Documentation | Secrets › Update Secret

Secrets

secrets

Methods

Create Secret ->

post/v5/sgp/secrets

Create an account-level secret.

The secret value is stored in the cloud provider's secret store. SGP only stores metadata (key name, description, audit info). The value is never returned by any API. Returns 409 if a secret with the same key already exists.

List Secrets -> CursorPage<

CloudSecret

get/v5/sgp/secrets

List secret metadata for the account. Values are never returned.

Get Secret ->

CloudSecret

get/v5/sgp/secrets/{secret_id}

Get a single secret's metadata by ID. The value is never returned.

Update Secret ->

CloudSecret

patch/v5/sgp/secrets/{secret_id}

Update an existing secret's description and/or value.

If value is provided, the cloud provider secret is updated. The secret value is never returned by any API.

path Parameters

secret_id: string

Response fields

CloudSecret

Request example

curl https://api.egp.scale.com/v5/sgp/secrets/$SECRET_ID \
    -X PATCH \
    -H 'Content-Type: application/json' \
    -H "x-api-key: $SGP_API_KEY" \
    -d '{}'

200Example

{
  "id": "id",
  "account_id": "account_id",
  "cloud_secret_path": "cloud_secret_path",
  "created_at": "2019-12-27T18:11:19.117Z",
  "created_by": {
    "id": "id",
    "type": "user",
    "object": "identity"
  },
  "key": "key",
  "description": "description",
  "object": "sgp_cloud_secret",
  "updated_at": "2019-12-27T18:11:19.117Z",
  "updated_by": "updated_by"
}

Delete Secret ->

delete/v5/sgp/secrets/{secret_id}

Delete a secret from both the cloud provider and SGP metadata.

Domain types

CloudSecret = { id, account_id, cloud_secret_path, 7 more... }

API response model for a secret. Never includes the secret value.