List secret names (values never returned)
GET
/secrets
const url = 'https://your-org.evershell.ai/v1/secrets';const options = {method: 'GET', headers: {Authorization: 'Bearer <token>'}};
try { const response = await fetch(url, options); const data = await response.json(); console.log(data);} catch (error) { console.error(error);}curl --request GET \ --url https://your-org.evershell.ai/v1/secrets \ --header 'Authorization: Bearer <token>'Permissions: any signed-in caller. Values are never returned by any endpoint — only the names + create timestamps are surfaced so operators can confirm a secret exists before referencing it from a capability.
Authorizations
Section titled “Authorizations ”Responses
Section titled “ Responses ”OK
Media type application/json
object
secrets
Array<object>
object
name
required
string
created_at
required
string format: date-time
Example generated
{ "secrets": [ { "name": "example", "created_at": "2026-04-15T12:00:00Z" } ]}Secrets subsystem isn’t configured on this CP (secrets_disabled).
Media type application/json
object
error
required
object
code
required
Closed-enum slug (e.g. permission_denied, validation_error, workspace_not_found)
string
message
required
Human-readable summary
string
request_id
required
Server-generated request id for correlating logs
string
details
Optional structured context. Validation errors land at
details.fields as a per-field map.
object
key
additional properties
any
Example
{ "error": { "code": "permission_denied", "message": "caller lacks required scope", "request_id": "7f3a9c2e" }}