# Configuration ## Keys A "Key" concept of the automation utility is that we don't store sensitive information (like connection strings, SFTP information, etc) inside the package. Instead, we reference the keys they belong to. Let's say we're transforming data from **Pizzeria**'s SFTP server to a local **Reporting** folder. We would configure our source to be an SFTP server with the **Pizzeria** key, and the target to be a folder with the **Reporting** key.

To actually provide the secure SFTP credentials, and the folder path, you would do so locally alongside your client application.

## Encryption / Decryption The application supports both encryption and decryption of the settings.json file associated with the application. ### Encrypt To encrypt, run the application with the **`-e`** flag followed by the password. An example: ``` TransformClient.exe -e "Expelliarmus" ``` The application credentials will now be encrypted and not visible under inspection. {% hint style="success" %} The application will create a **.bak.json** file of the credentials before attempting to encrypt. This is to prevent data loss or accidents. **If you're satisfied with the encrypted results, don't forget to delete this file**. {% endhint %}

### Decrypt To decrypt, send the **`-d`** flag. An example: ``` TransformClient.exe -d "Expelliarmus" ``` And just like that, if the passwords matched, you'll get a decrypted result.