Set a Secret

Sets a secret value for the specified Variable.

 
  • Conjur allows you to set a secret in any resource, but best practice is to store and retrieve secret data only using Variable resources.
  • Entity IDs must be URL-encoded.

URI

 
POST /secrets/{account}/{kind}/{identifier}

Any identifier included in the URL must be URL-encoded to be recognized by the Conjur API.

Examples

Identifier

URL-Encoded

myapp-01

myapp-01(no change)

alice@devops

alice%40devops

prod/aws/db-password

prod%2Faws%2Fdb-password

research+development

research%2Bdevelopment

sales&marketing

sales%26marketing

Example with curl

 
curl -H "$(conjur authn authenticate -H)" \
     --data "c3c60d3f266074" \
     https://eval.conjur.org/secrets/myorg/variable/prod/db/password

Request Body

Description

Required

Type

Example

Secret data

Yes

Binary

c3c60d3f266074

 

The maximum size for a secret value is 10MB.

Response

Code

Description

201

The secret value was set successfully

401

The request lacks valid authentication credentials

403

The authenticated user lacks the necessary privilege

422

A request parameter was missing or invalid

Example URI

 
POST /secrets/myorg/variable/db/password

URI Parameters

Parameter

Type

Mandatory

Description

account

String

Yes

Organization account name

Example: myorg

kind

String

Yes

should be “variable”

Example: variable

identifier

String

Yes

id of the variable

Example: db/password

Response 201

 
Content-Type: text/html