New in 2.0: Sensitive variables

Published on: 24 Dec 2013

Very few applications make it to production without requiring at least some configuration data that is "sensitive". An application might need a password for an SMTP server, or an API key for a web service, or an encryption key for a billing gateway. In Octopus Deploy 2.0, we've added a great new way to manage these settings: sensitive variables. You can learn more about how to use this feature in the documentation page on variables.

Adding sensitive variables

When a variable is sensitive:

  • You can never retrieve the value from the API/UI (we assume you keep your passwords somewhere else if you need them)
  • The value is stored encrypted in the Octopus database
  • We'll do our best to prevent the value appearing in any logs

Of course, the value will be available for PowerShell scripts during the deployment, and can be inserted into any configuration files.

Sensitive variables is a feature that was on our UserVoice list for quite some time, and I think it will be a very useful feature for any deployment.


Octopus Deploy is used by thousands of developers across the globe, from small companies to large enterprises. Find out if it meets your deployment automation needs by taking advantage of our free 30-day trial. You can spin up an instance with just a few clicks!