Create or update a vault secret

curl --request POST \
  --url https://your-instance.example.com/api/vault/upsert \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "name": "OPENAI_API_KEY",
  "value": "sk-REDACTED",
  "workosOrganizationId": "org_01HXYZ123ABCDEFG"
}
'

{
  "success": true,
  "message": "Secret created successfully",
  "data": {
    "name": "TWILIO_AUTH_TOKEN"
  }
}

POST

api

vault

upsert

Create or update a vault secret

curl --request POST \
  --url https://your-instance.example.com/api/vault/upsert \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "name": "OPENAI_API_KEY",
  "value": "sk-REDACTED",
  "workosOrganizationId": "org_01HXYZ123ABCDEFG"
}
'

{
  "success": true,
  "message": "Secret created successfully",
  "data": {
    "name": "TWILIO_AUTH_TOKEN"
  }
}

Authorizations

Authorization

string

header

required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Body

application/json

name

string

required

value

string

required

workosOrganizationId

string

WorkOS organization ID (format: "org_...")

Response

Secret saved successfully

Response from create / update / upsert vault secret endpoints.

success

enum<boolean>

required

Available options:

true

data

object

required

Lightweight projection of a vault secret. Values are never included in list responses.

Show child attributes

Example:

{ "name": "TWILIO_AUTH_TOKEN" }

message

string

Delete a vault secret Get the current vertical (public)

⌘I