v1
Double column
API
CLI
JS Client

Secrets /

Create secret

Creates a secret with the specified payload

Required permission

Project > Secrets > General > Create

Path parameters

    • projectId

      string required

      ID of the project

Request body

  • {object}
    • name

      string required

      The name of the secret.

      min length
      3
      max length
      20
      pattern
      ^[a-zA-Z]((-|\s)?[a-zA-Z0-9]+((-|\s)[a-zA-Z0-9]+)*)?$
    • description

      string

      A description of the secret.

      max length
      200
      pattern
      ^[a-zA-Z0-9.,?\s\\/'"()[\];`%^&*\-_:!]+$
    • secretType

      string required

      The type of the created secret

      one of
      environment-arguments, environment, arguments
    • priority

      integer required

      The priority with which different secrets will be merged.

      min
      0
      max
      100
    • restrictions

      {object}

      Restriction settings of the secret

      • restricted

        boolean

        Is the secret restricted

      • nfObjects

        [array]

        List of Northflank services & jobs the secret is restricted to

        • {object}
          • id

            string required

            ID of the entity the secret is restricted to.

            pattern
            ^[A-Za-z0-9-]+$
          • type

            string required

            Type of the entity the secret is restricted to.

            one of
            service, job
    • addonDependencies

      [array]

      An array of addons to link to this secret group.

      • {object}

        An object containing data about the addon to link.

        • addonId

          string required

          The internal id of the addon to link.

          pattern
          ^[A-Za-z0-9-]+$
        • keys

          [array] required

          An array of objects containing details about the keys to link to this secret group.

          • {object}

            Details about the key to link to this secret group.

            • keyName

              string required

              The name of the key to link.

            • aliases

              [array]

              An array of aliases for the key.

              • string

                The name of the alias. Keys must only contain letters and numbers separated with underscores, may not start with a number

                pattern
                ^[a-zA-Z_][a-zA-Z0-9_]*$
    • secrets

      {object}
      • variables

        {object}

        Secret variables as JSON object, encrypted at rest. Keys must only contain letters and numbers separated with underscores, may not start with a number

        • files

          {object}

          Secret files as JSON object, encrypted at rest. File path must be absolute

      Response body

      • {object}

        Response object.

        • data

          {object} required

          Result data.

          • id

            string required

            Identifier for the secret group

          • name

            string required

            Secret group name

          • description

            string

            A short description of the secret group

          • secretType

            string required

            The type of the created secret group

            one of
            environment-arguments, environment, arguments
          • projectId

            string required

            ID of the project that the secret group belongs to

          • priority

            integer required

            The priority with which different secret groups will be merged

            min
            0
            max
            100
          • restrictions

            {object} required

            Restriction settings of the secret

            • restricted

              boolean

              Is the secret restricted

            • nfObjects

              [array]

              List of Northflank services & jobs the secret is restricted to

              • {object}
                • id

                  string required

                  ID of the entity the secret is restricted to.

                  pattern
                  ^[A-Za-z0-9-]+$
                • type

                  string required

                  Type of the entity the secret is restricted to.

                  one of
                  service, job
      API
      CLI
      JS Client

      POST /v1/projects/{projectId}/secrets

      Example request

      Request body
      curl
      curl --header "Content-Type: application/json" \
        --header "Authorization: Bearer NORTHFLANK_API_TOKEN" \
        --request POST \
        --data '{"name":"Example Secret","description":"A description","secretType":"environment","priority":10,"restrictions":{"restricted":true,"nfObjects":[{"id":"example-service","type":"service"}]},"addonDependencies":[{"addonId":"example-addon","keys":[{"keyName":"username","aliases":["MONGO_USERNAME"]}]}],"secrets":{"variables":{"NODE_ENV":"production","MONGO_DB":"some_connection_string"},"files":{"/dir/fileName":{"data":"VGhpcyBpcyBhbiBleGFtcGxlIHdpdGggYSB0ZW1wbGF0ZWQgJHtOT0RFX0VOVn0gdmFyaWFibGU=","encoding":"utf-8"}}}}' \
        http://api.northflank.com/v1/projects/{projectId}/secrets

      Example response

      200 OK

      Details about the newly created secret.

      JSON

      {
        "data": {
          "id": "example-secret-group",
          "name": "Example secret group",
          "description": "This is the secret group description",
          "secretType": "environment",
          "projectId": "default-project",
          "priority": 10,
          "restrictions": {
            "restricted": true,
            "nfObjects": [
              {
                "id": "example-service",
                "type": "service"
              }
            ]
          }
        }
      }

      Example response

      409 Conflict

      There is already a secret with the same derived identifier

      © 2022 Northflank Ltd. All rights reserved.