Oracle Cloud Infrastructure Documentation

Getting a Secret's Details

Learn how to get the details information for a secret stored in an OCI vault.

    1. Open the navigation menu , select Identity & Security, and then select Vault.
    2. Under List scope, select the compartment that contains the secret.

    3. From the list of vaults in the compartment, select a vault name.

    4. Select Secrets, and then select the name of the secret to open its details page.

    The Secret Information section displays the following information:

    • OCID: The unique, Oracle-assigned ID of the secret.
    • Created: The date and time when you initially created the secret.
    • Compartment: The name of the compartment that contains the secret.
    • Vault: The name of the vault that contains the secret.
    • Auto generation enabled: Specifies whether the secret content was automatically generated or not.
    • Auto rotation enabled: Specifies when the secret content was automatically rotated or not.

    The Additional Information section displays the following information:

    • Target system type: Specifies the configured target system type such as Autonomous Database or Function.
    • Target system id: Specifies the configured target system ID. Select Show to view the system ID and select Copy to copy the system ID.
    • Last rotation: The date and time when the secret was last successfully rotated.
    • Next rotation: The date and time when the next secret rotation is scheduled.
    • Generation type: Specifies the configured secret type.
    • Generation context: Specifies the configured generation context.
    • Secret length: Specifies the configured secret length.
    • Secret format: Specifies the configured secret format. Select Show to view the secret format and select Copy to copy the secret format.

  • Use the get command to get the details of a secret in a vault.

    Open a command prompt and run oci vault secret get to view a specific secret's details:

    oci vault secret get --secret-id <secret_OCID>

    For example:

    
oci vault secret get --secret-id ocid1.vaultsecret.oc1.iad.exampleaz5qacpqahuecvbjqzql4qmpbrtd7pprafhivcfik6wuitexample

    For a complete list of parameters and values for CLI commands, see the CLI Command Reference.

  • Use the GetSecret API with the Management Endpoint to get the details of a secret.

    Note

    The Management Endpoint is used for management operations including Create, Update, List, Get, and Delete. The Management Endpoint is also called the control plane URL or the KMSMANAGMENT endpoint.

    The Cryptographic Endpoint is used for cryptographic operations including Encrypt, Decrypt, Generate Data Encryption Key, Sign, and Verify. The Cryptographic Endpoint is also called the data plane URL or the KMSCRYPTO endpoint.

    You can find the management and cryptographic endpoints in a vault's details metadata. See Getting a Vault's Details for instructions.

    For regional endpoints for the Key Management, Secret Management, and Secret Retrieval APIs, see API Reference and Endpoints.