Secrets Configuration

The config secret service enables you to add, delete, or update named secrets in the Control-M vault, which is a secure collection of name and value pairs of secrets.

For more information, see Secrets in Code.

The following API commands enable you to configure and manage secrets in the Control-M vault:

config secret::add
config secret::delete
config secret::update
config secrets::get

config secret::add

The config secret::add command enables you to create a pair, which consists of named secret and value in the Control-M vault.

CLI Syntax

Copy

ctm config secret::add <name> <value>

The following table describes the config secret::add command parameters.

Parameter	Description
name	Name of the secret.
value	Value of the secret.

If annotation is enabled for the Scheduling definitions category in the CCM, you must also provide an annotation to justify your action. For more information, see Annotation Input.

REST API Syntax

cURL:

Copy

AuthHeader="x-api-key: $token"
# AuthHeader="Authentication: Bearer $token"  #for a session token

curl -H "$AuthHeader" -X POST -d "{\"name\":\"$name\",\"value\":\"$value\"}" "$endpoint/config/secret"

To determine the correct AuthHeader value—"Authentication: Bearer $token" or "x-api-key: $token"—see Authentication Tokens.

config secret::delete

The config secret::delete command enables you to delete a pair of named secret and value from the Control-M vault.

CLI Syntax

Copy

ctm config secret::delete <name>

Where name is the name of the secret.

If annotation is enabled for the Scheduling definitions category in the CCM, you must also provide an annotation to justify your action. For more information, see Annotation Input.

REST API Syntax

cURL:

Copy

AuthHeader="x-api-key: $token"
# AuthHeader="Authentication: Bearer $token"  #for a session token

curl -H "$AuthHeader" -X DELETE  "$endpoint/config/secret/$name"

To determine the correct AuthHeader value—"Authentication: Bearer $token" or "x-api-key: $token"—see Authentication Tokens.

config secret::update

The config secret::update command enables you to update the value of the named secret in the Control-M vault.

CLI Syntax

Copy

ctm config secret::update <name> <value>

The following table describes the config secret::update command parameters.

Parameter	Description
name	Name of the secret.
value	New value of secret.

If annotation is enabled for the Scheduling definitions category in the CCM, you must also provide an annotation to justify your action. For more information, see Annotation Input.

REST API Syntax

cURL:

Copy

AuthHeader="x-api-key: $token"
# AuthHeader="Authentication: Bearer $token"  #for a session token

curl -H "$AuthHeader" -X POST -d "{\"value\":\"$value\"}" "$endpoint/config/secret/$name"

To determine the correct AuthHeader value—"Authentication: Bearer $token" or "x-api-key: $token"—see Authentication Tokens.

config secrets::get

The config secrets::get command enables you to get a list of names of defined secrets in the Control-M vault.

CLI Syntax

Copy

ctm config secrets::get

REST API Syntax

cURL:

Copy

AuthHeader="x-api-key: $token"
# AuthHeader="Authentication: Bearer $token"  #for a session token

curl -H "$AuthHeader" "$endpoint/config/secrets"

To determine the correct AuthHeader value—"Authentication: Bearer $token" or "x-api-key: $token"—see Authentication Tokens.