Home / Companies / Doppler / Blog / Post Details
Content Deep Dive

Secrets Rotation: Core Logic

Blog post from Doppler

Post Details
Company
Date Published
Author
Nic Manoogian
Word Count
1,706
Company Posts That Month
1
Language
English
Hacker News Points
10
Post removed?
No
Summary

Doppler's secret rotation feature aims to automate the process of rotating third-party service tokens and database credentials to improve security posture. The feature is designed to be safe, atomic, and reliable, with requirements including encryption and storage of rotation state data, atomic operations, graceful error handling, and no public access to sensitive information. Doppler uses a unique two-secret strategy, where two valid credentials are maintained for each secret, one active and one inactive, which are updated or replaced with new ones at regular intervals. The feature also supports different types of rotation, including updater and issuer rotations, and stores rotation state as tokenized JSON strings. To ensure reliability, Doppler uses a two-phase commit system to update the credentials in a database, and automatically retries errors with exponential backoff.

Trends Found in this Post
Trend Post Mentions Total Month Mentions Posts Companies MoM
Secrets Management 22 326 75 37 -69%
Observability 1 743 172 67 -39%
Use This Data

Use this post, company, and trend context to find content marketing opportunities, perform competitive analysis, or address product feature gaps via the Plushcap MCP server or the Plushcap API.