Switchboard is architected to route off-chain data to an on-chain account. A publisher is responsible for building the job definition, which defines the task(s) the oracles must perform to fetch and transform external data. Sometimes a publisher may wish to bring private data on-chain using an API key which poses a set of challenges. In order for the oracle to retrieve the data, they need access to the publisher's API key. Blockchains are public so there is no easy way to conceal the API key on-chain.
Switchboard provides the ability to create your own queue with your own set of oracles, allowing the oracles access to your API key so they can resolve the private endpoints.
Oracles can be provided a `configs.json` file to store various configurations needed to execute job definitions. If an oracle encounters a job definition with a variable, it will parse the `configs.json` and embed the value in the job definition. API keys should be specified in the config under the Job Account public key to prevent a malicous feed from leaking an API key.
Private queue's should **_ALWAYS_** have `unpermissionedFeedsEnabled` set to false. Allowing unpermitted feeds could result in a malicious actor creating a job definition that leaks your sensitive API keys.
We'll be using [commodities-api](https://www.commodities-api.com) to resolve our data for this example. You will need to signup for an account to get a `COMMODITIES_API_KEY`.
### Create a Queue
First, we will need to create our own queue. The following command will create a queue with a single oracle and crank.
```bash
sbv2 queue:create \
--name "Private Queue" \
--keypair ../payer-keypair.json \
--authority ../payer-keypair.json \
--numOracles 1 \
--reward 0 \
--outputFile "Private_Queue.json"
```
### Start Oracle
Create a docker-compose file, replacing `ORACLE_KEY`, `RPC_URL`, and `PAYER_KEYPAIR` with the appropriate values.
