Step 15: Secret Server APIs and CLI

You can access Secret Server without using the user interface for automation and integration purposes. Currently, there are two APIs:

  • An asynchronous REST (representational state transfer) API for Web services, which is based on JSON (JavaScript Object Notation). This is the preferred method. It is faster and easier to read than than the SOAP API and is still actively updated.
  • A synchronous SOAP (Simple Object Access Protocol) for Web services, which is based on XML. This method is deprecated, but we still support it. It is based on an older technology, which has largely been replaced in recent years. There will be no enhancements to this API. There are, however, a few, rarely used capabilities that only our SOAP API has.

We offer a software development kit (SDK) that contains a .NET framework and a command line interface (CLI) for accessing the REST API with Windows applications or scripting languages.

Both APIs, the .NET framework, and the CLI support:

  • GET Requests: Retrieve information from Secret Server, including entire secrets, individual secret fields, and security tokens
  • POST Requests: Create Secret Server data
  • PUT Requests: Update Secret Server data
  • DELETE Requests: Remove Secret Server data
  • Once-per-session permissions (tested once and then based on the IP address), administered with a Secret Server rule

SDK Documentation:

REST API Documentation:

SOAP API Documentation: