|
| 1 | +# Connector Vault Secrets API Documentation |
| 2 | + |
| 3 | +This API is designed for managing and creating secrets in the Connector Vault, which are typically used for OAuth2 flows. |
| 4 | + |
| 5 | +## Key Concepts |
| 6 | + |
| 7 | +- **`secret-alias`**: Represents the unique identifier (alias) for the secret in the vault. It acts as a reference to retrieve or manage the stored secret. |
| 8 | +- **`my-secret`**: Represents the actual value of the secret that needs to be stored. This could be sensitive data, such as client credentials or tokens. |
| 9 | + |
| 10 | +## Endpoints |
| 11 | + |
| 12 | +### 1. Create a Secret |
| 13 | +Use this endpoint to create a new secret in the Connector Vault. |
| 14 | + |
| 15 | +**Endpoint**: |
| 16 | +`POST {{EDC_MANAGEMENT_URL}}/v3/secrets` |
| 17 | + |
| 18 | +**Request Body**: |
| 19 | +{% code title="JSON" overflow="wrap" lineNumbers="true" %} |
| 20 | +```json |
| 21 | +{ |
| 22 | + "@context": { |
| 23 | + "edc": "https://w3id.org/edc/v0.0.1/ns/" |
| 24 | + }, |
| 25 | + "@type": "Secret", |
| 26 | + "@id": "secret-alias", |
| 27 | + "edc:value": "my-secret" |
| 28 | +} |
| 29 | +``` |
| 30 | +{% endcode %} |
| 31 | + |
| 32 | +- `@id`: Unique identifier (alias) for the secret. |
| 33 | +- `edc:value`: The secret value to be stored. |
| 34 | + |
| 35 | + |
| 36 | +### 2. Retrieve a Secret |
| 37 | +Use this endpoint to retrieve a secret by its unique identifier. |
| 38 | + |
| 39 | +**Endpoint**: |
| 40 | +`GET {{EDC_MANAGEMENT_URL}}/v3/secrets/:secret-id` |
| 41 | + |
| 42 | +- Replace `:secret-id` with the unique identifier (alias) of the secret. |
| 43 | + |
| 44 | +### 3. Delete a Secret |
| 45 | +Use this endpoint to delete a stored secret by its unique identifier. |
| 46 | + |
| 47 | +**Endpoint**: |
| 48 | +`DELETE {{EDC_MANAGEMENT_URL}}/v3/secrets/:secret-id` |
| 49 | + |
| 50 | +- Replace `:secret-id` with the unique identifier (alias) of the secret. |
| 51 | + |
| 52 | +### 4. Update a Secret |
| 53 | +Use this endpoint to update the value of an existing secret. |
| 54 | + |
| 55 | +**Endpoint**: |
| 56 | +`PUT {{EDC_MANAGEMENT_URL}}/v3/secrets` |
| 57 | + |
| 58 | +**Request Body**: |
| 59 | +{% code title="JSON" overflow="wrap" lineNumbers="true" %} |
| 60 | +```json |
| 61 | +{ |
| 62 | + "@context": { |
| 63 | + "edc": "https://w3id.org/edc/v0.0.1/ns/" |
| 64 | + }, |
| 65 | + "@type": "Secret", |
| 66 | + "@id": "secret-id", |
| 67 | + "edc:value": "my-updated-secret" |
| 68 | +} |
| 69 | +``` |
| 70 | +{% endcode %} |
| 71 | + |
| 72 | +- `@id`: Unique identifier (alias) for the secret. |
| 73 | +- `edc:value`: The updated secret value to be stored. |
| 74 | + |
| 75 | +## Limitations |
| 76 | +- You cannot add json structures to the vault. This is necessary if you want to add AWS-S3 Credentials to the vault. |
0 commit comments