Skip to main content
POST
/
api
/
v1
/
vaults
Create
package main

import(
	"context"
	"github.com/conductorone/conductorone-sdk-go/pkg/models/shared"
	conductoronesdkgo "github.com/conductorone/conductorone-sdk-go"
	"log"
)

func main() {
    ctx := context.Background()

    s := conductoronesdkgo.New(
        conductoronesdkgo.WithSecurity(shared.Security{
            BearerAuth: "<YOUR_BEARER_TOKEN_HERE>",
            Oauth: "<YOUR_OAUTH_HERE>",
        }),
    )

    res, err := s.Vault.Create(ctx, nil)
    if err != nil {
        log.Fatal(err)
    }
    if res.VaultServiceCreateResponse != nil {
        // handle response
    }
}
{
  "vault": {
    "createdAt": "2023-11-07T05:31:56Z",
    "credentialExpirationDuration": "<string>",
    "deletedAt": "2023-11-07T05:31:56Z",
    "description": "<string>",
    "displayName": "<string>",
    "groupAuthzVault": {},
    "id": "<string>",
    "magicVault": {
      "allowUnauthedViews": true,
      "allowedViews": 123
    },
    "updatedAt": "2023-11-07T05:31:56Z"
  }
}

Documentation Index

Fetch the complete documentation index at: https://conductorone-ian-account-to-user-pipeline.mintlify.app/llms.txt

Use this file to discover all available pages before exploring further.

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Authorization
string
header
required

This API uses OAuth2 with the Client Credential flow. Client Credentials must be sent in the BODY, not the headers. For an example of how to implement this, refer to the c1TokenSource.Token() function.

Body

application/json

VaultServiceCreateRequest is the request message for creating a new vault.

This message contains a oneof named vault. Only a single field of the following list may be set at a time:

  • groupAuthzVault
  • magicVault
displayName
string
required

The human-readable name for the new vault.

description
string

A free-text description of the vault's purpose or configuration.

groupAuthzVault
Group Authz Vault · object

GroupAuthzVault configures a vault that uses group-based authorization to control access to stored credentials.

magicVault
Magic Vault · object

MagicVault configures a vault that grants time-limited credential access via magic links.

ownerIds
string[] | null

The IDs of users to assign as owners of this vault.

Response

200 - application/json

VaultServiceCreateResponse is the response message for creating a new vault.

VaultServiceCreateResponse is the response message for creating a new vault.

vault
Vault · object

Vault represents an external secret storage integration used to store connector credentials securely.

This message contains a oneof named vault. Only a single field of the following list may be set at a time:

  • groupAuthzVault
  • magicVault