Introduction

With IBM Cloud® Secrets Manager, you can create, lease, and centrally manage secrets that are used in IBM Cloud services or your custom-built applications. Secrets are stored in a dedicated instance of Secrets Manager, built on open source HashiCorp Vault.

SDKs for Java, Node, Python, and Go are available to make it easier to programmatically access the API from your code. The client libraries that are provided by the SDKs implement best practices for using the API and reduce the amount of code that you need to write. The tab for each language includes code examples that demonstrate how to use the client libraries.

For more information about using the SDKs, see the IBM Cloud SDK Common project on GitHub. For more information about getting started with Secrets Manager, check out the docs.

Installing the Java SDK

Maven

<dependency>
    <groupId>com.ibm.cloud</groupId>
    <artifactId>secrets-manager-sdk</artifactId>
    <version>${version}</version>
</dependency>

Gradle

compile 'com.ibm.cloud:secrets-manager-sdk:${version}'

Replace {version} in these examples with the release version.

View on GitHub

Installing the Python SDK

pip install --upgrade "ibm-secrets-manager-sdk"

View on GitHub

Installing the Go SDK

Go modules (recommended): Add the following import in your code, and then run go build or go mod tidy

import (
  "github.com/IBM/secrets-manager-go-sdk/secretsmanagerv1"
)

Go get

go get -u github.com/IBM/secrets-manager-go-sdk

View on GitHub

Installing the Node SDK

npm install @ibm-cloud/secrets-manager

View on GitHub

Endpoint URLs

Secrets Manager supports instance-specific endpoint URLs that you can use to interact with the service over public or private service endpoints. To make requests to the API, you supply the instance ID that is unique to your Secrets Manager service instance.

You can copy your endpoint URL from the Endpoints page in the Secrets Manager service dashboard.

Endpoint URLs by location

  • Dallas: https://{instance_ID}.us-south.secrets-manager.appdomain.cloud
  • Frankfurt: https://{instance_ID}.eu-de.secrets-manager.appdomain.cloud
  • London: https://{instance_ID}.eu-gb.secrets-manager.appdomain.cloud
  • Sydney: https://{instance_ID}.au-syd.secrets-manager.appdomain.cloud
  • Tokyo: https://{instance_ID}.jp-tok.secrets-manager.appdomain.cloud
  • Washington DC: https://{instance_ID}.us-east.secrets-manager.appdomain.cloud

Secrets Manager supports instance-specific endpoint URLs that you can use to interact with the service over public or private service endpoints. To target your Secrets Manager service instance by using the Java SDK, use the setServiceUrl() method. You can copy your endpoint URL from the Endpoints page in the Secrets Manager service dashboard.

If you copy the endpoint URL from your Secrets Manager service dashboard, be sure to trim /api from the URL to use it with the SDK.

Endpoint URLs by location

  • Dallas: https://{instance_ID}.us-south.secrets-manager.appdomain.cloud
  • Frankfurt: https://{instance_ID}.eu-de.secrets-manager.appdomain.cloud
  • London: https://{instance_ID}.eu-gb.secrets-manager.appdomain.cloud
  • Sydney: https://{instance_ID}.au-syd.secrets-manager.appdomain.cloud
  • Tokyo: https://{instance_ID}.jp-tok.secrets-manager.appdomain.cloud
  • Washington DC: https://{instance_ID}.us-east.secrets-manager.appdomain.cloud

Secrets Manager supports instance-specific endpoint URLs that you can use to interact with the service over public or private service endpoints. To target your Secrets Manager service instance by using the Node.js SDK, use the serviceUrl parameter. You can copy your endpoint URL from the Endpoints page in the Secrets Manager service dashboard.

If you copy the endpoint URL from your Secrets Manager service dashboard, be sure to trim /api from the URL to use it with the SDK.

Endpoint URLs by location

  • Dallas: https://{instance_ID}.us-south.secrets-manager.appdomain.cloud
  • Frankfurt: https://{instance_ID}.eu-de.secrets-manager.appdomain.cloud
  • London: https://{instance_ID}.eu-gb.secrets-manager.appdomain.cloud
  • Sydney: https://{instance_ID}.au-syd.secrets-manager.appdomain.cloud
  • Tokyo: https://{instance_ID}.jp-tok.secrets-manager.appdomain.cloud
  • Washington DC: https://{instance_ID}.us-east.secrets-manager.appdomain.cloud

Secrets Manager supports instance-specific endpoint URLs that you can use to interact with the service over public or private service endpoints. To target your Secrets Manager service instance by using the Python SDK, use the set_service_url() method. You can copy your endpoint URL from the Endpoints page in the Secrets Manager service dashboard.

If you copy the endpoint URL from your Secrets Manager service dashboard, be sure to trim /api from the URL to use it with the SDK.

Endpoint URLs by location

  • Dallas: https://{instance_ID}.us-south.secrets-manager.appdomain.cloud
  • Frankfurt: https://{instance_ID}.eu-de.secrets-manager.appdomain.cloud
  • London: https://{instance_ID}.eu-gb.secrets-manager.appdomain.cloud
  • Sydney: https://{instance_ID}.au-syd.secrets-manager.appdomain.cloud
  • Tokyo: https://{instance_ID}.jp-tok.secrets-manager.appdomain.cloud
  • Washington DC: https://{instance_ID}.us-east.secrets-manager.appdomain.cloud

Secrets Manager supports instance-specific endpoint URLs that you can use to interact with the service over public or private service endpoints. To target your Secrets Manager service instance by using the Go SDK, use the URL parameter. You can copy your endpoint URL from the Endpoints page in the Secrets Manager service dashboard.

If you copy the endpoint URL from your Secrets Manager service dashboard, be sure to trim /api from the URL to use it with the SDK.

Endpoint URLs by location

  • Dallas: https://{instance_ID}.us-south.secrets-manager.appdomain.cloud
  • Frankfurt: https://{instance_ID}.eu-de.secrets-manager.appdomain.cloud
  • London: https://{instance_ID}.eu-gb.secrets-manager.appdomain.cloud
  • Sydney: https://{instance_ID}.au-syd.secrets-manager.appdomain.cloud
  • Tokyo: https://{instance_ID}.jp-tok.secrets-manager.appdomain.cloud
  • Washington DC: https://{instance_ID}.us-east.secrets-manager.appdomain.cloud

Base URL

https://{instance_ID}.{region}.secrets-manager.appdomain.cloud

Example for the Dallas location

import com.ibm.cloud.ibm_cloud_secrets_manager_api.v1.IbmCloudSecretsManagerApi;
import com.ibm.cloud.ibm_cloud_secrets_manager_api.v1.model.*;
import com.ibm.cloud.sdk.core.http.Response;
import com.ibm.cloud.sdk.core.security.IamAuthenticator;

import java.util.Collections;

// Create an IAM authenticator
IamAuthenticator iamAuthenticator = new IamAuthenticator.Builder()
        .apikey("<API_KEY>")
        .build();

// Construct the service client
IbmCloudSecretsManagerApi sm = new IbmCloudSecretsManagerApi(iamAuthenticator);

// Set the service URL
sm.setServiceUrl("https://{instance_ID}.us-south.secrets-manager.appdomain.cloud");

Example for the Dallas location

const IbmCloudSecretsManagerApiV1 =  require('@ibm-cloud/secrets-manager/ibm-cloud-secrets-manager-api/v1');
const { IamAuthenticator } = require('@ibm-cloud/secrets-manager/auth');

const secretsManagerApi = new IbmCloudSecretsManagerApiV1({
  authenticator = new IamAuthenticator({
    apikey: '<API_KEY>',
  }),
  serviceUrl: 'https://{instance_ID}.us-south.secrets-manager.appdomain.cloud',
});

Example for the Dallas location

from ibm_cloud_sdk_core.authenticators.iam_authenticator import IAMAuthenticator
from ibm_secrets_manager_sdk.secrets_manager_v1 import *

secretsManager = IbmCloudSecretsManagerApiV1(
    authenticator=IAMAuthenticator(apikey='<API_KEY>')
)

secretsManager.set_service_url('https://{instance_ID}.us-south.secrets-manager.appdomain.cloud')

Example for the Dallas location

import (
    "encoding/json"
    "fmt"
    "github.com/IBM/go-sdk-core/v4/core"
    sm "github.com/IBM/secrets-manager-go-sdk/ibm-cloud-secrets-manager-api-v1"
)

func main() {

    secretsManagerApi, err := sm.NewIbmCloudSecretsManagerApiV1(&sm.IbmCloudSecretsManagerApiV1Options {
        URL: "https://{instance_ID}.us-south.secrets-manager.appdomain.cloud",
        Authenticator: & core.IamAuthenticator {
            ApiKey: "<API_KEY>",
        },
    })

    if err != nil {
        panic(err)
    }
}

Authentication

Authorization to the Secrets Manager API is enforced by using an IBM Cloud Identity and Access Management (IAM) access token. The token is used to determine the actions that a user or service ID has access to when they use the API.

To work with the API, include a valid IAM token in each outgoing request to the service. You can generate an access token by first creating an API key and then exchanging your API key for an IBM Cloud IAM token.

Don't have an API key? Try running ibmcloud iam oauth-tokens in the IBM Cloud Shell to quickly generate a personal access token.

To generate an access token from your API key, use the following cURL command.

curl -X POST \
  "https://iam.cloud.ibm.com/identity/token" \
  --header 'Content-Type: application/x-www-form-urlencoded' \
  --header 'Accept: application/json' \
  --data-urlencode 'grant_type=urn:ibm:params:oauth:grant-type:apikey' \
  --data-urlencode 'apikey=<API_KEY>'

Replace <API_KEY> with your IBM Cloud API key.

When you use the SDK, configure an IAM authenticator with an IBM Cloud IAM API key. The authenticator automatically obtains the IAM access token for the API key and includes it with each request. You can configure an authenticator in either of two ways:

  • Programmatically by constructing an IAM authenticator instance and supplying your IAM API key
  • By defining the API key in external configuration properties and then using the SDK authenticator factory to construct an IAM authenticator that uses the configured IAM API key

For more information, see the Authentication section of the IBM Cloud SDK Common documentation.

Example API request

curl -X {request_method} "{base_url}/api/v1/{method_endpoint}" --header "Authorization: Bearer {IAM_token}"

Replace {IAM_token} with your access token.

Constructing the service client

import com.ibm.cloud.ibm_cloud_secrets_manager_api.v1.IbmCloudSecretsManagerApi;
import com.ibm.cloud.ibm_cloud_secrets_manager_api.v1.model.*;
import com.ibm.cloud.sdk.core.http.Response;
import com.ibm.cloud.sdk.core.security.IamAuthenticator;

import java.util.Collections;

IamAuthenticator iamAuthenticator = new IamAuthenticator.Builder()
        .apikey("<API_KEY>")
        .build();

IbmCloudSecretsManagerApi sm = new IbmCloudSecretsManagerApi(iamAuthenticator);

sm.setServiceUrl("<URL>");

Replace <API_KEY> with your IBM Cloud API key. Replace <URL> with the endpoint URL for your instance. Invoke service operations by using the sm variable.

Constructing the service client

from ibm_cloud_sdk_core.authenticators.iam_authenticator import IAMAuthenticator
from ibm_secrets_manager_sdk.secrets_manager_v1 import *

secretsManager = IbmCloudSecretsManagerApiV1(
    authenticator=IAMAuthenticator(apikey='<API_KEY>')
)

secretsManager.set_service_url('<URL>')

Replace <API_KEY> with your IBM Cloud API key. Replace <URL> with the endpoint URL for your instance.

Constructing the service client

import (
    "encoding/json"
    "fmt"
    "github.com/IBM/go-sdk-core/v4/core"
    sm "github.com/IBM/secrets-manager-go-sdk/ibm-cloud-secrets-manager-api-v1"
)

func main() {

    secretsManagerApi, err := sm.NewIbmCloudSecretsManagerApiV1(&sm.IbmCloudSecretsManagerApiV1Options {
        URL: "<URL>",
        Authenticator: & core.IamAuthenticator {
            ApiKey: "<API_KEY>",
        },
    })

    if err != nil {
        panic(err)
    }
}

Replace <API_KEY> with your IBM Cloud API key. Replace <URL> with the endpoint URL for your instance.

Constructing the service client

const IbmCloudSecretsManagerApiV1 =  require('@ibm-cloud/secrets-manager/ibm-cloud-secrets-manager-api/v1');
const { IamAuthenticator } = require('@ibm-cloud/secrets-manager/auth');

const secretsManagerApi = new IbmCloudSecretsManagerApiV1({
  authenticator = new IamAuthenticator({
    apikey: '<API_KEY>',
  }),
  serviceUrl: '<URL>',
});

Replace <API_KEY> with your IBM Cloud API key. Replace <URL> with the endpoint URL for your instance.

Auditing

You can monitor API activity within your account by using the IBM Cloud Activity Tracker service. Whenever an API method is called, an event is generated that you can then track and audit from within Activity Tracker. The specific event type is listed for each individual method.

For more information about how to track Secrets Manager activity, see Auditing events for Secrets Manager.

Error handling

The Secrets Manager APIs use standard HTTP status codes to indicate whether a method completed successfully. HTTP response codes in the 2xx range indicate success. A response in the 4xx range is some sort of failure, and a response in the 5xx range usually indicates an internal system error.

Status code summary
Status code Description
200 OK Everything worked as expected.
201 OK Everything worked as expected. No content is returned.
400 Bad Request The request was unsuccessful, often due to a missing required parameter.
401 Unauthorized The parameters were valid but the request failed due insufficient permissions.
404 Not Found The requested resource doesn't exist.
409 Conflict The requested resource conflicts with an already existing resource.
410 Gone The requested resource was deleted and no longer exists.
429 Too Many Requests Too many requests hit the API too quickly.
500 Internal Server Error Something went wrong on Secrets Manager's end.

Example error handling

secretsManagerApi.method(params)
  .catch(err => {
    console.log('Error:', err);
  });

Example error handling

import "github.com/IBM/secrets-manager-go-sdk/ibm-cloud-secrets-manager-api-v1"

// Instantiate a service
secretsManagerApi, err := sm.NewIbmCloudSecretsManagerV1(options)

// Check for errors
if err != nil {
  panic(err)
}

// Call a method
result, response, err := secretsManagerApi.MethodName(&methodOptions)

// Check for errors
if err != nil {
  panic(err)
}

Pagination

Some API requests might return a large number of results. To avoid performance issues, the Secrets Manager API returns one page of results at a time, with a limited number of results on each page.

The default page size is 200 objects. To use a different page size, use the limit query parameter.

Rate limiting

Secrets Manager limits API requests to 20 requests per second on a per-service-instance basis.

If the number of requests reaches the request limit (20 requests) within the specified time window (1 second), no further requests are accepted until a timer expires. After the timer expires, a new time window begins with the next accepted request.

An HTTP status code of 429 indicates that the rate limit has been exceeded. If you exceed the rate limit, the API also sends the following response header that you can use to determine how long to wait before sending another request.

  • Retry-After: The number of seconds to delay after the response is received before making a follow-up request.

To access the Retry-After response header, you can supply the the --include (-i) option in your cURL request. For example, curl --include -X {request_method} "{base_url}/api/v1/{method_endpoint}".

Change log

For the latest changes, improvements, and updates for this API, see the API change log.

Methods

Create a secret group

Creates a secret group that you can use to organize secrets and control who on your team has access to them.

A successful request returns the ID value of the secret group, along with other metadata. To learn more about secret groups, check out the docs.

Creates a secret group that you can use to organize secrets and control who on your team has access to them.

A successful request returns the ID value of the secret group, along with other metadata. To learn more about secret groups, check out the docs.

Creates a secret group that you can use to organize secrets and control who on your team has access to them.

A successful request returns the ID value of the secret group, along with other metadata. To learn more about secret groups, check out the docs.

Creates a secret group that you can use to organize secrets and control who on your team has access to them.

A successful request returns the ID value of the secret group, along with other metadata. To learn more about secret groups, check out the docs.

Creates a secret group that you can use to organize secrets and control who on your team has access to them.

A successful request returns the ID value of the secret group, along with other metadata. To learn more about secret groups, check out the docs.

POST /api/v1/secret_groups
ServiceCall<SecretGroupDef> createSecretGroup(CreateSecretGroupOptions createSecretGroupOptions)
createSecretGroup(params)
create_secret_group(self,
        metadata: 'CollectionMetadata',
        resources: List['SecretGroupResource'],
        **kwargs
    ) -> DetailedResponse
(secretsManager *SecretsManagerV1) CreateSecretGroup(createSecretGroupOptions *CreateSecretGroupOptions) (result *SecretGroupDef, response *core.DetailedResponse, err error)
(secretsManager *SecretsManagerV1) CreateSecretGroupWithContext(ctx context.Context, createSecretGroupOptions *CreateSecretGroupOptions) (result *SecretGroupDef, response *core.DetailedResponse, err error)

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > name > Access policies.

  • secrets-manager.secret-group.create

Auditing

Calling this method generates the following auditing event.

  • secrets-manager.secret-group.create

Rate limit

This operation is limited to 20 requests per 1 second per service instance.

Request

Use the CreateSecretGroupOptions.Builder to create a CreateSecretGroupOptions object that contains the parameter values for the createSecretGroup method.

Instantiate the CreateSecretGroupOptions struct and set the fields to provide parameter values for the CreateSecretGroup method.

Properties that describe a secret group.

Examples:
View

The createSecretGroup options.

parameters

  • The metadata that describes the resource array.

  • A collection of resources.

    Examples:
    value
    _source
    _lines
    _html

parameters

  • The metadata that describes the resource array.

  • A collection of resources.

    Examples:
    value
    _source
    _lines
    _html

WithContext method only

The CreateSecretGroup options.

  • curl -X POST "{base_url}/api/v1/secret_groups" \  
      -H "Authorization: Bearer {IAM_token}"   -H "Accept: application/json"   -H "Content-Type: application/json"   -d '{ 
        "metadata": { 
          "collection_type": "application/vnd.ibm.secrets-manager.secret.group+json", 
          "collection_total": 1 
        }, 
        "resources": [ 
          { 
            "name": "example-secret-group", 
            "description": "Extended description for my secret group."
          } 
        ] 
      }'
  • CollectionMetadata collectionMetadataModel = new CollectionMetadata.Builder()
      .collectionType("application/vnd.ibm.secrets-manager.secret.group+json")
      .collectionTotal(Long.valueOf("1"))
      .build();
    SecretGroupResource secretGroupResourceModel = new SecretGroupResource.Builder()
      .name("my-secret-group")
      .description("Extended description for this group.")
      .add("foo", "testString")
      .build();
    CreateSecretGroupOptions createSecretGroupOptions = new CreateSecretGroupOptions.Builder()
      .metadata(collectionMetadataModel)
      .resources(new java.util.ArrayList<SecretGroupResource>(java.util.Arrays.asList(secretGroupResourceModel)))
      .build();
    
    Response<SecretGroupDef> response = sm.createSecretGroup(createSecretGroupOptions).execute();
    SecretGroupDef secretGroupDef = response.getResult();
    
    System.out.println(secretGroupDef);
  • const params = {
      'metadata': {
        'collection_type': 'application/vnd.ibm.secrets-manager.secret.group+json',
        'collection_total': 1,
      },
      'resources': [
        {
          'name': 'my-secret-group',
          'description': 'Extended description for my secret group.'
        },
      ],
    };
    
    secretsManagerApi.createSecretGroup(params)
      .then(res => {
        console.log('Create secret group:\n', JSON.stringify(result.resources, null, 2));
        })
      .catch(err => {
        console.warn(err)
      });
  • collection_metadata = {
        'collection_type': 'application/vnd.ibm.secrets-manager.secret.group+json',
        'collection_total': 1
    }
    
    secret_group_resource = {
        'name': 'my-secret-group',
        'description': 'Extended description for this group.'
    }
    
    response = secretsManager.create_secret_group(
        metadata={'collection_type':'application/vnd.ibm.secrets-manager.secret.group+json','collection_total':1},
        resources=[secret_group_resource]
    ).get_result()
    
    print(json.dumps(response, indent=2))             
  • collectionMetadata := &sm.CollectionMetadata{
        CollectionType: core.StringPtr("application/vnd.ibm.secrets-manager.secret.group+json"),
        CollectionTotal: core.Int64Ptr(int64(1)),
    }
    
    secretGroupResource := &sm.SecretGroupResource{
        Name: core.StringPtr("my-secret-group"),
        Description: core.StringPtr("Extended description for this group."),
    }
    
    createSecretGroupOptions := secretsManagerApi.NewCreateSecretGroupOptions(
        collectionMetadata, []sm.SecretGroupResource{*secretGroupResource},
    )
    
    result, response, err := secretsManagerApi.CreateSecretGroup(createSecretGroupOptions)
    if err != nil {
        panic(err)
    }
    
    b, _ := json.MarshalIndent(result, "", "  ")
    fmt.Println(string(b))    
    
    secretGroupIdLink = *result.;

Response

Properties that describe a secret group.

Properties that describe a secret group.

Properties that describe a secret group.

Properties that describe a secret group.

Properties that describe a secret group.

Status Code

  • The secret group was successfully created.

  • Bad Request

  • Unauthorized

  • Forbidden

  • Too Many Requests

Example responses
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.secret.group+json",
        "collection_total": 1
      },
      "resources": [
        {
          "creation_date": "2020-10-05T21:33:11Z",
          "description": "Extended description of this group.",
          "id": "bc656587-8fda-4d05-9ad8-b1de1ec7e712",
          "name": "my-secret-group",
          "type": "application/vnd.ibm.secrets-manager.secret.group+json",
          "last_update_date": "2020-10-05T21:33:11Z"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.secret.group+json",
        "collection_total": 1
      },
      "resources": [
        {
          "creation_date": "2020-10-05T21:33:11Z",
          "description": "Extended description of this group.",
          "id": "bc656587-8fda-4d05-9ad8-b1de1ec7e712",
          "name": "my-secret-group",
          "type": "application/vnd.ibm.secrets-manager.secret.group+json",
          "last_update_date": "2020-10-05T21:33:11Z"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Malformed parameter"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05055",
          "message": "Malformed parameter"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Malformed parameter"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05055",
          "message": "Malformed parameter"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Unauthorized"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05162",
          "message": "Unauthorized"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Unauthorized"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05162",
          "message": "Unauthorized"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Forbidden"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05113",
          "message": "Forbidden"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Forbidden"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05113",
          "message": "Forbidden"
        }
      ]
    }
  • error code: 1015
  • error code: 1015

List secret groups

Retrieves the list of secret groups that are available in your Secrets Manager instance.

Retrieves the list of secret groups that are available in your Secrets Manager instance.

Retrieves the list of secret groups that are available in your Secrets Manager instance.

Retrieves the list of secret groups that are available in your Secrets Manager instance.

Retrieves the list of secret groups that are available in your Secrets Manager instance.

GET /api/v1/secret_groups
ServiceCall<SecretGroupDef> listSecretGroups()
listSecretGroups(params)
list_secret_groups(self,
        **kwargs
    ) -> DetailedResponse
(secretsManager *SecretsManagerV1) ListSecretGroups(listSecretGroupsOptions *ListSecretGroupsOptions) (result *SecretGroupDef, response *core.DetailedResponse, err error)
(secretsManager *SecretsManagerV1) ListSecretGroupsWithContext(ctx context.Context, listSecretGroupsOptions *ListSecretGroupsOptions) (result *SecretGroupDef, response *core.DetailedResponse, err error)

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > name > Access policies.

  • secrets-manager.secret-groups.list

Auditing

Calling this method generates the following auditing event.

  • secrets-manager.secret-groups.list

Rate limit

This operation is limited to 20 requests per 1 second per service instance.

Request

No Request Parameters

This method does not accept any request parameters.

No Request Parameters

This method does not accept any request parameters.

No Request Parameters

This method does not accept any request parameters.

No Request Parameters

This method does not accept any request parameters.

WithContext method only

No Request Parameters

This method does not accept any request parameters.

  • curl -X GET "{base_url}/api/v1/secret_groups"   -H "Authorization: Bearer {IAM_token}"   -H "Accept: application/json"
  • ListSecretGroupsOptions listSecretGroupsOptions = new ListSecretGroupsOptions();
    
    Response<SecretGroupDef> response = sm.listSecretGroups(listSecretGroupsOptions).execute();
    SecretGroupDef secretGroupDef = response.getResult();
    
    System.out.println(secretGroupDef);
  • secretsManagerApi.listSecretGroups()
      .then(res => {
        console.log('List secret groups:\n', JSON.stringify(result.resources, null, 2));
        })
      .catch(err => {
        console.warn(err)
      });
  • response = secretsManager.list_secret_groups().get_result()
    
    print(json.dumps(response, indent=2))
  • listSecretGroupsOptions := secretsManagerApi.NewListSecretGroupsOptions()
    
    result, response, err := secretsManagerApi.ListSecretGroups(listSecretGroupsOptions)
    if err != nil {
        panic(err)
    }
    
    b, _ := json.MarshalIndent(result, "", "  ")
    fmt.Println(string(b))  

Response

Properties that describe a secret group.

Properties that describe a secret group.

Properties that describe a secret group.

Properties that describe a secret group.

Properties that describe a secret group.

Status Code

  • The list of secret groups was successfully retrieved.

  • Bad Request

  • Unauthorized

  • Forbidden

  • Too Many Requests

Example responses
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.secret.group+json",
        "collection_total": 2
      },
      "resources": [
        {
          "creation_date": "2020-10-05T21:33:11Z",
          "description": "Extended description for this group.",
          "id": "bc656587-8fda-4d05-9ad8-b1de1ec7e712",
          "name": "my-secret-group",
          "last_update_date": "2020-11-25T22:13:10Z"
        },
        {
          "creation_date": "2020-10-05T22:05:15Z",
          "description": "Extended description for this group.",
          "id": "19f88b9c-4f2f-405c-b877-a09338575c3f",
          "name": "my-second-secret-group",
          "last_update_date": "2020-11-25T22:13:10Z"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.secret.group+json",
        "collection_total": 2
      },
      "resources": [
        {
          "creation_date": "2020-10-05T21:33:11Z",
          "description": "Extended description for this group.",
          "id": "bc656587-8fda-4d05-9ad8-b1de1ec7e712",
          "name": "my-secret-group",
          "last_update_date": "2020-11-25T22:13:10Z"
        },
        {
          "creation_date": "2020-10-05T22:05:15Z",
          "description": "Extended description for this group.",
          "id": "19f88b9c-4f2f-405c-b877-a09338575c3f",
          "name": "my-second-secret-group",
          "last_update_date": "2020-11-25T22:13:10Z"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Malformed parameter"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05055",
          "message": "Malformed parameter"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Malformed parameter"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05055",
          "message": "Malformed parameter"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Unauthorized"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05162",
          "message": "Unauthorized"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Unauthorized"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05162",
          "message": "Unauthorized"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Forbidden"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05113",
          "message": "Forbidden"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Forbidden"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05113",
          "message": "Forbidden"
        }
      ]
    }
  • error code: 1015
  • error code: 1015

Get a secret group

Retrieves the metadata of an existing secret group by specifying the ID of the group.

Retrieves the metadata of an existing secret group by specifying the ID of the group.

Retrieves the metadata of an existing secret group by specifying the ID of the group.

Retrieves the metadata of an existing secret group by specifying the ID of the group.

Retrieves the metadata of an existing secret group by specifying the ID of the group.

GET /api/v1/secret_groups/{id}
ServiceCall<SecretGroupDef> getSecretGroup(GetSecretGroupOptions getSecretGroupOptions)
getSecretGroup(params)
get_secret_group(self,
        id: str,
        **kwargs
    ) -> DetailedResponse
(secretsManager *SecretsManagerV1) GetSecretGroup(getSecretGroupOptions *GetSecretGroupOptions) (result *SecretGroupDef, response *core.DetailedResponse, err error)
(secretsManager *SecretsManagerV1) GetSecretGroupWithContext(ctx context.Context, getSecretGroupOptions *GetSecretGroupOptions) (result *SecretGroupDef, response *core.DetailedResponse, err error)

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > name > Access policies.

  • secrets-manager.secret-group.read

Auditing

Calling this method generates the following auditing event.

  • secrets-manager.secret-group.read

Rate limit

This operation is limited to 20 requests per 1 second per service instance.

Request

Use the GetSecretGroupOptions.Builder to create a GetSecretGroupOptions object that contains the parameter values for the getSecretGroup method.

Instantiate the GetSecretGroupOptions struct and set the fields to provide parameter values for the GetSecretGroup method.

Path Parameters

  • The v4 UUID that uniquely identifies the secret group.

    Possible values: Value must match regular expression [0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}

The getSecretGroup options.

parameters

  • The v4 UUID that uniquely identifies the secret group.

    Possible values: Value must match regular expression /[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/

parameters

  • The v4 UUID that uniquely identifies the secret group.

    Possible values: Value must match regular expression /[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/

WithContext method only

The GetSecretGroup options.

  • curl -X GET "{base_url}/api/v1/secret_groups/{id}"   -H "Authorization: Bearer {IAM_token}"   -H "Accept: application/json"
  • GetSecretGroupOptions getSecretGroupOptions = new GetSecretGroupOptions.Builder()
      .id(secretGroupIdLink)
      .build();
    
    Response<SecretGroupDef> response = sm.getSecretGroup(getSecretGroupOptions).execute();
    SecretGroupDef secretGroupDef = response.getResult();
    
    System.out.println(secretGroupDef);
  • const params = {
      id: secretGroupId,
    };
    
    secretsManagerApi.getSecretGroup(params)
      .then(res => {
        console.log('Get secret group:\n', JSON.stringify(result.resources, null, 2));
        })
      .catch(err => {
        console.warn(err)
      });
  • response = secretsManager.get_secret_group(
        id=secret_group_id_link
    ).get_result()
    
    print(json.dumps(response, indent=2))
  • getSecretGroupOptions := secretsManagerApi.NewGetSecretGroupOptions(
        secretGroupIdLink,
    )
    
    result, response, err := secretsManagerApi.GetSecretGroup(getSecretGroupOptions)
    if err != nil {
        panic(err)
    }
    
    b, _ := json.MarshalIndent(result, "", "  ")
    fmt.Println(string(b))

Response

Properties that describe a secret group.

Properties that describe a secret group.

Properties that describe a secret group.

Properties that describe a secret group.

Properties that describe a secret group.

Status Code

  • The secret group was successfully retrieved.

  • Bad Request

  • Unauthorized

  • Forbidden

  • Not Found

  • Too Many Requests

Example responses
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.secret.group+json",
        "collection_total": 1
      },
      "resources": [
        {
          "creation_date": "2020-10-05T21:33:11Z",
          "description": "Extended description for this group.",
          "id": "bc656587-8fda-4d05-9ad8-b1de1ec7e712",
          "name": "my-secret-group",
          "type": "application/vnd.ibm.secrets-manager.secret.group+json",
          "last_update_date": "2020-11-25T22:13:10Z"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.secret.group+json",
        "collection_total": 1
      },
      "resources": [
        {
          "creation_date": "2020-10-05T21:33:11Z",
          "description": "Extended description for this group.",
          "id": "bc656587-8fda-4d05-9ad8-b1de1ec7e712",
          "name": "my-secret-group",
          "type": "application/vnd.ibm.secrets-manager.secret.group+json",
          "last_update_date": "2020-11-25T22:13:10Z"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Malformed parameter"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05055",
          "message": "Malformed parameter"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Malformed parameter"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05055",
          "message": "Malformed parameter"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Unauthorized"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05162",
          "message": "Unauthorized"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Unauthorized"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05162",
          "message": "Unauthorized"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Forbidden"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05113",
          "message": "Forbidden"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Forbidden"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05113",
          "message": "Forbidden"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Not Found"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05105",
          "message": "Not Found"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Not Found"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05105",
          "message": "Not Found"
        }
      ]
    }
  • error code: 1015
  • error code: 1015

Update a secret group

Updates the metadata of an existing secret group, such as its name or description.

Updates the metadata of an existing secret group, such as its name or description.

Updates the metadata of an existing secret group, such as its name or description.

Updates the metadata of an existing secret group, such as its name or description.

Updates the metadata of an existing secret group, such as its name or description.

PUT /api/v1/secret_groups/{id}
ServiceCall<SecretGroupDef> updateSecretGroupMetadata(UpdateSecretGroupMetadataOptions updateSecretGroupMetadataOptions)
updateSecretGroupMetadata(params)
update_secret_group_metadata(self,
        id: str,
        metadata: 'CollectionMetadata',
        resources: List['SecretGroupMetadataUpdatable'],
        **kwargs
    ) -> DetailedResponse
(secretsManager *SecretsManagerV1) UpdateSecretGroupMetadata(updateSecretGroupMetadataOptions *UpdateSecretGroupMetadataOptions) (result *SecretGroupDef, response *core.DetailedResponse, err error)
(secretsManager *SecretsManagerV1) UpdateSecretGroupMetadataWithContext(ctx context.Context, updateSecretGroupMetadataOptions *UpdateSecretGroupMetadataOptions) (result *SecretGroupDef, response *core.DetailedResponse, err error)

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > name > Access policies.

  • secrets-manager.secret-group.update

Auditing

Calling this method generates the following auditing event.

  • secrets-manager.secret-group.update

Rate limit

This operation is limited to 20 requests per 1 second per service instance.

Request

Use the UpdateSecretGroupMetadataOptions.Builder to create a UpdateSecretGroupMetadataOptions object that contains the parameter values for the updateSecretGroupMetadata method.

Instantiate the UpdateSecretGroupMetadataOptions struct and set the fields to provide parameter values for the UpdateSecretGroupMetadata method.

Path Parameters

  • The v4 UUID that uniquely identifies the secret group.

    Possible values: Value must match regular expression [0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}

Properties that describe a secret group.

Examples:
View

The updateSecretGroupMetadata options.

parameters

  • The v4 UUID that uniquely identifies the secret group.

    Possible values: Value must match regular expression /[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/

  • The metadata that describes the resource array.

  • A collection of resources.

    Examples:
    value
    _source
    _lines
    _html

parameters

  • The v4 UUID that uniquely identifies the secret group.

    Possible values: Value must match regular expression /[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/

  • The metadata that describes the resource array.

  • A collection of resources.

    Examples:
    value
    _source
    _lines
    _html

WithContext method only

The UpdateSecretGroupMetadata options.

  • curl -X PUT "{base_url}/api/v1/secret_groups/{id}"   -H "Authorization: Bearer {IAM_token}"   -H "Accept: application/json"   -H "Content-Type: application/json"   -d '{
        "metadata": {
          "collection_type': "application/vnd.ibm.secrets-manager.secret.group+json",
          "collection_total": 1,
        },
        "resources": [
          {
            "name": "updated-secret-group-name",
            "description": "Updated description for my secret group."
          }
        ]
      }'
  • CollectionMetadata collectionMetadataModel = new CollectionMetadata.Builder()
      .collectionType("application/vnd.ibm.secrets-manager.secret.group+json")
      .collectionTotal(Long.valueOf("1"))
      .build();
    SecretGroupMetadataUpdatable secretGroupMetadataUpdatableModel = new SecretGroupMetadataUpdatable.Builder()
      .name("updated-secret-group-name")
      .description("Updated description for this group.")
      .build();
    UpdateSecretGroupMetadataOptions updateSecretGroupMetadataOptions = new UpdateSecretGroupMetadataOptions.Builder()
      .id(secretGroupIdLink)
      .metadata(collectionMetadataModel)
      .resources(new java.util.ArrayList<SecretGroupMetadataUpdatable>(java.util.Arrays.asList(secretGroupMetadataUpdatableModel)))
      .build();
    
    Response<SecretGroupDef> response = sm.updateSecretGroupMetadata(updateSecretGroupMetadataOptions).execute();
    SecretGroupDef secretGroupDef = response.getResult();
    
    System.out.println(secretGroupDef);
  • const params = {
      id: secretGroupId,
      'metadata': {
        'collection_type': 'application/vnd.ibm.secrets-manager.secret.group+json',
        'collection_total': 1,
      },
      'resources': [
        {
          'name': 'my-updated-secret-group',
          'description': 'Updated description for my secret group.'
        },
      ],
    };
    
    secretsManagerApi.updateSecretGroupMetadata(params)
      .then(res => {
        console.log('Update secret group:\n', JSON.stringify(result.resources, null, 2));
        })
      .catch(err => {
        console.warn(err)
      });
  • collection_metadata = {
        'collection_type': 'application/vnd.ibm.secrets-manager.secret.group+json',
        'collection_total': 1
    }
    
    secret_group_metadata = {
        'name': 'updated-secret-group-name',
        'description': 'Updated description for this group.'
    }
    
    response = secretsManager.update_secret_group_metadata(
        id=secret_group_id_link,
        metadata={'collection_type':'application/vnd.ibm.secrets-manager.secret.group+json','collection_total':1},
        resources=[secret_group_metadata]
    ).get_result()
    
    print(json.dumps(response, indent=2))
  • collectionMetadata := &sm.CollectionMetadata{
        CollectionType: core.StringPtr("application/vnd.ibm.secrets-manager.secret.group+json"),
        CollectionTotal: core.Int64Ptr(int64(1)),
    }
    
    secretGroupMetadata := &sm.SecretGroupMetadataUpdatable{
        Name: core.StringPtr("updated-secret-group-name"),
        Description: core.StringPtr("Updated description for this group."),
    }
    
    updateSecretGroupMetadataOptions := secretsManagerApi.NewUpdateSecretGroupMetadataOptions(
        secretGroupIdLink, collectionMetadata, []sm.SecretGroupMetadataUpdatable{*secretGroupMetadata},
    )
    
    result, response, err := secretsManagerApi.UpdateSecretGroupMetadata(updateSecretGroupMetadataOptions)
    if err != nil {
        panic(err)
    }
    
    b, _ := json.MarshalIndent(result, "", "  ")
    fmt.Println(string(b)) 

Response

Properties that describe a secret group.

Properties that describe a secret group.

Properties that describe a secret group.

Properties that describe a secret group.

Properties that describe a secret group.

Status Code

  • The secret group was successfully updated.

  • Bad Request

  • Unauthorized

  • Forbidden

  • Not Found

  • Too Many Requests

Example responses
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.secret.group+json",
        "collection_total": 1
      },
      "resources": [
        {
          "creation_date": "2020-10-05T21:33:11Z",
          "description": "Updated description for this group.",
          "id": "bc656587-8fda-4d05-9ad8-b1de1ec7e712",
          "name": "updated-secret-group-name",
          "type": "application/vnd.ibm.secrets-manager.secret.group+json",
          "last_update_date": "2020-11-25T22:13:10Z"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.secret.group+json",
        "collection_total": 1
      },
      "resources": [
        {
          "creation_date": "2020-10-05T21:33:11Z",
          "description": "Updated description for this group.",
          "id": "bc656587-8fda-4d05-9ad8-b1de1ec7e712",
          "name": "updated-secret-group-name",
          "type": "application/vnd.ibm.secrets-manager.secret.group+json",
          "last_update_date": "2020-11-25T22:13:10Z"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Malformed parameter"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05055",
          "message": "Malformed parameter"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Malformed parameter"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05055",
          "message": "Malformed parameter"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Unauthorized"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05162",
          "message": "Unauthorized"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Unauthorized"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05162",
          "message": "Unauthorized"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Forbidden"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05113",
          "message": "Forbidden"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Forbidden"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05113",
          "message": "Forbidden"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Not Found"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05105",
          "message": "Not Found"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Not Found"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05105",
          "message": "Not Found"
        }
      ]
    }
  • error code: 1015
  • error code: 1015

Delete a secret group

Deletes a secret group by specifying the ID of the secret group.

Note: To delete a secret group, it must be empty. If you need to remove a secret group that contains secrets, you must first delete the secrets that are associated with the group.

Deletes a secret group by specifying the ID of the secret group.

Note: To delete a secret group, it must be empty. If you need to remove a secret group that contains secrets, you must first delete the secrets that are associated with the group.

Deletes a secret group by specifying the ID of the secret group.

Note: To delete a secret group, it must be empty. If you need to remove a secret group that contains secrets, you must first delete the secrets that are associated with the group.

Deletes a secret group by specifying the ID of the secret group.

Note: To delete a secret group, it must be empty. If you need to remove a secret group that contains secrets, you must first delete the secrets that are associated with the group.

Deletes a secret group by specifying the ID of the secret group.

Note: To delete a secret group, it must be empty. If you need to remove a secret group that contains secrets, you must first delete the secrets that are associated with the group.

DELETE /api/v1/secret_groups/{id}
ServiceCall<Void> deleteSecretGroup(DeleteSecretGroupOptions deleteSecretGroupOptions)
deleteSecretGroup(params)
delete_secret_group(self,
        id: str,
        **kwargs
    ) -> DetailedResponse
(secretsManager *SecretsManagerV1) DeleteSecretGroup(deleteSecretGroupOptions *DeleteSecretGroupOptions) (response *core.DetailedResponse, err error)
(secretsManager *SecretsManagerV1) DeleteSecretGroupWithContext(ctx context.Context, deleteSecretGroupOptions *DeleteSecretGroupOptions) (response *core.DetailedResponse, err error)

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > name > Access policies.

  • secrets-manager.secret-group.delete

Auditing

Calling this method generates the following auditing event.

  • secrets-manager.secret-group.delete

Rate limit

This operation is limited to 20 requests per 1 second per service instance.

Request

Use the DeleteSecretGroupOptions.Builder to create a DeleteSecretGroupOptions object that contains the parameter values for the deleteSecretGroup method.

Instantiate the DeleteSecretGroupOptions struct and set the fields to provide parameter values for the DeleteSecretGroup method.

Path Parameters

  • The v4 UUID that uniquely identifies the secret group.

    Possible values: Value must match regular expression [0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}

The deleteSecretGroup options.

parameters

  • The v4 UUID that uniquely identifies the secret group.

    Possible values: Value must match regular expression /[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/

parameters

  • The v4 UUID that uniquely identifies the secret group.

    Possible values: Value must match regular expression /[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/

WithContext method only

The DeleteSecretGroup options.

  • curl -X DELETE "{base_url}/api/v1/secret_groups/{id}"   -H "Authorization: Bearer {IAM_token}"   -H "Accept: application/json"
  • DeleteSecretGroupOptions deleteSecretGroupOptions = new DeleteSecretGroupOptions.Builder()
      .id(secretGroupIdLink)
      .build();
    
    service.deleteSecretGroup(deleteSecretGroupOptions).execute();
  • const params = {
      id: secretGroupId,
    };
    
    secretsManagerApi.deleteSecretGroup(params)
      .then(res => {
        console.log('Secret group deleted');
        })
      .catch(err => {
        console.warn(err)
      });
  • response = secretsManager.delete_secret_group(
        id=secret_group_id_link
    ).get_result()
    
    print(json.dumps(response, indent=2))
  • deleteSecretGroupOptions := secretsManagerApi.NewDeleteSecretGroupOptions(
        secretGroupIdLink,
    )
    
    response, err := secretsManagerApi.DeleteSecretGroup(deleteSecretGroupOptions)
    if err != nil {
        panic(err)
    }

Response

Status Code

  • The secret group was successfully deleted.

  • Unauthorized

  • Forbidden

  • Not Found

  • Too Many Requests

Example responses
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Unauthorized"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05162",
          "message": "Unauthorized"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Unauthorized"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05162",
          "message": "Unauthorized"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Forbidden"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05113",
          "message": "Forbidden"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Forbidden"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05113",
          "message": "Forbidden"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Not Found"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05105",
          "message": "Not Found"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Not Found"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05105",
          "message": "Not Found"
        }
      ]
    }
  • error code: 1015
  • error code: 1015

Create a secret

Creates a secret or imports an existing value that you can use to access or authenticate to a protected resource.

Use this method to either generate or import an existing secret, such as an arbitrary value or a TLS certificate, that you can manage in your Secrets Manager service instance. A successful request stores the secret in your dedicated instance based on the secret type and data that you specify. The response returns the ID value of the secret, along with other metadata.

To learn more about the types of secrets that you can create with Secrets Manager, check out the docs.

Creates a secret or imports an existing value that you can use to access or authenticate to a protected resource.

Use this method to either generate or import an existing secret, such as an arbitrary value or a TLS certificate, that you can manage in your Secrets Manager service instance. A successful request stores the secret in your dedicated instance based on the secret type and data that you specify. The response returns the ID value of the secret, along with other metadata.

To learn more about the types of secrets that you can create with Secrets Manager, check out the docs.

Creates a secret or imports an existing value that you can use to access or authenticate to a protected resource.

Use this method to either generate or import an existing secret, such as an arbitrary value or a TLS certificate, that you can manage in your Secrets Manager service instance. A successful request stores the secret in your dedicated instance based on the secret type and data that you specify. The response returns the ID value of the secret, along with other metadata.

To learn more about the types of secrets that you can create with Secrets Manager, check out the docs.

Creates a secret or imports an existing value that you can use to access or authenticate to a protected resource.

Use this method to either generate or import an existing secret, such as an arbitrary value or a TLS certificate, that you can manage in your Secrets Manager service instance. A successful request stores the secret in your dedicated instance based on the secret type and data that you specify. The response returns the ID value of the secret, along with other metadata.

To learn more about the types of secrets that you can create with Secrets Manager, check out the docs.

Creates a secret or imports an existing value that you can use to access or authenticate to a protected resource.

Use this method to either generate or import an existing secret, such as an arbitrary value or a TLS certificate, that you can manage in your Secrets Manager service instance. A successful request stores the secret in your dedicated instance based on the secret type and data that you specify. The response returns the ID value of the secret, along with other metadata.

To learn more about the types of secrets that you can create with Secrets Manager, check out the docs.

POST /api/v1/secrets/{secret_type}
ServiceCall<CreateSecret> createSecret(CreateSecretOptions createSecretOptions)
createSecret(params)
create_secret(self,
        secret_type: str,
        metadata: 'CollectionMetadata',
        resources: List['SecretResource'],
        **kwargs
    ) -> DetailedResponse
(secretsManager *SecretsManagerV1) CreateSecret(createSecretOptions *CreateSecretOptions) (result *CreateSecret, response *core.DetailedResponse, err error)
(secretsManager *SecretsManagerV1) CreateSecretWithContext(ctx context.Context, createSecretOptions *CreateSecretOptions) (result *CreateSecret, response *core.DetailedResponse, err error)

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > name > Access policies.

  • secrets-manager.secret.create

Auditing

Calling this method generates the following auditing event.

  • secrets-manager.secret.create

Rate limit

This operation is limited to 20 requests per 1 second per service instance.

Request

Use the CreateSecretOptions.Builder to create a CreateSecretOptions object that contains the parameter values for the createSecret method.

Instantiate the CreateSecretOptions struct and set the fields to provide parameter values for the CreateSecret method.

Path Parameters

  • The secret type.

    Allowable values: [arbitrary,iam_credentials,imported_cert,public_cert,username_password]

Properties that describe a secret.

Examples:
CreateArbitrarySecret
CreateUsernamePasswordSecret
CreateIAMCredentialsSecret
ImportCertificate
OrderCertificate

The createSecret options.

parameters

  • The secret type.

    Allowable values: [arbitrary,iam_credentials,imported_cert,public_cert,username_password]

  • The metadata that describes the resource array.

  • A collection of resources.

parameters

  • The secret type.

    Allowable values: [arbitrary,iam_credentials,imported_cert,public_cert,username_password]

  • The metadata that describes the resource array.

  • A collection of resources.

WithContext method only

The CreateSecret options.

  • curl -X POST "{base_url}/api/v1/secrets/arbitrary"   -H "Authorization: Bearer {IAM_token}"   -H "Accept: application/json"   -H "Content-Type: application/json"   -d '{ 
      "metadata": { 
        "collection_type": "application/vnd.ibm.secrets-manager.secret+json", 
        "collection_total": 1 
        }, 
        "resources": [ 
          { 
            "name": "example-arbitrary-secret", 
            "description": "Extended description for my secret.",
            "secret_group_id": "432b91f1-ff6d-4b47-9f06-82debc236d90",
            "payload": "The quick brown fox jumped over the lazy dog.", 
            "expiration_date": "2030-12-31T00:00:00Z",
            "labels": [ 
              "dev", 
              "us-south" 
            ] 
          } 
        ] 
      }'
  • curl -X POST "{base_url}/api/v1/secrets/username_password"   -H "Authorization: Bearer {IAM_token}"   -H "Accept: application/json"   -H "Content-Type: application/json"   -d '{
        "metadata": {
          "collection_type": "application/vnd.ibm.secrets-manager.secret+json",
          "collection_total": 1
        },
        "resources": [
          {
            "name": "example-username-password-secret",
            "description": "Extended description for my secret.",
            "secret_group_id": "432b91f1-ff6d-4b47-9f06-82debc236d90",
            "username": "user123",
            "password": "cloudy-rainy-coffee-book",
            "expiration_date": "2030-12-31T00:00:00Z",
            "labels": [ 
              "dev", 
              "us-south" 
            ]
          }
        ]
      }'
  • curl -X POST "{base_url}/api/v1/secrets/username_password"   -H "Authorization: Bearer {IAM_token}"   -H "Accept: application/json"   -H "Content-Type: application/json"   -d '{
        "metadata": {
          "collection_type": "application/vnd.ibm.secrets-manager.secret+json",
          "collection_total": 1
          },
          "resources": [
            {
              "name": "example-IAM-credentials",
              "description": "Extended description for my secret.",
              "access_groups": [
                "AccessGroupId-e7e1a364-c5b9-4027-b4fe-083454499a20"
              ],
              "secret_group_id": "432b91f1-ff6d-4b47-9f06-82debc236d90",
              "reuse_api_key": true,
              "ttl": "12h",
              "labels": [
                "dev",
                "us-south"
              ]
            }
          ]
        }'
  • curl -X POST "{base_url}/api/v1/secrets/imported_cert"   -H "Authorization: Bearer {IAM_token}"   -H "Accept: application/json"   -H "Content-Type: application/json"   -d '{
        "metadata": {
          "collection_type": "application/vnd.ibm.secrets-manager.secret+json",
          "collection_total": 1
        },
        "resources": [
          {
            "name": "example-imported-certificate",
            "description": "Extended description for my secret.",
            "secret_group_id": "432b91f1-ff6d-4b47-9f06-82debc236d90",
            "certificate": "-----BEGIN CERTIFICATE-----\\nMIICWzCCAcQCC...(redacted)",
            "private_key": "-----BEGIN PRIVATE KEY-----\\nMIICdgIBADANB...(redacted)",
            "intermediate": "-----BEGIN CERTIFICATE-----\\nMIICUzHHraOa...(redacted)",
            "labels": [
              "dev",
              "us-south"
            ]
          }
        ]
      }'
  • curl -X POST "{base_url}/api/v1/secrets/public_cert"   -H "Authorization: Bearer {IAM_token}"   -H "Accept: application/json"   -H "Content-Type: application/json"   -d '{
        "metadata": {
          "collection_type": "application/vnd.ibm.secrets-manager.secret+json",
          "collection_total": 1
        },
        "resources": [
          {
            "name": "example-ordered-certificate",
            "description": "Extended description for my secret.",
            "secret_group_id": "432b91f1-ff6d-4b47-9f06-82debc236d90",
            "ca": "my-ca-configuration-name",
            "dns": "my-dns-configuration-name",
            "labels": [
              "dev",
              "us-south"
            ],
            "common_name": "example.com",
            "alt_names": [
              "www.example.com"
            ],
            "bundle_certs": false,
            "key_algorithm": "RSA2048",
            "rotation": {
              "auto_rotate": false,
              "rotate_keys": false
            }
          }
        ]
      }'
  • CollectionMetadata collectionMetadataModel = new CollectionMetadata.Builder()
      .collectionType("application/vnd.ibm.secrets-manager.secret+json")
      .collectionTotal(Long.valueOf("1"))
      .build();
    SecretResourceArbitrarySecretResource secretResourceModel = new SecretResourceArbitrarySecretResource.Builder()
      .name("example-arbitrary-secret")
      .description("Extended description for this secret.")
      .secretGroupId("bc656587-8fda-4d05-9ad8-b1de1ec7e712")
      .labels(new java.util.ArrayList<String>(java.util.Arrays.asList("testString")))
      .expirationDate(TestUtilities.createMockDateTime("2030-01-01T00:00:00Z"))
      .payload("secret-data")
      .build();
    CreateSecretOptions createSecretOptions = new CreateSecretOptions.Builder()
      .secretType("arbitrary")
      .metadata(collectionMetadataModel)
      .resources(new java.util.ArrayList<SecretResource>(java.util.Arrays.asList(secretResourceModel)))
      .build();
    
    Response<CreateSecret> response = sm.createSecret(createSecretOptions).execute();
    CreateSecret createSecret = response.getResult();
    
    System.out.println(createSecret);
  • const params = {
      secretType: 'username_password',
      'metadata': {
        'collection_type': 'application/vnd.ibm.secrets-manager.secret+json',
        'collection_total': 1,
      },
      'resources': [
        {
          'name': 'example-username-password-secret',
          'description': 'Extended description for my secret.',
          'username': 'user123',
          'password': 'cloudy-rainy-coffee-book',
          'labels': ['dev', 'us-south'],
          'expiration_date': '2030-04-01T09:30:00Z',
        },
      ],
    };
    
    secretsManagerApi.createRules(params)
      .then(res => {
        console.log('Create secret:\n', JSON.stringify(result.resources, null, 2));
        })
      .catch(err => {
        console.warn(err)
      });
  • collection_metadata = {
        'collection_type': 'application/vnd.ibm.secrets-manager.secret+json',
        'collection_total': 1
    }
    
    secret_resource = {
        'name': 'example-arbitrary-secret',
        'description': 'Extended description for this secret.',
        'secret_group_id': '432b91f1-ff6d-4b47-9f06-82debc236d90',
        'payload': 'secret-data'
    }
    
    response = secretsManager.create_secret(
        secret_type='arbitrary',
        metadata=collection_metadata,
        resources=[secret_resource]
    ).get_result()
    
    print(json.dumps(response, indent=2))   
  • collectionMetadata := &sm.CollectionMetadata{
        CollectionType: core.StringPtr("application/vnd.ibm.secrets-manager.secret+json"),
        CollectionTotal: core.Int64Ptr(int64(1)),
    }
    
    secretResource := &sm.SecretResourceArbitrarySecretResource{
        Name: core.StringPtr("example-arbitrary-secret"),
        Description: core.StringPtr("Extended description for this secret."),
        SecretGroupID: core.StringPtr("bc656587-8fda-4d05-9ad8-b1de1ec7e712"),
        Labels: []string{"test-label"},
        ExpirationDate: core.StrfmtDateTimePtr(CreateMockDateTime()),
        Payload: core.StringPtr("secret-data"),
    }
    
    createSecretOptions := secretsManagerApi.NewCreateSecretOptions(
        "arbitrary", collectionMetadata, []sm.SecretResourceIntf{secretResource},
    )
    
    result, response, err := secretsManagerApi.CreateSecret(createSecretOptions)
    if err != nil {
        panic(err)
    }
    
    b, _ := json.MarshalIndent(result, "", "  ")
    fmt.Println(string(b))
    
    secretIdLink = *result.;

Response

Properties that describe a secret.

Properties that describe a secret.

Properties that describe a secret.

Properties that describe a secret.

Properties that describe a secret.

Status Code

  • The secret was successfully created.

  • Secret creation request accepted.

  • Bad Request

  • Unauthorized

  • Forbidden

  • Too Many Requests

Example responses
  • Example response for creating an arbitrary secret.

    {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.secret+json",
        "collection_total": 1
      },
      "resources": [
        {
          "created_by": "iam-ServiceId-e4a2f0a4-3c76-4bef-b1f2-fbeae11c0f21",
          "creation_date": "2020-10-05T21:33:11Z",
          "crn": "crn:v1:bluemix:public:secrets-manager:us-south:a/a5ebf2570dcaedf18d7ed78e216c263a:f1bc94a6-64aa-4c55-b00f-f6cd70e4b2ce:secret:cb7a2502-8ede-47d6-b5b6-1b7af6b6f563",
          "description": "Extended description for this secret.",
          "expiration_date": "2021-01-01T00:00:00Z",
          "id": "cb7a2502-8ede-47d6-b5b6-1b7af6b6f563",
          "labels": [
            "dev",
            "us-south"
          ],
          "last_update_date": "2020-10-05T21:33:11Z",
          "name": "example-arbitrary-secret",
          "secret_data": {
            "payload": "secret-data"
          },
          "secret_group_id": "bc656587-8fda-4d05-9ad8-b1de1ec7e712",
          "secret_type": "arbitrary",
          "state": 1,
          "state_description": "Active",
          "versions_total": 1,
          "versions": [
            {
              "created_by": "iam-ServiceId-e4a2f0a4-3c76-4bef-b1f2-fbeae11c0f21",
              "creation_date": "2020-10-05T21:33:11Z",
              "id": "7bf3814d-58f8-4df8-9cbd-f6860e4ca973"
            }
          ]
        }
      ]
    }
  • Example response for creating an arbitrary secret.

    {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.secret+json",
        "collection_total": 1
      },
      "resources": [
        {
          "created_by": "iam-ServiceId-e4a2f0a4-3c76-4bef-b1f2-fbeae11c0f21",
          "creation_date": "2020-10-05T21:33:11Z",
          "crn": "crn:v1:bluemix:public:secrets-manager:us-south:a/a5ebf2570dcaedf18d7ed78e216c263a:f1bc94a6-64aa-4c55-b00f-f6cd70e4b2ce:secret:cb7a2502-8ede-47d6-b5b6-1b7af6b6f563",
          "description": "Extended description for this secret.",
          "expiration_date": "2021-01-01T00:00:00Z",
          "id": "cb7a2502-8ede-47d6-b5b6-1b7af6b6f563",
          "labels": [
            "dev",
            "us-south"
          ],
          "last_update_date": "2020-10-05T21:33:11Z",
          "name": "example-arbitrary-secret",
          "secret_data": {
            "payload": "secret-data"
          },
          "secret_group_id": "bc656587-8fda-4d05-9ad8-b1de1ec7e712",
          "secret_type": "arbitrary",
          "state": 1,
          "state_description": "Active",
          "versions_total": 1,
          "versions": [
            {
              "created_by": "iam-ServiceId-e4a2f0a4-3c76-4bef-b1f2-fbeae11c0f21",
              "creation_date": "2020-10-05T21:33:11Z",
              "id": "7bf3814d-58f8-4df8-9cbd-f6860e4ca973"
            }
          ]
        }
      ]
    }
  • Example response for creating a username_password secret.

    {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.secret+json",
        "collection_total": 1
      },
      "resources": [
        {
          "created_by": "iam-ServiceId-e4a2f0a4-3c76-4bef-b1f2-fbeae11c0f21",
          "creation_date": "2020-10-05T21:33:11Z",
          "crn": "crn:v1:bluemix:public:secrets-manager:us-south:a/a5ebf2570dcaedf18d7ed78e216c263a:f1bc94a6-64aa-4c55-b00f-f6cd70e4b2ce:secret:24ec2c34-38ee-4038-9f1d-9a629423158d",
          "description": "Extended description for this secret.",
          "expiration_date": "2021-01-01T00:00:00Z",
          "id": "24ec2c34-38ee-4038-9f1d-9a629423158d",
          "labels": [
            "dev",
            "us-south"
          ],
          "last_update_date": "2020-10-05T21:33:11Z",
          "name": "example-username-password-secret",
          "secret_data": {
            "username": "user123",
            "password": "rainy-cloudy-coffee-book"
          },
          "secret_group_id": "bc656587-8fda-4d05-9ad8-b1de1ec7e712",
          "secret_type": "username_password",
          "state": 1,
          "state_description": "Active",
          "versions_total": 1,
          "versions": [
            {
              "auto_rotated": false,
              "created_by": "iam-ServiceId-e4a2f0a4-3c76-4bef-b1f2-fbeae11c0f21",
              "creation_date": "2020-10-05T21:33:11Z",
              "id": "934a9869-3a90-4725-87e8-848df7f926a3"
            }
          ]
        }
      ]
    }
  • Example response for creating a username_password secret.

    {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.secret+json",
        "collection_total": 1
      },
      "resources": [
        {
          "created_by": "iam-ServiceId-e4a2f0a4-3c76-4bef-b1f2-fbeae11c0f21",
          "creation_date": "2020-10-05T21:33:11Z",
          "crn": "crn:v1:bluemix:public:secrets-manager:us-south:a/a5ebf2570dcaedf18d7ed78e216c263a:f1bc94a6-64aa-4c55-b00f-f6cd70e4b2ce:secret:24ec2c34-38ee-4038-9f1d-9a629423158d",
          "description": "Extended description for this secret.",
          "expiration_date": "2021-01-01T00:00:00Z",
          "id": "24ec2c34-38ee-4038-9f1d-9a629423158d",
          "labels": [
            "dev",
            "us-south"
          ],
          "last_update_date": "2020-10-05T21:33:11Z",
          "name": "example-username-password-secret",
          "secret_data": {
            "username": "user123",
            "password": "rainy-cloudy-coffee-book"
          },
          "secret_group_id": "bc656587-8fda-4d05-9ad8-b1de1ec7e712",
          "secret_type": "username_password",
          "state": 1,
          "state_description": "Active",
          "versions_total": 1,
          "versions": [
            {
              "auto_rotated": false,
              "created_by": "iam-ServiceId-e4a2f0a4-3c76-4bef-b1f2-fbeae11c0f21",
              "creation_date": "2020-10-05T21:33:11Z",
              "id": "934a9869-3a90-4725-87e8-848df7f926a3"
            }
          ]
        }
      ]
    }
  • Example response for creating an iam_credentials secret.

    {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.secret+json",
        "collection_total": 1
      },
      "resources": [
        {
          "access_groups": [
            "AccessGroupId-45884031-54be-4dd7-86ff-112511e92699"
          ],
          "created_by": "iam-ServiceId-e4a2f0a4-3c76-4bef-b1f2-fbeae11c0f21",
          "creation_date": "2020-10-05T21:33:11Z",
          "crn": "crn:v1:bluemix:public:secrets-manager:us-south:a/a5ebf2570dcaedf18d7ed78e216c263a:f1bc94a6-64aa-4c55-b00f-f6cd70e4b2ce:secret:24ec2c34-38ee-4038-9f1d-9a629423158d",
          "description": "Extended description for this secret.",
          "expiration_date": "2021-01-01T00:00:00Z",
          "id": "24ec2c34-38ee-4038-9f1d-9a629423158d",
          "labels": [
            "dev",
            "us-south"
          ],
          "last_update_date": "2020-10-05T21:33:11Z",
          "name": "example-iam-credentials-secret",
          "secret_group_id": "bc656587-8fda-4d05-9ad8-b1de1ec7e712",
          "secret_type": "username_password",
          "state": 1,
          "state_description": "Active",
          "ttl": 1800,
          "reuse_api_key": false,
          "versions_total": 1,
          "versions": [
            {
              "created_by": "iam-ServiceId-e4a2f0a4-3c76-4bef-b1f2-fbeae11c0f21",
              "creation_date": "2020-10-05T21:33:11Z",
              "id": "934a9869-3a90-4725-87e8-848df7f926a3"
            }
          ]
        }
      ]
    }
  • Example response for creating an iam_credentials secret.

    {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.secret+json",
        "collection_total": 1
      },
      "resources": [
        {
          "access_groups": [
            "AccessGroupId-45884031-54be-4dd7-86ff-112511e92699"
          ],
          "created_by": "iam-ServiceId-e4a2f0a4-3c76-4bef-b1f2-fbeae11c0f21",
          "creation_date": "2020-10-05T21:33:11Z",
          "crn": "crn:v1:bluemix:public:secrets-manager:us-south:a/a5ebf2570dcaedf18d7ed78e216c263a:f1bc94a6-64aa-4c55-b00f-f6cd70e4b2ce:secret:24ec2c34-38ee-4038-9f1d-9a629423158d",
          "description": "Extended description for this secret.",
          "expiration_date": "2021-01-01T00:00:00Z",
          "id": "24ec2c34-38ee-4038-9f1d-9a629423158d",
          "labels": [
            "dev",
            "us-south"
          ],
          "last_update_date": "2020-10-05T21:33:11Z",
          "name": "example-iam-credentials-secret",
          "secret_group_id": "bc656587-8fda-4d05-9ad8-b1de1ec7e712",
          "secret_type": "username_password",
          "state": 1,
          "state_description": "Active",
          "ttl": 1800,
          "reuse_api_key": false,
          "versions_total": 1,
          "versions": [
            {
              "created_by": "iam-ServiceId-e4a2f0a4-3c76-4bef-b1f2-fbeae11c0f21",
              "creation_date": "2020-10-05T21:33:11Z",
              "id": "934a9869-3a90-4725-87e8-848df7f926a3"
            }
          ]
        }
      ]
    }
  • Example response for importing a TLS certificate

    {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.secret+json",
        "collection_total": 1
      },
      "resources": {
        "created_by": "iam-ServiceId-e4a2f0a4-3c76-4bef-b1f2-fbeae11c0f21",
        "creation_date": "2020-10-05T21:33:11Z",
        "crn": "crn:v1:bluemix:public:secrets-manager:us-south:a/a5ebf2570dcaedf18d7ed78e216c263a:f1bc94a6-64aa-4c55-b00f-f6cd70e4b2ce:secret:24ec2c34-38ee-4038-9f1d-9a629423158d",
        "name": "test-certificate",
        "description": "Extended description for this secret.",
        "expiration_date": "2021-01-01T00:00:00Z",
        "serial_number": "d9:be:fe:35:ba:09:42:b5",
        "algorithm": "sha256WithRSAEncryption",
        "key_algorithm": "RSA2048",
        "issuer": "GlobalSign",
        "validity": {
          "not_before": "2020-10-05T21:33:11Z",
          "not_after": "2021-01-01T00:00:00Z"
        },
        "common_name": "example.com",
        "alt_names": [
          "www.sample.com"
        ],
        "intermediate_included": false,
        "private_key_included": false,
        "id": "24ec2c34-38ee-4038-9f1d-9a629423158d",
        "labels": [
          "dev",
          "us-south"
        ],
        "last_update_date": "2020-10-05T21:33:11Z",
        "secret_group_id": "bc656587-8fda-4d05-9ad8-b1de1ec7e712",
        "secret_type": "imported_cert",
        "state": 1,
        "state_description": "Active",
        "versions_total": 1,
        "versions": [
          {
            "created_by": "iam-ServiceId-e4a2f0a4-3c76-4bef-b1f2-fbeae11c0f21",
            "creation_date": "2020-10-05T21:33:11Z",
            "id": "7bf3814d-58f8-4df8-9cbd-f6860e4ca973",
            "payload_available": true,
            "serial_number": "d9:be:fe:35:ba:09:42:b5",
            "expiration_date": "2021-01-01T00:00:00Z",
            "validity": {
              "not_before": "2020-10-05T21:33:11Z",
              "not_after": "2021-01-01T00:00:00Z"
            }
          }
        ]
      }
    }
  • Example response for importing a TLS certificate

    {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.secret+json",
        "collection_total": 1
      },
      "resources": {
        "created_by": "iam-ServiceId-e4a2f0a4-3c76-4bef-b1f2-fbeae11c0f21",
        "creation_date": "2020-10-05T21:33:11Z",
        "crn": "crn:v1:bluemix:public:secrets-manager:us-south:a/a5ebf2570dcaedf18d7ed78e216c263a:f1bc94a6-64aa-4c55-b00f-f6cd70e4b2ce:secret:24ec2c34-38ee-4038-9f1d-9a629423158d",
        "name": "test-certificate",
        "description": "Extended description for this secret.",
        "expiration_date": "2021-01-01T00:00:00Z",
        "serial_number": "d9:be:fe:35:ba:09:42:b5",
        "algorithm": "sha256WithRSAEncryption",
        "key_algorithm": "RSA2048",
        "issuer": "GlobalSign",
        "validity": {
          "not_before": "2020-10-05T21:33:11Z",
          "not_after": "2021-01-01T00:00:00Z"
        },
        "common_name": "example.com",
        "alt_names": [
          "www.sample.com"
        ],
        "intermediate_included": false,
        "private_key_included": false,
        "id": "24ec2c34-38ee-4038-9f1d-9a629423158d",
        "labels": [
          "dev",
          "us-south"
        ],
        "last_update_date": "2020-10-05T21:33:11Z",
        "secret_group_id": "bc656587-8fda-4d05-9ad8-b1de1ec7e712",
        "secret_type": "imported_cert",
        "state": 1,
        "state_description": "Active",
        "versions_total": 1,
        "versions": [
          {
            "created_by": "iam-ServiceId-e4a2f0a4-3c76-4bef-b1f2-fbeae11c0f21",
            "creation_date": "2020-10-05T21:33:11Z",
            "id": "7bf3814d-58f8-4df8-9cbd-f6860e4ca973",
            "payload_available": true,
            "serial_number": "d9:be:fe:35:ba:09:42:b5",
            "expiration_date": "2021-01-01T00:00:00Z",
            "validity": {
              "not_before": "2020-10-05T21:33:11Z",
              "not_after": "2021-01-01T00:00:00Z"
            }
          }
        ]
      }
    }
  • Example response for Ordering a TLS certificate

    {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.secret+json",
        "collection_total": 1
      },
      "resources": {
        "created_by": "iam-ServiceId-e4a2f0a4-3c76-4bef-b1f2-fbeae11c0f21",
        "creation_date": "2020-10-05T21:33:11Z",
        "crn": "crn:v1:bluemix:public:secrets-manager:us-south:a/a5ebf2570dcaedf18d7ed78e216c263a:f1bc94a6-64aa-4c55-b00f-f6cd70e4b2ce:secret:24ec2c34-38ee-4038-9f1d-9a629423158d",
        "name": "test-certificate",
        "description": "Extended description for this secret.",
        "algorithm": "sha256WithRSAEncryption",
        "key_algorithm": "RSA2048",
        "issuer": "Let's Encrypt",
        "common_name": "example.com",
        "alt_names": [
          "www.sample.com"
        ],
        "id": "24ec2c34-38ee-4038-9f1d-9a629423158d",
        "labels": [
          "dev",
          "us-south"
        ],
        "last_update_date": "2020-10-05T21:33:11Z",
        "secret_group_id": "bc656587-8fda-4d05-9ad8-b1de1ec7e712",
        "secret_type": "public_cert",
        "state": 0,
        "state_description": "Pre-activation",
        "versions_total": 1,
        "issuance_info": {
          "ordered_on": "2020-10-05T21:33:11Z",
          "state": 0,
          "state_description": "Pre-activation",
          "error_code": "error_code",
          "error_message": "error_message",
          "auto_rotated": true,
          "bundle_certs": true,
          "ca": "ca_name",
          "dns": "dns_provider"
        },
        "rotation": {
          "auto_rotate": false,
          "rotate_keys": false
        },
        "versions": []
      }
    }
  • Example response for Ordering a TLS certificate

    {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.secret+json",
        "collection_total": 1
      },
      "resources": {
        "created_by": "iam-ServiceId-e4a2f0a4-3c76-4bef-b1f2-fbeae11c0f21",
        "creation_date": "2020-10-05T21:33:11Z",
        "crn": "crn:v1:bluemix:public:secrets-manager:us-south:a/a5ebf2570dcaedf18d7ed78e216c263a:f1bc94a6-64aa-4c55-b00f-f6cd70e4b2ce:secret:24ec2c34-38ee-4038-9f1d-9a629423158d",
        "name": "test-certificate",
        "description": "Extended description for this secret.",
        "algorithm": "sha256WithRSAEncryption",
        "key_algorithm": "RSA2048",
        "issuer": "Let's Encrypt",
        "common_name": "example.com",
        "alt_names": [
          "www.sample.com"
        ],
        "id": "24ec2c34-38ee-4038-9f1d-9a629423158d",
        "labels": [
          "dev",
          "us-south"
        ],
        "last_update_date": "2020-10-05T21:33:11Z",
        "secret_group_id": "bc656587-8fda-4d05-9ad8-b1de1ec7e712",
        "secret_type": "public_cert",
        "state": 0,
        "state_description": "Pre-activation",
        "versions_total": 1,
        "issuance_info": {
          "ordered_on": "2020-10-05T21:33:11Z",
          "state": 0,
          "state_description": "Pre-activation",
          "error_code": "error_code",
          "error_message": "error_message",
          "auto_rotated": true,
          "bundle_certs": true,
          "ca": "ca_name",
          "dns": "dns_provider"
        },
        "rotation": {
          "auto_rotate": false,
          "rotate_keys": false
        },
        "versions": []
      }
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Malformed parameter"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05055",
          "message": "Malformed parameter"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Malformed parameter"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05055",
          "message": "Malformed parameter"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Unauthorized"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05162",
          "message": "Unauthorized"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Unauthorized"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05162",
          "message": "Unauthorized"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Forbidden"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05113",
          "message": "Forbidden"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Forbidden"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05113",
          "message": "Forbidden"
        }
      ]
    }
  • error code: 1015
  • error code: 1015

List secrets by type

Retrieves a list of secrets based on the type that you specify.

Retrieves a list of secrets based on the type that you specify.

Retrieves a list of secrets based on the type that you specify.

Retrieves a list of secrets based on the type that you specify.

Retrieves a list of secrets based on the type that you specify.

GET /api/v1/secrets/{secret_type}
ServiceCall<ListSecrets> listSecrets(ListSecretsOptions listSecretsOptions)
listSecrets(params)
list_secrets(self,
        secret_type: str,
        *,
        limit: int = None,
        offset: int = None,
        **kwargs
    ) -> DetailedResponse
(secretsManager *SecretsManagerV1) ListSecrets(listSecretsOptions *ListSecretsOptions) (result *ListSecrets, response *core.DetailedResponse, err error)
(secretsManager *SecretsManagerV1) ListSecretsWithContext(ctx context.Context, listSecretsOptions *ListSecretsOptions) (result *ListSecrets, response *core.DetailedResponse, err error)

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > name > Access policies.

  • secrets-manager.secrets.list

Auditing

Calling this method generates the following auditing event.

  • secrets-manager.secrets.list

Rate limit

This operation is limited to 20 requests per 1 second per service instance.

Request

Use the ListSecretsOptions.Builder to create a ListSecretsOptions object that contains the parameter values for the listSecrets method.

Instantiate the ListSecretsOptions struct and set the fields to provide parameter values for the ListSecrets method.

Path Parameters

  • The secret type.

    Allowable values: [arbitrary,iam_credentials,imported_cert,public_cert,username_password]

Query Parameters

  • The number of secrets to retrieve. By default, list operations return the first 200 items. To retrieve a different set of items, use limit with offset to page through your available resources.

    Usage: If you have 20 secrets in your instance, and you want to retrieve only the first 5 secrets, use ../secrets/{secret-type}?limit=5.

    Possible values: 1 ≤ value ≤ 5000

  • The number of secrets to skip. By specifying offset, you retrieve a subset of items that starts with the offset value. Use offset with limit to page through your available resources.

    Usage: If you have 100 secrets in your instance, and you want to retrieve secrets 26 through 50, use ../secrets/{secret-type}?offset=25&limit=25.

    Possible values: value ≥ 0

    Default: 0

The listSecrets options.

parameters

  • The secret type.

    Allowable values: [arbitrary,iam_credentials,imported_cert,public_cert,username_password]

  • The number of secrets to retrieve. By default, list operations return the first 200 items. To retrieve a different set of items, use limit with offset to page through your available resources.

    Usage: If you have 20 secrets in your instance, and you want to retrieve only the first 5 secrets, use ../secrets/{secret-type}?limit=5.

    Possible values: 1 ≤ value ≤ 5000

  • The number of secrets to skip. By specifying offset, you retrieve a subset of items that starts with the offset value. Use offset with limit to page through your available resources.

    Usage: If you have 100 secrets in your instance, and you want to retrieve secrets 26 through 50, use ../secrets/{secret-type}?offset=25&limit=25.

    Possible values: value ≥ 0

parameters

  • The secret type.

    Allowable values: [arbitrary,iam_credentials,imported_cert,public_cert,username_password]

  • The number of secrets to retrieve. By default, list operations return the first 200 items. To retrieve a different set of items, use limit with offset to page through your available resources.

    Usage: If you have 20 secrets in your instance, and you want to retrieve only the first 5 secrets, use ../secrets/{secret-type}?limit=5.

    Possible values: 1 ≤ value ≤ 5000

  • The number of secrets to skip. By specifying offset, you retrieve a subset of items that starts with the offset value. Use offset with limit to page through your available resources.

    Usage: If you have 100 secrets in your instance, and you want to retrieve secrets 26 through 50, use ../secrets/{secret-type}?offset=25&limit=25.

    Possible values: value ≥ 0

WithContext method only

The ListSecrets options.

  • curl -X GET "{base_url}/api/v1/secrets/username_password"   -H "Authorization: Bearer {IAM_token}"   -H "Accept: application/json"
  • ListSecretsOptions listSecretsOptions = new ListSecretsOptions.Builder()
      .secretType("arbitrary")
      .build();
    
    Response<ListSecrets> response = sm.listSecrets(listSecretsOptions).execute();
    ListSecrets listSecrets = response.getResult();
    
    System.out.println(listSecrets);
  • const params = {
      secretType: 'username_password',
    };
    
    secretsManagerApi.listSecrets(params)
      .then(res => {
        console.log('List secrets:\n', JSON.stringify(result.resources, null, 2));
        })
      .catch(err => {
        console.warn(err)
      });
  • response = secretsManager.get_secret(
        secret_type='arbitrary',
        id=secret_id_link
    ).get_result()
    
    print(json.dumps(response, indent=2))
  • listSecretsOptions := secretsManagerApi.NewListSecretsOptions(
        "arbitrary",
    )
    
    result, response, err := secretsManagerApi.ListSecrets(listSecretsOptions)
    if err != nil {
        panic(err)
    }
    
    b, _ := json.MarshalIndent(result, "", "  ")
    fmt.Println(string(b))

Response

Properties that describe a list of secrets.

Properties that describe a list of secrets.

Properties that describe a list of secrets.

Properties that describe a list of secrets.

Properties that describe a list of secrets.

Status Code

  • The list of secrets was successfully retrieved.

  • Bad Request

  • Unauthorized

  • Forbidden

  • Too Many Requests

Example responses
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.secret+json",
        "collection_total": 2
      },
      "resources": [
        {
          "created_by": "iam-ServiceId-e4a2f0a4-3c76-4bef-b1f2-fbeae11c0f21",
          "creation_date": "2020-10-05T21:33:11Z",
          "crn": "crn:v1:bluemix:public:secrets-manager:us-south:a/a5ebf2570dcaedf18d7ed78e216c263a:f1bc94a6-64aa-4c55-b00f-f6cd70e4b2ce:secret:cb7a2502-8ede-47d6-b5b6-1b7af6b6f563",
          "description": "Extended description for this secret.",
          "expiration_date": "2021-01-01T00:00:00Z",
          "id": "cb7a2502-8ede-47d6-b5b6-1b7af6b6f563",
          "labels": [
            "dev",
            "us-south"
          ],
          "last_update_date": "2020-10-05T21:33:11Z",
          "name": "example-arbitrary-secret",
          "secret_type": "arbitrary",
          "state": 1,
          "state_description": "Active",
          "versions_total": 1
        },
        {
          "created_by": "iam-ServiceId-e4a2f0a4-3c76-4bef-b1f2-fbeae11c0f21",
          "creation_date": "2020-10-05T21:33:11Z",
          "crn": "crn:v1:bluemix:public:secrets-manager:us-south:a/a5ebf2570dcaedf18d7ed78e216c263a:f1bc94a6-64aa-4c55-b00f-f6cd70e4b2ce:secret:bc00a015-1de1-4361-ad8e-40c37335353f",
          "description": "Extended description for this secret.",
          "expiration_date": "2021-01-01T00:00:00Z",
          "id": "bc00a015-1de1-4361-ad8e-40c37335353f",
          "labels": [
            "dev",
            "us-south"
          ],
          "last_update_date": "2020-10-05T21:33:11Z",
          "name": "another-example-arbitrary-secret",
          "secret_type": "arbitrary",
          "state": 1,
          "state_description": "Active",
          "versions_total": 1
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.secret+json",
        "collection_total": 2
      },
      "resources": [
        {
          "created_by": "iam-ServiceId-e4a2f0a4-3c76-4bef-b1f2-fbeae11c0f21",
          "creation_date": "2020-10-05T21:33:11Z",
          "crn": "crn:v1:bluemix:public:secrets-manager:us-south:a/a5ebf2570dcaedf18d7ed78e216c263a:f1bc94a6-64aa-4c55-b00f-f6cd70e4b2ce:secret:cb7a2502-8ede-47d6-b5b6-1b7af6b6f563",
          "description": "Extended description for this secret.",
          "expiration_date": "2021-01-01T00:00:00Z",
          "id": "cb7a2502-8ede-47d6-b5b6-1b7af6b6f563",
          "labels": [
            "dev",
            "us-south"
          ],
          "last_update_date": "2020-10-05T21:33:11Z",
          "name": "example-arbitrary-secret",
          "secret_type": "arbitrary",
          "state": 1,
          "state_description": "Active",
          "versions_total": 1
        },
        {
          "created_by": "iam-ServiceId-e4a2f0a4-3c76-4bef-b1f2-fbeae11c0f21",
          "creation_date": "2020-10-05T21:33:11Z",
          "crn": "crn:v1:bluemix:public:secrets-manager:us-south:a/a5ebf2570dcaedf18d7ed78e216c263a:f1bc94a6-64aa-4c55-b00f-f6cd70e4b2ce:secret:bc00a015-1de1-4361-ad8e-40c37335353f",
          "description": "Extended description for this secret.",
          "expiration_date": "2021-01-01T00:00:00Z",
          "id": "bc00a015-1de1-4361-ad8e-40c37335353f",
          "labels": [
            "dev",
            "us-south"
          ],
          "last_update_date": "2020-10-05T21:33:11Z",
          "name": "another-example-arbitrary-secret",
          "secret_type": "arbitrary",
          "state": 1,
          "state_description": "Active",
          "versions_total": 1
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Malformed parameter"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05055",
          "message": "Malformed parameter"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Malformed parameter"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05055",
          "message": "Malformed parameter"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Unauthorized"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05162",
          "message": "Unauthorized"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Unauthorized"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05162",
          "message": "Unauthorized"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Forbidden"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05113",
          "message": "Forbidden"
        }
      ]
    }
  • {
      "metadata": {
        "collection_type": "application/vnd.ibm.secrets-manager.error+json",
        "collection_total": 1
      },
      "resources": [
        {
          "error_message": "Forbidden"
        }
      ],
      "errors": [
        {
          "code": "secrets-manager.Error05113",
          "message": "Forbidden"
        }
      ]
    }
  • error code: 1015
  • error code: 1015

List all secrets

Retrieves a list of all secrets in your Secrets Manager instance.

Retrieves a list of all secrets in your Secrets Manager instance.

Retrieves a list of all secrets in your Secrets Manager instance.

Retrieves a list of all secrets in your Secrets Manager instance.

Retrieves a list of all secrets in your Secrets Manager instance.

GET /api/v1/secrets
ServiceCall<ListSecrets> listAllSecrets(ListAllSecretsOptions listAllSecretsOptions)
listAllSecrets(params)
list_all_secrets(self,
        *,
        limit: int = None,
        offset: int = None,
        search: str = None,
        sort_by: str = None,
        groups: List[str] = None,
        **kwargs
    ) -> DetailedResponse
(secretsManager *SecretsManagerV1) ListAllSecrets(listAllSecretsOptions *ListAllSecretsOptions) (result *ListSecrets, response *core.DetailedResponse, err error)
(secretsManager *SecretsManagerV1) ListAllSecretsWithContext(ctx context.Context, listAllSecretsOptions *ListAllSecretsOptions) (result *ListSecrets, response *core.DetailedResponse, err error)

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > name > Access policies.

  • secrets-manager.secrets.list

Auditing

Calling this method generates the following auditing event.

  • secrets-manager.secrets.list

Rate limit

This operation is limited to 20 requests per 1 second per service instance.

Request

Use the ListAllSecretsOptions.Builder to create a ListAllSecretsOptions object that contains the parameter values for the listAllSecrets method.

Instantiate the ListAllSecretsOptions struct and set the fields to provide parameter values for the ListAllSecrets method.

Query Parameters

  • The number of secrets to retrieve. By default, list operations return the first 200 items. To retrieve a different set of items, use limit with offset to page through your available resources.

    Usage: If you have 20 secrets in your instance, and you want to retrieve only the first 5 secrets, use ../secrets/{secret-type}?limit=5.

    Possible values: 1 ≤ value ≤ 5000

  • The number of secrets to skip. By specifying offset, you retrieve a subset of items that starts with the offset value. Use offset with limit to page through your available resources.

    Usage: If you have 100 secrets in your instance, and you want to retrieve secrets 26 through 50, use ../secrets/{secret-type}?offset=25&limit=25.

    Possible values: value ≥ 0

    Default: 0

  • Filter secrets that contain the specified string. The fields that are searched include: id, name, description, labels, secret_type.

    Usage: If you want to list only the secrets that contain the string "text", use ../secrets/{secret-type}?search=text.

    Possible values: length ≤ 128

  • Sort a list of secrets by the specified field.

    Usage: To sort a list of secrets by their creation date, use ../secrets/{secret-type}?sort_by=creation_date.

    Allowable values: [id,creation_date,expiration_date,secret_type,name]

  • Filter secrets by groups.

    You can apply multiple filters by using a comma-separated list of secret group IDs. If you need to filter secrets that are in the default secret group, use the default keyword.

    Usage: To retrieve a list of secrets that are associated with an existing secret group or the default group, use ../secrets?groups={secret_group_ID},default.

The listAllSecrets options.

parameters

  • The number of secrets to retrieve. By default, list operations return the first 200 items. To retrieve a different set of items, use limit with offset to page through your available resources.

    Usage: If you have 20 secrets in your instance, and you want to retrieve only the first 5 secrets, use ../secrets/{secret-type}?limit=5.

    Possible values: 1 ≤ value ≤ 5000

  • The number of secrets to skip. By specifying offset, you retrieve a subset of items that starts with the offset value. Use offset with limit to page through your available resources.

    Usage: If you have 100 secrets in your instance, and you want to retrieve secrets 26 through 50, use ../secrets/{secret-type}?offset=25&limit=25.

    Possible values: value ≥ 0

  • Filter secrets that contain the specified string. The fields that are searched include: id, name, description, labels, secret_type.

    Usage: If you want to list only the secrets that contain the string "text", use ../secrets/{secret-type}?search=text.

    Possible values: length ≤ 128

  • Sort a list of secrets by the specified field.

    Usage: To sort a list of secrets by their creation date, use ../secrets/{secret-type}?sort_by=creation_date.

    Allowable values: [id,creation_date,expiration_date,secret_type,name]

  • Filter secrets by groups.

    You can apply multiple filters by using a comma-separated list of secret group IDs. If you need to filter secrets that are in the default secret group, use the default keyword.

    Usage: To retrieve a list of secrets that are associated with an existing secret group or the default group, use ../secrets?groups={secret_group_ID},default.

parameters

  • The number of secrets to retrieve. By default, list operations return the first 200 items. To retrieve a different set of items, use limit with offset to page through your available resources.

    Usage: If you have 20 secrets in your instance, and you want to retrieve only the first 5 secrets, use ../secrets/{secret-type}?limit=5.

    Possible values: 1 ≤ value ≤ 5000

  • The number of secrets to skip. By specifying offset, you retrieve a subset of items that starts with the offset value. Use offset with limit to page through your available resources.

    Usage: If you have 100 secrets in your instance, and you want to retrieve secrets 26 through 50, use ../secrets/{secret-type}?offset=25&limit=25.

    Possible values: value ≥ 0

  • Filter secrets that contain the specified string. The fields that are searched include: id, name, description, labels, secret_type.

    Usage: If you want to list only the secrets that contain the string "text", use ../secrets/{secret-type}?search=text.

    Possible values: length ≤ 128

  • Sort a list of secrets by the specified field.

    Usage: To sort a list of secrets by their creation date, use ../secrets/{secret-type}?sort_by=creation_date.

    Allowable values: [id,creation_date,expiration_date,secret_type,name]

  • Filter secrets by groups.

    You can apply multiple filters by using a comma-separated list of secret group IDs. If you need to filter secrets that are in the default secret group, use the default keyword.

    Usage: To retrieve a list of secrets that are associated with an existing secret group or the default group, use ../secrets?groups={secret_group_ID},default.

WithContext method only

The ListAllSecrets options.

  • curl -X GET "{base_url}/api/v1/secrets"   -H "Authorization: Bearer {IAM_token}"   -H "Accept: application/json"
  • ListAllSecretsOptions listAllSecretsOptions = new ListAllSecretsOptions.Builder()
      .build();
    
    Response<ListSecrets> response = sm.listAllSecrets(listAllSecretsOptions).execute();
    ListSecrets listSecrets = response.getResult();
    
    System.out.println(listSecrets);
  • secretsManagerApi.listAllSecrets()
      .then(res => {
        console.log('List all secrets:\n', JSON.stringify(result.resources, null, 2));
        })
      .catch(err => {
        console.warn(err)
      });
  • response = secretsManager.list_all_secrets().get_result()
    
    print(json.dumps(response, indent=2))
  • listAllSecretsOptions := secretsManagerApi.NewListAllSecretsOptions()
    
    result, response, err := secretsManagerApi.ListAllSecrets(listAllSecretsOptions)
    if err != nil {
        panic(err)
    }
    
    b, _ := json.MarshalIndent(result, "", "  ")
    fmt.Println(string(b))

Response

Properties that describe a list of secrets.

Properties that describe a list of secrets.

Properties that describe a list of secrets.

Properties that describe a list of secrets.