|The identity format for secrets is simply the secret key (as defined by the file 'secrets.secret' in the Denizen folder).
|A SecretTag represents a value that should never be exposed to logs or tags.
For example: authorization tokens, API keys, etc.
A SecretTag is made of a 'key', and a 'value'.
The key is a simple name, like 'my_bot_token', that is safe to show in logs/etc.
The value is the actual internal data that must be kept secret, often a generated code.
The keys and values must be defined in the 'secrets.secret' file inside the Denizen folder.
The contents of that file would look something like:
The above example defines SecretTag 'my_bot_token' as 'abc123.123abc',
meaning you could then use '<secret[my_bot_token]>' in the input to a command that parses secrets to have it understand the real value to input should be 'abc123.123abc'
However if you use the same tag in for example a narrate command, it would just narrate 'secret@my_bot_token', keeping your real value safe.
Note that the "!SECRETS_FILE" prefix cannot be removed, but comments can be added/removed/altered freely with a "#" prefix.
Commands that accept SecretTag inputs will document that information in the command meta. For example, see webget.
There is intentionally no tag that can read the value of a secret.
You can reload the secrets file via "/ex reload config"