You can share your secrets stored in CryptoMove as long as you have the email address of the other person. CryptoMove sends the other person an email inviting them to sign up or log into their existing CryptoMove account; once logged in, they automatically see the shared secret.
When sharing the secret, you give the other user read access (R), write access (W), or both (RW). Users with read access to a shared secret can reveal and list the secret. Users with write access can change the value and metadata of the shared secret. Only the user who created the secret can share it or delete it.
You can simultaneously share multiple secrets with multiple users in a single API request using arrays in the JSON request body. As an example, you can invoke the following request to share your database password and API key to Spock and Kirk, who will have read and write (RW) access to the two secrets.
curl --request POST \
--url https://api.cryptomove.com/v1/user/secret/share \
--header 'authorization: eyJhbGciOAccessToken' \
--header 'content-type: application/json' \
--data '{"key_name":["database_password","API_key"],
"permission":"RW",
"usr_id_from":"[email protected]",
"usr_id_to":["[email protected]","[email protected]"],
"email":"[email protected]"}'
var request = require("request");
var options = {
method: 'POST',
url: 'https://api.cryptomove.com/v1/user/secret/share',
headers: {authorization: 'eyJhbGciOAccessToken', 'content-type': 'application/json'},
body: '{"key_name":["database_password","API_key"],"permission":"RW","usr_id_from":"[email protected]","usr_id_to":["[email protected]","[email protected]"],"email":"[email protected]"}'
};
request(options, function (error, response, body) {
if (error) throw new Error(error);
console.log(body);
});
require 'uri'
require 'net/http'
require 'openssl'
url = URI("https://api.cryptomove.com/v1/user/secret/share")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
request = Net::HTTP::Post.new(url)
request["authorization"] = 'eyJhbGciOAccessToken'
request["content-type"] = 'application/json'
request.body = "{\"key_name\":[\"database_password\",\"API_key\"],\"permission\":\"RW\",\"usr_id_from\":\"[email protected]\",\"usr_id_to\":[\"[email protected]\",\"[email protected]\"],\"email\":\"[email protected]\"}"
response = http.request(request)
puts response.read_body
var data = "{\"key_name\":[\"database_password\",\"API_key\"],\"permission\":\"RW\",\"usr_id_from\":\"[email protected]\",\"usr_id_to\":[\"[email protected]\",\"[email protected]\"],\"email\":\"[email protected]\"}";
var xhr = new XMLHttpRequest();
xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});
xhr.open("POST", "https://api.cryptomove.com/v1/user/secret/share");
xhr.setRequestHeader("authorization", "eyJhbGciOAccessToken");
xhr.setRequestHeader("content-type", "application/json");
xhr.send(data);
import requests
url = "https://api.cryptomove.com/v1/user/secret/share"
payload = "{\"key_name\":[\"database_password\",\"API_key\"],\"permission\":\"RW\",\"usr_id_from\":\"[email protected]\",\"usr_id_to\":[\"[email protected]\",\"[email protected]\"],\"email\":\"[email protected]\"}"
headers = {
'authorization': "eyJhbGciOAccessToken",
'content-type': "application/json"
}
response = requests.request("POST", url, data=payload, headers=headers)
print(response.text)
Sharing Secrets with a Team
You can also share a secret with a team of users rather than specifying them individually. Only members of the team can share a secret with the team. For information about creating teams, see Creating Teams. In the following example, a member of the Development team is sharing the database password and API key with members of their team:
curl --request POST \
--url https://api.cryptomove.com/v1/user/secret/share \
--header 'authorization: eyJhbGciOAccessToken' \
--header 'content-type: application/json' \
--data '{"key_name":["database_password","API_key"],
"permission":"RW",
"usr_id_from":"[email protected]",
"group_id_to":"Development",
"email":"[email protected]"}'
var request = require("request");
var options = {
method: 'POST',
url: 'https://api.cryptomove.com/v1/user/secret/share',
headers: {authorization: 'eyJhbGciOAccessToken', 'content-type': 'application/json'},
body: '{"key_name":["database_password","API_key"],"permission":"RW","usr_id_from":"[email protected]","group_id_to":"Development","email":"[email protected]"}'
};
request(options, function (error, response, body) {
if (error) throw new Error(error);
console.log(body);
});
require 'uri'
require 'net/http'
require 'openssl'
url = URI("https://api.cryptomove.com/v1/user/secret/share")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
request = Net::HTTP::Post.new(url)
request["authorization"] = 'eyJhbGciOAccessToken'
request["content-type"] = 'application/json'
request.body = "{\"key_name\":[\"database_password\",\"API_key\"],\"permission\":\"RW\",\"usr_id_from\":\"[email protected]\",\"group_id_to\":\"Development\",\"email\":\"[email protected]\"}"
response = http.request(request)
puts response.read_body
var data = "{\"key_name\":[\"database_password\",\"API_key\"],\"permission\":\"RW\",\"usr_id_from\":\"[email protected]\",\"group_id_to\":\"Development\",\"email\":\"[email protected]\"}";
var xhr = new XMLHttpRequest();
xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});
xhr.open("POST", "https://api.cryptomove.com/v1/user/secret/share");
xhr.setRequestHeader("authorization", "eyJhbGciOAccessToken");
xhr.setRequestHeader("content-type", "application/json");
xhr.send(data);
import requests
url = "https://api.cryptomove.com/v1/user/secret/share"
payload = "{\"key_name\":[\"database_password\",\"API_key\"],\"permission\":\"RW\",\"usr_id_from\":\"[email protected]\",\"group_id_to\":\"Development\",\"email\":\"[email protected]\"}"
headers = {
'authorization': "eyJhbGciOAccessToken",
'content-type': "application/json"
}
response = requests.request("POST", url, data=payload, headers=headers)
print(response.text)
Removing a User's Shared Secrets
Only the user who created a secret can delete that secret, whether it is shared or not. However, you can remove a secret that has been shared with you from your list of secrets. For example, User A shares a secret with User B, but at a later time User B decides they no longer need access to the secret. User B calls the delete_shared_key_link
endpoint to remove the secret from their available secrets; this action does not affect User A's access to the secret. The following example demonstrates User B removing the secret YourSecret01 from their list of available secrets.
curl --request POST \
--url https://api.cryptomove.com/v1/user/secret/delete_shared_key_link \
--header 'authorization: eyJhbGciOAccessToken' \
--header 'content-type: application/json' \
--data '{ "email: [email protected]",
"key_name":"YourSecret01"}'
var request = require("request");
var options = {
method: 'POST',
url: 'https://api.cryptomove.com/v1/user/secret/delete_shared_key_link',
headers: {authorization: 'eyJhbGciOAccessToken', 'content-type': 'application/json'},
body: '{"email":"[email protected]","key_name":"YourSecret01"}'
};
request(options, function (error, response, body) {
if (error) throw new Error(error);
console.log(body);
});
require 'uri'
require 'net/http'
require 'openssl'
url = URI("https://api.cryptomove.com/v1/user/secret/delete_shared_key_link")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
request = Net::HTTP::Post.new(url)
request["authorization"] = 'eyJhbGciOAccessToken'
request["content-type"] = 'application/json'
request.body = "{\"email\":\"[email protected]\",\"key_name\":\"YourSecret01\"}"
response = http.request(request)
puts response.read_body
var data = "{\"email\":\"[email protected]\",\"key_name\":\"YourSecret01\"}";
var xhr = new XMLHttpRequest();
xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});
xhr.open("POST", "https://api.cryptomove.com/v1/user/secret/delete_shared_key_link");
xhr.setRequestHeader("authorization", "eyJhbGciOAccessToken");
xhr.setRequestHeader("content-type", "application/json");
xhr.send(data);
import requests
url = "https://api.cryptomove.com/v1/user/secret/delete_shared_key_link"
payload = "{\"email\":\"[email protected]\",\"key_name\":\"YourSecret01\"}"
headers = {
'authorization': "eyJhbGciOAccessToken",
'content-type': "application/json"
}
response = requests.request("POST", url, data=payload, headers=headers)
print(response.text)
Working with Shared Secrets
After you share a secret, it becomes a link
entity. This requires you to use different API endpoints to view or update the contents once a secret has been shared. For example, before being shared, you reveal the value of a secret with the expose
endpoint. After being shared, you reveal the value of the secret with the expose_link
endpoint.
Revealing Shared Secrets
Once a secret has been shared, its value is revealed using the expose_link
endpoint. For example, when Spock wants to obtain the value of the database_password secret, he calls:
curl --request POST \
--url https://api.cryptomove.com/v1/user/secret/expose_link \
--header 'authorization: eyJhbGciOAccessToken' \
--header 'content-type: application/json' \
--data '{"email":"[email protected]",
"key_name":"database_password"}'
var request = require("request");
var options = {
method: 'POST',
url: 'https://api.cryptomove.com/v1/user/secret/expose_link',
headers: {authorization: 'eyJhbGciOAccessToken', 'content-type': 'application/json'},
body: '{"email":"[email protected]","key_name":"database_password"}'
};
request(options, function (error, response, body) {
if (error) throw new Error(error);
console.log(body);
});
require 'uri'
require 'net/http'
require 'openssl'
url = URI("https://api.cryptomove.com/v1/user/secret/expose_link")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
request = Net::HTTP::Post.new(url)
request["authorization"] = 'eyJhbGciOAccessToken'
request["content-type"] = 'application/json'
request.body = "{\"email\":\"[email protected]\",\"key_name\":\"database_password\"}"
response = http.request(request)
puts response.read_body
var data = "{\"email\":\"[email protected]\",\"key_name\":\"database_password\"}";
var xhr = new XMLHttpRequest();
xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});
xhr.open("POST", "https://api.cryptomove.com/v1/user/secret/expose_link");
xhr.setRequestHeader("authorization", "eyJhbGciOAccessToken");
xhr.setRequestHeader("content-type", "application/json");
xhr.send(data);
import requests
url = "https://api.cryptomove.com/v1/user/secret/expose_link"
payload = "{\"email\":\"[email protected]\",\"key_name\":\"database_password\"}"
headers = {
'authorization': "eyJhbGciOAccessToken",
'content-type': "application/json"
}
response = requests.request("POST", url, data=payload, headers=headers)
print(response.text)
If you want to reveal the value of an older version of a shared secret, use the version_expose_link endpoint.
Listing Shared Secrets
The list_no_dup
endpoint returns a JSON object that contains a user's secrets and shared secrets. For example, to find out his secrets and shared secrets, Spock makes the following request:
curl --request POST \
--url https://api.cryptomove.com/v1/user/secret/list_no_dup \
--header 'authorization: eyJhbGciOAccessToken' \
--header 'content-type: application/json' \
--data '{"email":"[email protected]"}'
var request = require("request");
var options = {
method: 'POST',
url: 'https://api.cryptomove.com/v1/user/secret/list_no_dup',
headers: {
accept: 'application/json',
authorization: 'eyJhbGciOAccessToken',
'content-type': 'application/json'
},
body: '{"email":"[email protected]"}'
};
request(options, function (error, response, body) {
if (error) throw new Error(error);
console.log(body);
});
require 'uri'
require 'net/http'
require 'openssl'
url = URI("https://api.cryptomove.com/v1/user/secret/list_no_dup")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
request = Net::HTTP::Post.new(url)
request["accept"] = 'application/json'
request["authorization"] = 'eyJhbGciOAccessToken'
request["content-type"] = 'application/json'
request.body = "{\"email\":\"[email protected]\"}"
response = http.request(request)
puts response.read_body
var data = "{\"email\":\"[email protected]\"}";
var xhr = new XMLHttpRequest();
xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});
xhr.open("POST", "https://api.cryptomove.com/v1/user/secret/list_no_dup");
xhr.setRequestHeader("accept", "application/json");
xhr.setRequestHeader("authorization", "eyJhbGciOAccessToken");
xhr.setRequestHeader("content-type", "application/json");
xhr.send(data);
import requests
url = "https://api.cryptomove.com/v1/user/secret/list_no_dup"
payload = "{\"email\":\"[email protected]\"}"
headers = {
'accept': "application/json",
'authorization': "eyJhbGciOAccessToken",
'content-type': "application/json"
}
response = requests.request("POST", url, data=payload, headers=headers)
print(response.text)
If you want to list information about all the versions of a specific shared secret, use the /user/secret/version_list_for_link endpoint.
Updating Shared Secrets
CryptoMove users with write access to a shared secret can update its value with the protect_link
endpoint. In the following example, Kirk is changing the database_password secret and does not want the list of his secrets in the response object.
curl --request POST \
--url https://api.cryptomove.com/v1/user/secret/protect_link \
--header 'authorization: eyJhbGciOAccessToken' \
--header 'content-type: application/json' \
--data '{"email":"[email protected]",
"key_name":"database_password",
"key_value":"new_very_secret_pw",
"without_list":1}'
var request = require("request");
var options = {
method: 'POST',
url: 'https://api.cryptomove.com/v1/user/secret/protect_link',
headers: {authorization: 'eyJhbGciOAccessToken', 'content-type': 'application/json'},
body: '{"email":"[email protected]","key_name":"database_password","key_value":"new_very_secret_pw","without_list":1}'
};
request(options, function (error, response, body) {
if (error) throw new Error(error);
console.log(body);
});
require 'uri'
require 'net/http'
require 'openssl'
url = URI("https://api.cryptomove.com/v1/user/secret/protect_link")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
request = Net::HTTP::Post.new(url)
request["authorization"] = 'eyJhbGciOAccessToken'
request["content-type"] = 'application/json'
request.body = "{\"email\":\"[email protected]\",\"key_name\":\"database_password\",\"key_value\":\"new_very_secret_pw\",\"without_list\":1}"
response = http.request(request)
puts response.read_body
var data = "{\"email\":\"[email protected]\",\"key_name\":\"database_password\",\"key_value\":\"new_very_secret_pw\",\"without_list\":1}";
var xhr = new XMLHttpRequest();
xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});
xhr.open("POST", "https://api.cryptomove.com/v1/user/secret/protect_link");
xhr.setRequestHeader("authorization", "eyJhbGciOAccessToken");
xhr.setRequestHeader("content-type", "application/json");
xhr.send(data);
import requests
url = "https://api.cryptomove.com/v1/user/secret/protect_link"
payload = "{\"email\":\"[email protected]\",\"key_name\":\"database_password\",\"key_value\":\"new_very_secret_pw\",\"without_list\":1}"
headers = {
'authorization': "eyJhbGciOAccessToken",
'content-type': "application/json"
}
response = requests.request("POST", url, data=payload, headers=headers)
print(response.text)
Updating Metadata of Shared Secrets
Unlike other tasks, you use the same endpoint to update the metadata of a secret, whether it is shared or not. For more information, see Updating Metadata.
Deleting Shared Secrets
The endpoint to delete a shared secret is coming soon!
Updated about a year ago
What's Next
Working with Files |