Quickstart

Get your API key

Self-provision instantly. No email, no password, no dashboard. One POST.

curl -X POST https://secretcarousel.com/api/signup \
  -H "Content-Type: application/json" \
  -d '{"tenantId": "my-project"}'

# Response:
# {"apiKey":"sc_free_my_project_a1b2c3...","tenantId":"my-project","plan":"free"}

Or via CLI:

npx secretcarousel signup --tenant my-project

Store your first secret

export SC_API_KEY=sc_free_my_project_a1b2c3...

curl -X POST https://secretcarousel.com/api/v1/secrets \
  -H "X-API-Key: ${SC_API_KEY}" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "DATABASE_URL",
    "value": "postgres://user:pass@host:5432/db",
    "secretType": "database-credentials"
  }'

# Response: {"message":"Secret created successfully","secret":{"secretId":"secret-abc123","name":"DATABASE_URL","version":1}}

Retrieve it (decrypted on demand)

curl https://secretcarousel.com/api/v1/secrets/secret-abc123 \
  -H "X-API-Key: ${SC_API_KEY}"

# Response: {"secret":{"name":"DATABASE_URL","value":"postgres://user:pass@host:5432/db","version":1,"accessCount":1}}

List all secrets

curl https://secretcarousel.com/api/v1/secrets \
  -H "X-API-Key: ${SC_API_KEY}"

# Returns paginated list (values NOT included — only metadata)

Set rotation (Pro plan)

curl -X POST https://secretcarousel.com/api/v1/rotation \
  -H "X-API-Key: ${SC_API_KEY}" \
  -H "Content-Type: application/json" \
  -d '{
    "secretId": "secret-abc123",
    "schedule": "0 0 */30 * *",
    "alertDaysBefore": 7,
    "alertEmail": "ops@myproject.dev"
  }'

Share with another agent (Pro plan)

curl -X POST https://secretcarousel.com/api/v1/shares \
  -H "X-API-Key: ${SC_API_KEY}" \
  -H "Content-Type: application/json" \
  -d '{
    "secretId": "secret-abc123",
    "expirationHours": 1,
    "maxUses": 1
  }'

# Returns share token — recipient accesses via POST /api/v1/shares/access/:token