API Keys and Encryption at Rest / Secrets Storage

I’m looking for advice on best practices for managing secrets within Teneo. Our bot integrates with various web services, and we need to manage credentials for those integrations.

To comply with our corporate policy, we need to ensure that:

  • Secrets are encrypted at rest (and not just obfuscated in the source code)
  • Only authorized Teneo developers can view them
  • They are not readable by Artificial Solutions
  • Key rotation occurs automatically according to a predefined schedule

Could anyone share their strategies or tools for effectively handling secrets in Teneo? Any insights or experiences would be greatly appreciated.