Add script secret

client.workers.scripts.secrets.update(, , ?): SecretUpdateResponse

PUT/accounts/{account_id}/workers/scripts/{script_name}/secrets

Add a secret to a script.

Security

API Token

The preferred authorization scheme for interacting with the Cloudflare API. Create a token.

Example:Authorization: Bearer Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY

API Email + API Key

The previous authorization scheme for interacting with the Cloudflare API, used in conjunction with a Global API key.

Example:X-Auth-Email: user@example.com

The previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API keys.

Example:X-Auth-Key: 144c9defac04969c7bfad8efaa8ea194

Accepted Permissions (at least one required)

Workers Scripts Write

ParametersExpand Collapse

scriptName: string

Name of the script, used in URLs and route configuration.

SecretUpdateParams = WorkersBindingKindSecretText | WorkersBindingKindSecretKey

SecretUpdateParamsBase

WorkersBindingKindSecretText extends SecretUpdateParamsBase

WorkersBindingKindSecretKey extends SecretUpdateParamsBase

ReturnsExpand Collapse

SecretUpdateResponse = WorkersBindingKindSecretText { name, text, type } | WorkersBindingKindSecretKey { algorithm, format, name, 4 more }

A secret value accessible through a binding.

One of the following:

WorkersBindingKindSecretText { name, text, type }

name: string

A JavaScript variable name for the binding.

text: string

The secret value to use.

type: "secret_text"

The kind of resource that the binding provides.

WorkersBindingKindSecretKey { algorithm, format, name, 4 more }

algorithm: unknown

Algorithm-specific key parameters. Learn more.

format: "raw" | "pkcs8" | "spki" | "jwk"

Data format of the key. Learn more.

One of the following:

"raw"

"pkcs8"

"spki"

"jwk"

name: string

A JavaScript variable name for the binding.

type: "secret_key"

The kind of resource that the binding provides.

usages: Array<"encrypt" | "decrypt" | "sign" | 5 more>

Allowed operations with the key. Learn more.

One of the following:

"encrypt"

"decrypt"

"sign"

"verify"

"deriveKey"

"deriveBits"

"wrapKey"

"unwrapKey"

key_base64?: string

Base64-encoded key data. Required if format is “raw”, “pkcs8”, or “spki”.

key_jwk?: unknown

Key data in JSON Web Key format. Required if format is “jwk”.

Add script secret

import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

const secret = await client.workers.scripts.secrets.update('this-is_my_script-01', {
  account_id: '023e105f4ecef8ad9ca31a8372d0c353',
  name: 'myBinding',
  text: 'My secret.',
  type: 'secret_text',
});

console.log(secret);

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": {
    "name": "myBinding",
    "type": "secret_text"
  }
}

Returns Examples

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": {
    "name": "myBinding",
    "type": "secret_text"
  }
}