Create secret
POST /tenants/{tenant}/secrets
POST
/tenants/{tenant}/secrets
Create a new managed secret. The secretPath points to a key in the tenant’s vault (OpenBao KV v2). Optionally configure sync targets to automatically replicate the secret into Kubernetes namespaces across your managed clusters.
Authorizations
Section titled “Authorizations ”Parameters
Section titled “ Parameters ”Path Parameters
Section titled “Path Parameters ” tenant
required
string
Tenant name
Request Body
Section titled “Request Body ”Secret configuration
object
name
Secret name (DNS-safe, 2-63 characters)
string
Example
database-creds secretPath
Path in the tenant’s vault (OpenBao KV v2)
string
Example
services/database/credentials sync
Optional sync targets to replicate the secret into clusters
Array<object>
object
cluster
Target cluster name
string
Example
production namespace
Target namespace within the cluster
string
Example
app secretName
Override the Kubernetes secret name (defaults to the managed secret name)
string
Example
db-credentialsResponses
Section titled “ Responses ”Secret created
object
createdAt
string
Example
2026-03-10T09:15:00Z name
string
Example
database-creds resourceVersion
string
Example
582019 secretPath
string
Example
services/database/credentials status
object
conditions
Array<object>
object
key
additional properties
phase
string
Example
Synced syncStatuses
Array<object>
object
key
additional properties
sync
Array<object>
object
cluster
string
Example
production namespace
string
Example
app secretName
string
Example
db-credentialsHeaders
Section titled “Headers ” ETag
string
Resource version
Validation error
object
error
string
Missing or invalid authentication
object
error
string
Admin access required
object
error
string
Secret name already exists
object
error
string
Rate limit exceeded
object
error
string