Switch off hashing, then this goes away.
Either you end up exposing tokens and secrets to your dashboard users, and store them in your analytics in plaintext, or you work with the hashed values. It isn't possible to have both.
Yes there should be a search capability for the alias - and guess what - it's on our roadmap, and it will be put in place.
Hashing the key in the JSVM would just cause a double hash, so this would completely and utterly fail.