Lockbox API, gRPC: SecretService.Get
Returns the specified secret.
To get the list of all available secrets, make a List request.
Use PayloadService.Get to get the payload (confidential data themselves) of the secret.
gRPC request
rpc Get (GetSecretRequest) returns (Secret)
GetSecretRequest
{
"secret_id": "string"
}
|
Field |
Description |
|
secret_id |
string Required field. ID of the secret to return. To get a secret ID make a List request. |
Secret
{
"id": "string",
"folder_id": "string",
"created_at": "google.protobuf.Timestamp",
"name": "string",
"description": "string",
"labels": "map<string, string>",
"kms_key_id": "string",
"status": "Status",
"current_version": {
"id": "string",
"secret_id": "string",
"created_at": "google.protobuf.Timestamp",
"destroy_at": "google.protobuf.Timestamp",
"description": "string",
"status": "Status",
"payload_entry_keys": [
"string"
],
// Includes only one of the fields `password_payload_specification`
"password_payload_specification": {
"password_key": "string",
"length": "int64",
"include_uppercase": "google.protobuf.BoolValue",
"include_lowercase": "google.protobuf.BoolValue",
"include_digits": "google.protobuf.BoolValue",
"include_punctuation": "google.protobuf.BoolValue",
"included_punctuation": "string",
"excluded_punctuation": "string"
}
// end of the list of possible fields
},
"deletion_protection": "bool",
// Includes only one of the fields `password_payload_specification`
"password_payload_specification": {
"password_key": "string",
"length": "int64",
"include_uppercase": "google.protobuf.BoolValue",
"include_lowercase": "google.protobuf.BoolValue",
"include_digits": "google.protobuf.BoolValue",
"include_punctuation": "google.protobuf.BoolValue",
"included_punctuation": "string",
"excluded_punctuation": "string"
}
// end of the list of possible fields
}
A secret that may contain several versions of the payload.
|
Field |
Description |
|
id |
string ID of the secret. |
|
folder_id |
string ID of the folder that the secret belongs to. |
|
created_at |
Creation timestamp. |
|
name |
string Name of the secret. |
|
description |
string Description of the secret. |
|
labels |
object (map<string, string>) Custom labels for the secret as |
|
kms_key_id |
string Optional ID of the KMS key will be used to encrypt and decrypt the secret. |
|
status |
enum Status Status of the secret.
|
|
current_version |
Current (i.e. the |
|
deletion_protection |
bool Flag that inhibits deletion of the secret. |
|
password_payload_specification |
Includes only one of the fields |
Version
|
Field |
Description |
|
id |
string ID of the version. |
|
secret_id |
string ID of the secret that the version belongs to. |
|
created_at |
Time when the version was created. |
|
destroy_at |
Time when the version is going to be destroyed. Empty unless the status |
|
description |
string Description of the version. |
|
status |
enum Status Status of the secret.
|
|
payload_entry_keys[] |
string Keys of the entries contained in the version payload. |
|
password_payload_specification |
Includes only one of the fields |
PasswordPayloadSpecification
|
Field |
Description |
|
password_key |
string Required field. key of the entry to store generated password value |
|
length |
int64 password length; by default, a reasonable length will be decided |
|
include_uppercase |
whether at least one A..Z character is included in the password, true by default |
|
include_lowercase |
whether at least one a..z character is included in the password, true by default |
|
include_digits |
whether at least one 0..9 character is included in the password, true by default |
|
include_punctuation |
whether at least one punctuation character is included in the password, true by default |
|
included_punctuation |
string If include_punctuation is true, one of these two fields (not both) may be used optionally to customize the punctuation: |
|
excluded_punctuation |
string a string of punctuation characters to exclude from the default (at most 31, it's not allowed to exclude all the 32) |