Purpose of secret_key in configuration

I create a configuration module for nixos to provision grafana.
There we want to seperate secrets from configuration and therefore have the option
to load secrets from external files at service startup.

I stumbled over secret_key,
where it says:

Used for signing some datasource settings like secrets and passwords. Cannot be changed without requiring an update to datasource settings to re-encode them.

What does signing mean? What does this protect against?

1 Like

Any help with this?. :crazy_face: