📄️ API Secret Migration
The API Secret is used to sign and verify login tokens as well as to encrypt data within the database.
📄️ Client Secret Migration
The client secret is used to safeguard the setting values for any specific setting client. This guide explains how the secret can be changed.
📄️ Encrypting Client Secrets
When installed on Windows, Fig requires client secrets to be encrypted in DPAPI.
📄️ Integration Testing ASP.NET Core Apps
If your application uses Fig for configuration then you have some options when it comes to integration testing. The first option is to use Fig for configuration as part of your integration test. However, this means you are essentially integration testing the Fig application too and is probably not desirable in most cases. The other option involves disabling fig and injecting in a different configuration provider for the tests. Fig comes packaged with a convenient reloadable configuration provider which makes updating configuraiton in integration tests very easy.
📄️ Configuring TLS
Fig is able to run both its api and web instances with TLS enabled, provided the required environment variables and pem encoded certificate files are made available. This is aimed at use within docker containers, but equivalent configuration on host environments such as windows will also work for the api, but not the web instance.