Set a secret

Sets a secret value for the specified variable.

 
  • Conjur allows you to set a secret in any resource, but best practice is to store and retrieve secret data only using variable resources.

URI

POST /secrets/{account}/{kind}/{identifier}

URI Parameters

Parameter

Type

Mandatory

Description

account

String

Yes

Organization account name.

Example: myorg

kind

String

Yes

Should be “variable”

Example: variable

identifier

String

Yes

The ID of the variable

Example: db/password

Any identifier included in the URL must be URL-encoded to be recognized by the Conjur API.

Identifier examples

Identifier

URL-Encoded

myapp-01

myapp-01(no change)

alice@devops

alice%40devops

prod/aws/db-password

prod%2Faws%2Fdb-password

research+development

research%2Bdevelopment

sales&marketing

sales%26marketing

Example URI

  
POST /secrets/myorg/variable/db/password

Request Body

Description

Required

Type

Example

Secret data

Yes

Binary

c3c60d3f266074
 

The maximum size for a secret value is 10MB.

Example with curl

curl -H "$(conjur authn authenticate -H)" \
     --data "c3c60d3f266074" \
     https://eval.conjur.org/secrets/myorg/variable/prod/db/password

Response

Code

Description

201

The secret value was set successfully

401

The request lacks valid authentication credentials

403

The authenticated user lacks the necessary privilege

422

A request parameter was missing or invalid

Response 201

  
Content-Type: text/html