Yes, I forgot about that, but that is correct. We use whatever the os gives us to store secrets so they are only available to the user logged in. This also means I see no easy way to get them as well. And since api keys vary between servers it might be easiest to have same user account on all servers, so you can copy paste same password quickly after copying the file.
