This is an interesting question and there are several ways to achieve what you want. Here's my suggestion.
If the entire application is secured by
TLS which i think will mostly be (I mean not just having
HTTPS but also having
TLS from your DB to the Backend) then take the input from the frontend and save it to your database but before saving it encrypt the same using any good encryption method and save the secretkey to the db. The key for this encryption (This is not the secret key but another key for encrypting and decrypting the secret key) must be an environmental variable. This will also help you guys if the db gets hacked or starts leaking.