> ## Documentation Index
> Fetch the complete documentation index at: https://docs.nuon.co/llms.txt
> Use this file to discover all available pages before exploring further.

# create an app secret

> Create an app secret that can be used to configure components. To reference an app secret, use `.nuon.secrets.<secret_name>`.

**NOTE** secrets can only be written, or deleted, not read.




## OpenAPI

````yaml post /v1/apps/{app_id}/secret
openapi: 3.0.3
info:
  contact:
    email: support@nuon.co
    name: Nuon Support
  description: API for managing nuon apps, components, installs, and actions.
  title: Nuon
  version: 0.19.1037
servers:
  - url: https://api.nuon.co/
security: []
tags:
  - description: policy-reports
    name: policy-reports
  - description: general
    name: general
  - description: actions
    name: actions
  - description: runbooks
    name: runbooks
  - description: apps
    name: apps
  - description: components
    name: components
  - description: onboarding
    name: onboarding
  - description: slack
    name: slack
  - description: installs
    name: installs
  - description: orgs
    name: orgs
  - description: notebooks
    name: notebooks
  - description: runners/runner
    name: runners/runner
  - description: queues
    name: queues
  - description: actions/runner
    name: actions/runner
  - description: auth
    name: auth
  - description: runners
    name: runners
  - description: vcs
    name: vcs
  - description: accounts
    name: accounts
paths:
  /v1/apps/{app_id}/secret:
    post:
      tags:
        - apps
      summary: create an app secret
      description: >
        Create an app secret that can be used to configure components. To
        reference an app secret, use `.nuon.secrets.<secret_name>`.


        **NOTE** secrets can only be written, or deleted, not read.
      operationId: CreateAppSecret
      parameters:
        - description: app ID
          in: path
          name: app_id
          required: true
          schema:
            type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/service.CreateAppSecretRequest'
        description: Input
        required: true
        x-originalParamName: req
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/app.AppSecret'
          description: Created
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/stderr.ErrResponse'
          description: Bad Request
        '401':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/stderr.ErrResponse'
          description: Unauthorized
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/stderr.ErrResponse'
          description: Forbidden
        '404':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/stderr.ErrResponse'
          description: Not Found
        '409':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/stderr.ErrResponse'
          description: Conflict
        '500':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/stderr.ErrResponse'
          description: Internal Server Error
      deprecated: true
      security:
        - APIKey: []
        - OrgID: []
components:
  schemas:
    service.CreateAppSecretRequest:
      properties:
        name:
          type: string
        value:
          type: string
      required:
        - name
        - value
      type: object
    app.AppSecret:
      properties:
        app_id:
          type: string
        created_at:
          type: string
        created_by_id:
          type: string
        id:
          type: string
        length:
          description: after query fields
          type: integer
        name:
          type: string
        org_id:
          type: string
        updated_at:
          type: string
      type: object
    stderr.ErrResponse:
      properties:
        description:
          type: string
        error:
          type: string
        user_error:
          type: boolean
      type: object
  securitySchemes:
    APIKey:
      description: Type "Bearer" followed by a space and token.
      in: header
      name: Authorization
      type: apiKey
    OrgID:
      description: Nuon org ID
      in: header
      name: X-Nuon-Org-ID
      type: apiKey

````