Use the DC/OS Enterprise Secret Store to secure sensitive information like database passwords, API tokens, and private keys. Storing secrets in secret paths allows you to restrict which services can retrieve the value.

Authorized Marathon services can retrieve the secrets at deployment and store their values under environment variables.

In addition, the Secrets API allows you to seal/unseal the Secret Store.

You can also find information about secrets in the Permissions Reference section.