Deployment

Heroku Setup Guide

Pushed to Heroku Config Vars

Quick Connect

Ready to connect? Go directly to your Integrations Dashboard and search for Heroku.

Prerequisites

An active XtraSecurity workspace with Owner or Admin privileges.
An active account on Heroku.
Sufficient permissions in Heroku to generate an API Token or Personal Access Token (PAT).

Connection Steps

1Generate an Access Token in Heroku

XtraSecurity requires an access token to communicate securely with your Heroku infrastructure. Log into your Heroku dashboard and navigate to your Developer Settings or Security settings to generate a new token.

Security Best Practice

Only grant the minimum necessary scopes required for managing secrets or environment variables. Do not grant full administrative access unless absolutely necessary.

2Link the Token in XtraSecurity

Navigate to your XtraSecurity Integrations Dashboard. Find the Heroku card and click "Connect". Paste your securely generated token into the modal. The token is immediately encrypted via AES-256-GCM before being stored in our database.

How Syncing Works

Once Heroku is connected, you can configure an active Secret Sync.

XtraSecurity acts as your Single Source of Truth. Whenever a secret is added, updated, or rotated in your XtraSecurity project, our background workers immediately push that updated encrypted payload to your configured Heroku App in Heroku.

Ready to secure your pipeline?

Connect Heroku in under 60 seconds.