javascript // Dynamic timestamp CURRENT_DATE = $now() // Conditional values API_ENDPOINT = $boolean(DEBUG_MODE) ? "https://api-dev.com" : "https://api.com" ``` ### Constant References Constants can reference other constants: ```javascript // Base configuration API_HOST = "api.example.com" API_VERSION = "v1" // Derived values API_BASE_URL = "https://" & API_HOST & "/" & API_VERSION ``` ## Troubleshooting ### Common Issues **Constant not found error** * Verify the constant name is spelled correctly * Check that the constant exists in the current app * Ensure proper syntax: `BUZZYCONSTANTS('CONSTANT_NAME')` **Secret value not decrypting** * Verify the constant is marked as secret * Check server encryption key configuration * Ensure proper permissions to access the constant **Function environment variable empty** * Check the BUZZYCONSTANTS() reference syntax * Verify the constant exists and has a value * Test with a simple, non-secret constant first ### Best Practices for Debugging 1. **Test with non-secret constants first** to verify syntax 2. **Use descriptive constant names** to avoid confusion 3. **Check function logs** for environment variable values (excluding secrets) 4. **Verify constant values** in the Constants panel before deployment ### Security Considerations * **Never log secret values** in function code * **Rotate API keys regularly** and update constants * **Use least-privilege access** for external API keys * **Monitor constant access** through audit logs * **Backup important constants** before making changes ## Migration and Backup ### Exporting Constants While there's no direct export feature, you can: 1. Document constant names and descriptions 2. Keep a secure backup of non-secret values 3. Maintain a list of secret constants for reference ### Moving Between Apps Constants are app-specific and must be recreated when: 1. Moving functions between apps 2. Creating new environments 3. Setting up development/staging/production instances ### Version Control Consider maintaining a configuration file with: * Constant names and descriptions * Non-secret default values * Documentation of what each constant is used for * Environment-specific variations --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.buzzy.buzz/the-building-blocks/buzzy-functions-and-constants/constants.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.