Secret

List all secret keys

get

/api/{tenantId}/secrets

Returns keys of all secrets stored for the tenant. Does not return values for security.

Authorization

Requires Secret.Read scope.

Security Note

Only key names are returned, not the actual secret values. Use GET /{key} to retrieve individual secret values.

Required scopes

This endpoint requires the following scopes:

Authorizations

OAuth2implicitRequired

Authorization URL:

Path parameters

tenantIdstringRequired

Responses

200

List of all secret keys

string[]Optional

401

Not authorized

500

Internal server error while retrieving secrets

get

/api/{tenantId}/secrets

GET /api/{tenantId}/secrets HTTP/1.1
Host: app.neostore.cloud
Authorization: Bearer YOUR_OAUTH2_TOKEN
Accept: */*

[
  "text"
]

Retrieve secret value

get

/api/{tenantId}/secrets/{key}

Returns a secret value by key.

Authorization

Requires Secret.Read scope.

Security Considerations

Values are transmitted over HTTPS only
Expired secrets return 404
Consider short-lived tokens for highly sensitive secrets

Required scopes

This endpoint requires the following scopes:

Authorizations

OAuth2implicitRequired

Authorization URL:

Path parameters

keystringRequired

Secret key.

tenantIdstringRequired

Responses

200

Secret value retrieved

stringOptional

401

Not authorized

404

Secret not found

500

Internal server error while retrieving secret

get

/api/{tenantId}/secrets/{key}

GET /api/{tenantId}/secrets/{key} HTTP/1.1
Host: app.neostore.cloud
Authorization: Bearer YOUR_OAUTH2_TOKEN
Accept: */*

text

Create or update secret

put

/api/{tenantId}/secrets/{key}

Stores or replaces a secret value with optional validity period.

Authorization: Requires Secret.Write scope.

Key Format: Alphanumeric characters, hyphens, and underscores only; case-sensitive.

Validity Period: ExpiresOn and NotBefore are optional; omit both for permanent secrets. To rotate, create new secret with new key and delete old one after grace period.

Use Cases: API keys, tokens, service credentials, encryption keys, third-party integration secrets.

Required scopes

This endpoint requires the following scopes:

Authorizations

OAuth2implicitRequired

Authorization URL:

Path parameters

keystringRequired

Secret key (validated for allowed characters).

tenantIdstringRequired

Body

valuestring · nullableRequired

Secret value to store.

Responses

204

Secret created or updated successfully

400

Invalid secret key format

401

Not authorized

500

Internal server error while storing secret

put

/api/{tenantId}/secrets/{key}

PUT /api/{tenantId}/secrets/{key} HTTP/1.1
Host: app.neostore.cloud
Authorization: Bearer YOUR_OAUTH2_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 60

{
  "value": null,
  "options": {
    "expiresOn": null,
    "notBefore": null
  }
}

No content

Delete a secret.

delete

/api/{tenantId}/secrets/{key}

Removes a secret from the secret store. The secret key must contain only allowed characters. Once deleted, the secret cannot be retrieved.

Required scopes

This endpoint requires the following scopes:

Authorizations

OAuth2implicitRequired

Authorization URL:

Path parameters

keystringRequired

Secret key (validated for allowed characters).

tenantIdstringRequired

Responses

204

Secret deleted successfully

400

Invalid secret key format

401

Not authorized

500

Internal server error while deleting secret

delete

/api/{tenantId}/secrets/{key}

DELETE /api/{tenantId}/secrets/{key} HTTP/1.1
Host: app.neostore.cloud
Authorization: Bearer YOUR_OAUTH2_TOKEN
Accept: */*

No content

Last updated 10 days ago

hashtagList all secret keys

hashtagAuthorization

hashtagSecurity Note

hashtagRetrieve secret value

hashtagAuthorization

hashtagSecurity Considerations

hashtagCreate or update secret

hashtagDelete a secret.

List all secret keys

Authorization

Security Note

Retrieve secret value

Authorization

Security Considerations

Create or update secret

Delete a secret.