我的书签
添加书签
移除书签Secrets API reference
This endpoint lets you get the value of a secret for a given secret store.
URL Parameters
Query Parameters
Some secret stores have optional metadata properties. metadata is populated using query parameters:
GCP Secret Manager
The following optional meta can be provided to the GCP Secret Manager component
| Query Parameter | Description |
|---|---|
| metadata.version_id | version for the given secret key |
AWS Secret Manager
HTTP Response
Response Body
If a secret store has support for multiple key-values in a secret, a JSON payload is returned with the key names as fields and their respective values.
In case of a secret store that only has name/value semantics, a JSON payload is returned with the name of the secret as the field and the value of the secret as the value.
See the classification of secret stores that support multiple keys in a secret and name/value semantics.
Response with multiple keys in a secret (eg. Kubernetes):
curl http://localhost:3500/v1.0/secrets/kubernetes/db-secret
{"key1": "value1","key2": "value2"}
The above example demonstrates a response from a secret store with multiple keys in a secret. Note that the secret name (db-secret) is not returned as part of the result.
Response from a secret store with name/value semantics:
{"db-secret": "value1"}
Response Codes
| Code | Description |
|---|---|
| 200 | OK |
| 204 | Secret not found |
| 400 | Secret store is missing or misconfigured |
| 403 | Access denied |
| 500 | Failed to get secret or no secret stores defined |
curl http://localhost:3500/v1.0/secrets/vault/db-secret?metadata.version_id=15&metadata.version_stage=AAA
Get Bulk Secret
This endpoint lets you get all the secrets in a secret store. It’s recommended to use token authentication for Dapr if configuring a secret store.
HTTP Request
GET http://localhost:<daprPort>/v1.0/secrets/<secret-store-name>/bulk
URL Parameters
Response Body
The returned response is a JSON containing the secrets. The JSON object will contain the secret names as fields and a map of secret keys and values as the field value.
Response with multiple secrets and multiple key / values in a secret (eg. Kubernetes):
curl http://localhost:3500/v1.0/secrets/kubernetes/bulk
"secret1": {"key1": "value1","key2": "value2"},"secret2": {"key4": "value4"}}
Response Codes
| Code | Description |
|---|---|
| 200 | OK |
| 400 | Secret store is missing or misconfigured |
| 403 | Access denied |
| 500 | Failed to get secret or no secret stores defined |
Examples
{"key1": {"key1": "value1"},"key2": {"key2": "value2"}
