Skip to main content
POST
/
api
/
v1
/
shared-secrets
cURL
curl --request POST \
  --url https://us.infisical.com/api/v1/shared-secrets \
  --header 'Content-Type: application/json' \
  --data '
{
  "secretValue": "<string>",
  "name": "<string>",
  "password": "<string>",
  "expiresIn": "30d",
  "maxViews": 2,
  "accessType": "organization",
  "authorizedEmails": [
    "jsmith@example.com"
  ],
  "allowExternalEmails": true
}
'
{
  "id": "<string>",
  "expiresAt": "2023-11-07T05:31:56Z",
  "createdAt": "2023-11-07T05:31:56Z",
  "updatedAt": "2023-11-07T05:31:56Z",
  "sharedSecretLink": "<string>",
  "userId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "orgId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "expiresAfterViews": 123,
  "accessType": "anyone",
  "name": "<string>",
  "lastViewedAt": "2023-11-07T05:31:56Z",
  "type": "share",
  "authorizedEmails": null,
  "identityId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "allowExternalEmails": false
}

Body

application/json
secretValue
string
required

The secret value to share.

Maximum string length: 10000
name
string

An optional name for the shared secret for easier identification.

Maximum string length: 50
password
string

An optional password to protect the shared secret. Recipients will need to provide this password to access the secret.

expiresIn
string
default:30d

The duration after which the shared secret will expire. Accepts formats like '30d', '24h', '1w'. Maximum is 30 days, minimum is 5 minutes.

maxViews
number

The maximum number of times the shared secret can be viewed before it expires. If not provided, unlimited views are allowed.

Required range: x >= 1
accessType
enum<string>
default:organization

Determines who can access the shared secret. 'organization' restricts access to users within your organization. 'anyone' allows access to anyone with the link. Defaults to 'organization'.

Available options:
anyone,
organization
authorizedEmails
string<email>[]

An optional array of email addresses to share the secret with. Maximum 100 emails. Organization members in the list get direct access. When allowExternalEmails is enabled, non-member emails are also accepted and recipients will receive the secret link via email, but must use the password to access it.

Maximum array length: 100
allowExternalEmails
boolean

When true, allows sharing with email addresses that do not belong to Infisical. A password is required when this option is enabled. External recipients will receive the secret link via email and must enter the password to access it.

Response

Default Response

id
string
required
expiresAt
string<date-time>
required
createdAt
string<date-time>
required
updatedAt
string<date-time>
required
sharedSecretLink
string
required
userId
string<uuid> | null
orgId
string<uuid> | null
expiresAfterViews
number | null
accessType
string
default:anyone
name
string | null
lastViewedAt
string<date-time> | null
type
string
default:share
authorizedEmails
unknown
identityId
string<uuid> | null
allowExternalEmails
boolean | null
default:false