> ## Documentation Index
> Fetch the complete documentation index at: https://docs.insforge.dev/llms.txt
> Use this file to discover all available pages before exploring further.

# List all secrets

> Returns metadata for all secrets (without values)



## OpenAPI

````yaml https://raw.githubusercontent.com/InsForge/InsForge/main/openapi/secrets.yaml get /api/secrets
openapi: 3.0.3
info:
  title: Insforge Secrets API
  version: 1.0.0
  description: >-
    Secure secrets management for storing API keys, tokens, and sensitive
    configuration
servers: []
security: []
paths:
  /api/secrets:
    get:
      tags:
        - Admin
      summary: List all secrets
      description: Returns metadata for all secrets (without values)
      responses:
        '200':
          description: List of secret metadata
          content:
            application/json:
              schema:
                type: object
                properties:
                  secrets:
                    type: array
                    items:
                      $ref: '#/components/schemas/SecretMetadata'
              example:
                secrets:
                  - id: 123e4567-e89b-12d3-a456-426614174000
                    key: STRIPE_API_KEY
                    isActive: true
                    isReserved: false
                    createdAt: '2024-01-21T10:30:00Z'
                    updatedAt: '2024-01-21T10:30:00Z'
                    expiresAt: null
                  - id: 223e4567-e89b-12d3-a456-426614174001
                    key: OPENAI_API_KEY
                    isActive: true
                    isReserved: true
                    createdAt: '2024-01-20T09:15:00Z'
                    updatedAt: '2024-01-20T09:15:00Z'
                    expiresAt: '2025-01-20T09:15:00Z'
        '401':
          description: Unauthorized
        '403':
          description: Forbidden - Admin only
      security:
        - bearerAuth: []
components:
  schemas:
    SecretMetadata:
      type: object
      properties:
        id:
          type: string
          format: uuid
          description: Unique identifier for the secret
        key:
          type: string
          description: Unique key identifier (uppercase with underscores)
          example: STRIPE_API_KEY
        isActive:
          type: boolean
          description: Whether the secret is currently active
        isReserved:
          type: boolean
          description: Whether the secret is protected from deletion
        createdAt:
          type: string
          format: date-time
          description: When the secret was created
        updatedAt:
          type: string
          format: date-time
          description: When the secret was last updated
        expiresAt:
          type: string
          format: date-time
          nullable: true
          description: When the secret expires (null if no expiration)
      required:
        - id
        - key
        - isActive
        - isReserved
        - createdAt
        - updatedAt
  securitySchemes:
    bearerAuth:
      type: http
      scheme: bearer
      bearerFormat: JWT

````