Set Secret
Sets a secret in a specified key vault.
The CREATE operation adds a secret to the Azure Key Vault. If the named secret already exists, Azure Key Vault creates a new version of that secret.
See Common parameters and headers for headers and parameters that are used by all requests.
In your request:
- Name the new or to be updated secret using
{secret-name}in the request URL.
For more information, see About keys, secrets, and certificates and Authentication, requests and responses.
PUT https://{vaultBaseUrl}/secrets/{secret-name}?api-version={api-version}
URI Parameters
| Name | In | Required | Type | Description |
|---|---|---|---|---|
|
vaultBaseUrl
|
path | True |
|
The vault name, for example https://myvault.vault.azure.net. |
|
secret-name
|
path | True |
|
The name of the secret. Regex pattern: |
|
api-version
|
query | True |
|
Use the latest service version, 2016-10-01. |
Request Body
| Name | Required | Type | Description |
|---|---|---|---|
| attributes |
The secret management attributes. |
||
| contentType |
|
Type of the secret value such as a password. |
|
| tags |
|
Application specific metadata in the form of key-value pairs. |
|
| value | True |
|
The value of the secret. |
Responses
| Name | Type | Description |
|---|---|---|
| 200 OK |
A secret bundle containing the result of the set secret request. |
|
| Other Status Codes |
Key Vault error response describing why the operation failed. |
Definitions
| Error |
The key vault server error. |
| KeyVaultError | |
| SecretAttributes |
The secret management attributes. |
| SecretBundle |
The key vault server error.
| Name | Type | Description |
|---|---|---|
| code |
|
The error code. |
| innererror | ||
| message |
|
The error message. |
| Name | Type | Description |
|---|---|---|
| error |
The key vault server error. |
The secret management attributes.
| Name | Type | Description |
|---|---|---|
| created |
|
Creation time in UTC. |
| enabled |
|
Determines whether the object is enabled. |
| exp |
|
Expiry date in UTC. |
| nbf |
|
Not before date in UTC. |
| recoveryLevel |
|
Reflects the deletion recovery level currently in effect for secrets in the current vault. If it contains 'Purgeable', the secret can be permanently deleted by a privileged user; otherwise, only the system can purge the secret, at the end of the retention interval. |
| updated |
|
Last updated time in UTC. |
| Name | Type | Description |
|---|---|---|
| attributes |
The secret management attributes. |
|
| contentType |
|
The content type of the secret. |
| id |
|
The secret id. |
| kid |
|
If this is a secret backing a KV certificate, then this field specifies the corresponding key backing the KV certificate. |
| managed |
|
True if the secret's lifetime is managed by key vault. If this is a secret backing a certificate, then managed will be true. |
| tags |
|
Application specific metadata in the form of key-value pairs. |
| value |
|
The secret value. |