Using .Net Core User Secrets for a Team

Question

When I use a UserSecret on a project, a UserSecretId entry is added to the project file. This UserSecretId is a GUID which points to a local folder which is not in source control, so my secrets remain secret :) When I commit my project file and a different team member opens the project, is a folder created with the UserSecretId which was added to the project?

Answer 1

The user secrets will not be created when other users clone or checkout your project. The main usecase of user secrets is to create secrets you don't like to share (Means there is no way to share it automatically). See also this github issue

If usersecrets are used by multiple developers:

• Dev1 creates usersecrets:

dotnet user-secrets init
dotnet user-secrets set "Movies:ServiceApiKey" "12345"

secrets.json will be created in C:\Users\Dev1\AppData\Roaming\Microsoft\UserSecrets\32fb5ba1-4330-43a8-a03b-4868ba51ca11

• Dev2 checkout/clones the project, and creates his secrets:

dotnet user-secrets init 

Gets the message: "The MSBuild project 'C:\Temp\ConsoleApp1\ConsoleApp1 \ConsoleApp1.csproj' has already been initialized with a UserSecretsId."

dotnet user-secrets set "Movies:ServiceApiKey" "12345"

secrets.json will be created in C:\Users\Dev2\AppData\Roaming\Microsoft\UserSecrets\32fb5ba1-4330-43a8-a03b-4868ba51ca11

So both users will have their secrets accessible thru the same GUID (all user secrets are stored in one file), so there wont be a problem with the project file.

Entry in project file for booth Devs:

 <PropertyGroup>
    <OutputType>Exe</OutputType>
    <TargetFramework>netcoreapp3.1</TargetFramework>
    <UserSecretsId>32fb5ba1-4330-43a8-a03b-4868ba51ca11</UserSecretsId>
  </PropertyGroup>