List all secrets stored on the given scope.
operationId: getAppsSecrets parameters: - description: >- A cursor for use in pagination. `ending_before` is an object ID that defines your place in the list. For instance, if you make a list request and receive 100 objects, starting with `obj_bar`, your subsequent call can include `ending_before=obj_bar` in order to fetch the previous page of the list. in: query name: ending_before required: false schema: maxLength: 5000 type: string style: form - description: Specifies which fields in the response should be expanded. explode: true in: query name: expand required: false schema: items: maxLength: 5000 type: string type: array style: deepObject - description: >- A limit on the number of objects to be returned. Limit can range between 1 and 100, and the default is 10. in: query name: limit required: false schema: type: integer style: form - description: >- Specifies the scoping of the secret. Requests originating from UI extensions can only access account-scoped secrets or secrets scoped to their own user. explode: true in: query name: scope required: true schema: properties: type: enum: - account - user type: string user: maxLength: 5000 type: string required: - type title: scope_param type: object style: deepObject - description: >- A cursor for use in pagination. `starting_after` is an object ID that defines your place in the list. For instance, if you make a list request and receive 100 objects, ending with `obj_foo`, your subsequent call can include `starting_after=obj_foo` in order to fetch the next page of the list. in: query name: starting_after required: false schema: maxLength: 5000 type: string style: form requestBody: content: application/x-www-form-urlencoded: encoding: {} schema: additionalProperties: false properties: {} type: object required: false responses: '200': content: application/json: schema: description: '' properties: data: items: $ref: '#/components/schemas/apps.secret' type: array has_more: description: >- True if this list has another page of items after this one that can be fetched. type: boolean object: description: >- String representing the object's type. Objects of the same type share the same value. Always has the value `list`. enum: - list type: string url: description: The URL where this list can be accessed. maxLength: 5000 pattern: ^/v1/apps/secrets type: string required: - data - has_more - object - url title: SecretServiceResourceSecretList type: object x-expandableFields: - data description: Successful response. default: content: application/json: schema: $ref: '#/components/schemas/error' description: Error response. summary: Stripe Get Apps Secrets x-api-evangelist-processing: GenerateOperationSummariesFromPath: true PascalCaseOperationSummaries: true CaselCaseOperationIds: true ChooseTags: true tags: - Applications - Get - Secrets post: description:Create or replace a secret in the secret store.
operationId: postAppsSecrets requestBody: content: application/x-www-form-urlencoded: encoding: expand: explode: true style: deepObject scope: explode: true style: deepObject schema: additionalProperties: false properties: expand: description: Specifies which fields in the response should be expanded. items: maxLength: 5000 type: string type: array expires_at: description: >- The Unix timestamp for the expiry time of the secret, after which the secret deletes. format: unix-time type: integer name: description: A name for the secret that's unique within the scope. maxLength: 5000 type: string payload: description: The plaintext secret value to be stored. maxLength: 5000 type: string scope: description: >- Specifies the scoping of the secret. Requests originating from UI extensions can only access account-scoped secrets or secrets scoped to their own user. properties: type: enum: - account - user type: string user: maxLength: 5000 type: string required: - type title: scope_param type: object required: - name - payload - scope type: object required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/apps.secret' description: Successful response. default: content: application/json: schema: $ref: '#/components/schemas/error' description: Error response. summary: Stripe Post Apps Secrets x-api-evangelist-processing: GenerateOperationSummariesFromPath: true PascalCaseOperationSummaries: true CaselCaseOperationIds: true ChooseTags: true tags: - Applications - Post - Secrets /v1/apps/secrets/delete: post: description:Deletes a secret from the secret store by name and scope.
operationId: postAppsSecretsDelete requestBody: content: application/x-www-form-urlencoded: encoding: expand: explode: true style: deepObject scope: explode: true style: deepObject schema: additionalProperties: false properties: expand: description: Specifies which fields in the response should be expanded. items: maxLength: 5000 type: string type: array name: description: A name for the secret that's unique within the scope. maxLength: 5000 type: string scope: description: >- Specifies the scoping of the secret. Requests originating from UI extensions can only access account-scoped secrets or secrets scoped to their own user. properties: type: enum: - account - user type: string user: maxLength: 5000 type: string required: - type title: scope_param type: object required: - name - scope type: object required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/apps.secret' description: Successful response. default: content: application/json: schema: $ref: '#/components/schemas/error' description: Error response. summary: Stripe Post Apps Secrets Delete x-api-evangelist-processing: GenerateOperationSummariesFromPath: true PascalCaseOperationSummaries: true CaselCaseOperationIds: true ChooseTags: true tags: - Applications - Delete - Post - Secrets /v1/apps/secrets/find: get: description:Finds a secret in the secret store by name and scope.
operationId: getAppsSecretsFind parameters: - description: Specifies which fields in the response should be expanded. explode: true in: query name: expand required: false schema: items: maxLength: 5000 type: string type: array style: deepObject - description: A name for the secret that's unique within the scope. in: query name: name required: true schema: maxLength: 5000 type: string style: form - description: >- Specifies the scoping of the secret. Requests originating from UI extensions can only access account-scoped secrets or secrets scoped to their own user. explode: true in: query name: scope required: true schema: properties: type: enum: - account - user type: string user: maxLength: 5000 type: string required: - type title: scope_param type: object style: deepObject requestBody: content: application/x-www-form-urlencoded: encoding: {} schema: additionalProperties: false properties: {} type: object required: false responses: '200': content: application/json: schema: $ref: '#/components/schemas/apps.secret' description: Successful response. default: content: application/json: schema: $ref: '#/components/schemas/error' description: Error response. summary: Stripe Get Apps Secrets Find x-api-evangelist-processing: GenerateOperationSummariesFromPath: true PascalCaseOperationSummaries: true CaselCaseOperationIds: true ChooseTags: true tags: - Applications - Find - Get - Secrets components: schemas: error: description: An error response from the Stripe API properties: error: $ref: '#/components/schemas/api_errors' required: - error type: object apps.secret: description: >- Secret Store is an API that allows Stripe Apps developers to securely persist secrets for use by UI Extensions and app backends. The primary resource in Secret Store is a `secret`. Other apps can't view secrets created by an app. Additionally, secrets are scoped to provide further permission control. All Dashboard users and the app backend share `account` scoped secrets. Use the `account` scope for secrets that don't change per-user, like a third-party API key. A `user` scoped secret is accessible by the app backend and one specific Dashboard user. Use the `user` scope for per-user secrets like per-user OAuth tokens, where different users might have different permissions. Related guide: [Store data between page reloads](https://stripe.com/docs/stripe-apps/store-auth-data-custom-objects) properties: created: description: >- Time at which the object was created. Measured in seconds since the Unix epoch. format: unix-time type: integer deleted: description: If true, indicates that this secret has been deleted type: boolean expires_at: description: >- The Unix timestamp for the expiry time of the secret, after which the secret deletes. format: unix-time nullable: true type: integer id: description: Unique identifier for the object. maxLength: 5000 type: string livemode: description: >- Has the value `true` if the object exists in live mode or the value `false` if the object exists in test mode. type: boolean name: description: A name for the secret that's unique within the scope. maxLength: 5000 type: string object: description: >- String representing the object's type. Objects of the same type share the same value. enum: - apps.secret type: string payload: description: The plaintext secret value to be stored. maxLength: 5000 nullable: true type: string scope: $ref: '#/components/schemas/secret_service_resource_scope' required: - created - id - livemode - name - object - scope title: SecretServiceResourceSecret type: object x-expandableFields: - scope x-resourceId: apps.secret securitySchemes: basicAuth: description: >- Basic HTTP authentication. Allowed headers-- Authorization: Basic