List secrets
Returns all secrets in the current project. Secret values are never returned.
Authorizations
API key obtained from the dashboard or GET /user/api-key
Response
List of secrets
anthropic, openai, generic Where the secret value lives — stored encrypted (inline) or resolved from 1Password at request time (onepassword).
inline, onepassword 1Password secret reference (op://vault/item/field). Only set when valueSource is onepassword.
How the gateway injects this secret into matching outbound requests (generic secrets only). Exactly one variant:
- Header —
{ "headerName": "Authorization", "valueFormat": "Bearer {value}" } - Query parameter —
{ "paramName": "key", "paramFormat": "{value}" } - URL path template —
{ "pathTemplate": "/bot{value}" }(must start with/and contain{value}exactly once) - URL path regex —
{ "pathRegex": "^/bot([^/]+)", "pathReplacement": "/bot{value}" }(replacement must contain{value})
Unknown or mixed keys are rejected.
- Header injection
- Query parameter injection
- URL path template injection
- URL path regex injection
Type-specific metadata (e.g. authMode for anthropic/openai secrets, 1Password display labels).
Project lists include inherited organization secrets; use this to tell them apart.
project, organization