When writing your own Research Cloud plugins, you might want to have access to dynamic information on the workspace that is created. You might also want to insert secrets. For instance to pass passwords or license keys into a script. There are three special parameter source-types that provide access to these values.

Source-type "Workspace"

The source-type "Workspace" provides access to the name and the id of the CO that the current workspace is being created for. The Sub-key on the left is to be filled into the parameter's field "Default value".

Sub-key in field "default value"Resulting parameter value
co_idThe id of the CO that the workspace is being created for
co_nameThe name of the CO that the workspace is being created for

Source-type "Resource"

The source-type "Resource" provides access to the fully qualified domain name ("FQDN") of the workspace that is being created. The Sub-key on the left is to be filled into the parameter's field "Default value".

Sub-key in field "default value"Resulting parameter value
workspace_fqdnFully qualified domain name of the workspace that is being created.

Source-type "Co-Secret"

Use the source-type Co-Secret to refer to a secret that has been stored for the current collaboration ("CO").

How to store a secret to a collaboration

In the Research Cloud dashboard, below on the "Profile" tab, there is a list of the collaborations you are a member of.

Choose a CO, expand the display, and select the "Secrets" tab.

Click on the "+" icon to add a secret.

In the name field, type the name that will refer to the secret.

In the value field type or paste the secret value itself.

The value will show only now and never again.

From now on, any plugin-parameter with the source-type "Co-Secret" can refer to this secret value if the workspace is started for this CO.

How to refer to a CO-Secret

Let's assume that you have created a CO-Secret with the name "my CO secret name".

To use the value of the CO-Secret in a plugin, create a parameter in the plugin with the source type Co-Secret.

Let the parameter's key be "my-parameter-key".

Use the CO secret name (here "my CO secret name").

Put it into the parameter's "default value" field:

{"key":"my CO secret name"}

Then, in the plugin's script use the parameter's key to resolve the secret's value, there.

Do this by putting

"{{ my-parameter-key }}"

This will be replaced by the secret value when the script runs.


By default, secret values are not written to any log file.

You can have the value of a secret written to the log, if you really need this.

For this, add another key-value pair to the object in the parameter's default value field:

{"key":"my CO secret name","sensitive":false}