# Create global secret Creates a global secret with the specified payload **Request body:** {object} - `name`: (string) (required) (pattern: ^[a-zA-Z0-9]+((-|\s)[a-zA-Z0-9]+)*$) (min length: 3) (max length: 100) - `description`: (string) (pattern: ^[a-zA-Z0-9.,?\s\\/'"()[\];`%^&*\-_:!]+$) (max length: 200) - `secrets`: {object} - `values`: {object} - `files`: {object} - `type`: (string) (required) The permission type of the global secret. (enum: secret, config) - `gitops`: {object} - `vcsService`: (string) (required) The VCS provider to use. (enum: bitbucket, gitlab, github, self-hosted, azure) - `selfHostedVcsId`: (string) If projectType is self-hosted, the ID of the self-hosted vcs to use. (pattern: ^([A-Za-z0-9-]+)|([0-9a-f]{24})$) - `accountLogin`: (string) By default, if you have multiple version control accounts of the same provider linked, Northflank will pick a linked account that has access to the repository. If `accountLogin` is provided, Northflank will instead use your linked account with that login name. - `vcsLinkId`: (string) Legacy key. Please used accountLogin instead. - `repoUrl`: (string) (required) URL of the Git repo to sync the file with. (pattern: ^(https:\/\/)?((www(\.[a-zA-Z0-9\-]{2,})+\.)?[a-zA-Z0-9\-]{2,})(\.([a-zA-Z0-9\-]{2,}))+(\/([a-zA-Z0-9\-._]{2,}))+?$) - `branch`: (string) (required) The name of the branch to use. - `filePath`: (string) (required) The file path in the repository. If using an existing file, it should be in JSON format. (pattern: ^\/([a-zA-Z0-9-._]+\/)*[a-zA-Z0-9-._]+$) **Response body:** {object} - `data`: {object} - `name`: (string) (required) (pattern: ^[a-zA-Z0-9]+((-|\s)[a-zA-Z0-9]+)*$) (min length: 3) (max length: 100) - `description`: (string) (pattern: ^[a-zA-Z0-9.,?\s\\/'"()[\];`%^&*\-_:!]+$) (max length: 200) - `secrets`: {object} - `values`: {object} - `files`: {object} - `type`: (string) (required) The permission type of the global secret. (enum: secret, config) - `gitops`: {object} - `vcsService`: (string) (required) The VCS provider to use. (enum: bitbucket, gitlab, github, self-hosted, azure) - `selfHostedVcsId`: (string) If projectType is self-hosted, the ID of the self-hosted vcs to use. (pattern: ^([A-Za-z0-9-]+)|([0-9a-f]{24})$) - `accountLogin`: (string) By default, if you have multiple version control accounts of the same provider linked, Northflank will pick a linked account that has access to the repository. If `accountLogin` is provided, Northflank will instead use your linked account with that login name. - `vcsLinkId`: (string) Legacy key. Please used accountLogin instead. - `repoUrl`: (string) (required) URL of the Git repo to sync the file with. (pattern: ^(https:\/\/)?((www(\.[a-zA-Z0-9\-]{2,})+\.)?[a-zA-Z0-9\-]{2,})(\.([a-zA-Z0-9\-]{2,}))+(\/([a-zA-Z0-9\-._]{2,}))+?$) - `branch`: (string) (required) The name of the branch to use. - `filePath`: (string) (required) The file path in the repository. If using an existing file, it should be in JSON format. (pattern: ^\/([a-zA-Z0-9-._]+\/)*[a-zA-Z0-9-._]+$) - `createdAt`: (string) time of creation (format: date-time) - `updatedAt`: (string) time of update (format: date-time) ## API reference POST /v1/secrets POST /v1/teams/{teamId}/secrets ### Example request Request body ```curl curl --header "Content-Type: application/json" \ --header "Authorization: Bearer NORTHFLANK_API_TOKEN" \ --request POST \ --data '{"type":"secret","gitops":{"vcsService":"github","accountLogin":"github-user","repoUrl":"https://github.com/northflank-examples/remix-postgres-redis-demo","branch":"main","filePath":"/Dockerfile"}}' \ https://api.northflank.com/v1/secrets ``` ```javascript const payload = { "type": "secret", "gitops": { "vcsService": "github", "accountLogin": "github-user", "repoUrl": "https://github.com/northflank-examples/remix-postgres-redis-demo", "branch": "main", "filePath": "/Dockerfile" } } const response = await fetch('https://api.northflank.com/v1/secrets', { method: 'POST', headers: { 'Content-Type': 'application/json', 'Authorization': `Bearer ${NORTHFLANK_API_TOKEN}` }, body: JSON.stringify(payload) }) const json = await response.json() console.log(json) ``` ```python import requests url = "https://api.northflank.com/v1/secrets" payload = {"type":"secret","gitops":{"vcsService":"github","accountLogin":"github-user","repoUrl":"https://github.com/northflank-examples/remix-postgres-redis-demo","branch":"main","filePath":"/Dockerfile"}} headers = {"Content-Type": "application/json", "Authorization": "Bearer NORTHFLANK_API_TOKEN"} response = requests.request("POST", url, headers = headers, json = payload) print(response.json()) ``` ```go package main import ( "bytes" "fmt" "io/ioutil" "net/http" ) func main() { url := "https://api.northflank.com/v1/secrets" var jsonStr = []byte(`{"type":"secret","gitops":{"vcsService":"github","accountLogin":"github-user","repoUrl":"https://github.com/northflank-examples/remix-postgres-redis-demo","branch":"main","filePath":"/Dockerfile"}}`) req, err := http.NewRequest("POST", url, bytes.NewBuffer(jsonStr)) req.Header.Set("Content-Type", "application/json") req.Header.Set("Authorization", "Bearer NORTHFLANK_API_TOKEN") client := &http.Client{} resp, err := client.Do(req) if err != nil { panic(err) } defer resp.Body.Close() fmt.Println("Response status:", resp.Status) fmt.Println("Response headers:", resp.Header) body, _ := ioutil.ReadAll(resp.Body) fmt.Println("Response body:", string(body)) } ``` ### Example Response 200 OK: Details about the newly created secret. ```json { "data": { "type": "secret", "gitops": { "vcsService": "github", "accountLogin": "github-user", "repoUrl": "https://github.com/northflank-examples/remix-postgres-redis-demo", "branch": "main", "filePath": "/Dockerfile" } } } ``` ### Example Response 409 Conflict: There is already a secret with the same derived identifier ## CLI reference $ northflank create global-secret Options: - `-f --file `: Path to a JSON/YAML resource definition file - `-i --input `: JSON/YAML resource definition string (takes precedence over --file) - `--verbose `: Verbose output - `--quiet `: No console output - `-o --output `: Output formatting ```json { "type": "secret", "gitops": { "vcsService": "github", "accountLogin": "github-user", "repoUrl": "https://github.com/northflank-examples/remix-postgres-redis-demo", "branch": "main", "filePath": "/Dockerfile" } } ``` ### Example Response Details about the newly created secret. ```json { "type": "secret", "gitops": { "vcsService": "github", "accountLogin": "github-user", "repoUrl": "https://github.com/northflank-examples/remix-postgres-redis-demo", "branch": "main", "filePath": "/Dockerfile" } } ``` ## JavaScript client reference ### Example request Request body ```javascript await apiClient.create.globalSecret({ data: { "type": "secret", "gitops": { "vcsService": "github", "accountLogin": "github-user", "repoUrl": "https://github.com/northflank-examples/remix-postgres-redis-demo", "branch": "main", "filePath": "/Dockerfile" } } }); ``` ### Example Response Details about the newly created secret. ```json { "data": { "type": "secret", "gitops": { "vcsService": "github", "accountLogin": "github-user", "repoUrl": "https://github.com/northflank-examples/remix-postgres-redis-demo", "branch": "main", "filePath": "/Dockerfile" } }, "rawResponse": "...", "request": "...", "error": "..." } ``` Previous: [List global secrets](/docs/v1/api//team/secrets/list-global-secrets) Next: [Put global secret](/docs/v1/api//team/secrets/put-global-secret)