Secret Subresource

You can provide secret data for specific Microvisor-empowered IoT devices using the Secret subresource. Secrets are intended as a way to upload data such as PKI keys and other confidential items to the Twilio cloud so they need not be baked into application code. Instead, the application code running on the device retrieves the Secret when it needs the information.

Unlike Device Configs, Device Secrets' values cannot be accessed via the API once they have been created. The retrieval actions listed below will return Secrets' metadata, not their values.

Each Secret is a key:value pair which your application code can access using Microvisor System Calls.

Keys are text identifiers of up to 100 characters in length. They must be unique for a given device. For example, devices A and B can both have Secret with the key wifi_password, but each device can have only one Secret with that key.

Values must also be supplied as text, of up to 4096 characters in length. If you wish to make binary data available to your devices, you will need to encode it as text before creating the Secret. For example, you might used base64 encoding. Your application must decode the value back to binary after acquiring it from the Twilio cloud.

Secret subresources are accessed at these endpoints:


_10https://microvisor.twilio.com/v1/Devices/{sid}/Secrets
_10https://microvisor.twilio.com/v1/Devices/{UniqueName}/Secrets

Device Secrets are accessible only by the specified device. For Secrets that are made available to all devices associated with a given account, please see Account-level Secrets.

(warning)

Warning

Secrets can't yet be updated. If you need to change a Secret's value, delete it, and then create a new Secret with the same key.

Device Secret properties

Resource properties

device_sidtype: SID<UV>Not PII

A 34-character string that uniquely identifies the parent Device.

keytype: stringNot PII

The secret key; up to 100 characters.

date_rotatedtype: string<DATE TIME>Not PII

urltype: string<URI>Not PII

The absolute URL of the Secret.

Create a Device Secret

POST https://microvisor.twilio.com/v1/Devices/{DeviceSid}/Secrets

Parameters

URI parameters

DeviceSidtype: stringNot PII

Path Parameter

A 34-character string that uniquely identifies the Device.

Request body parameters

Keytype: stringNot PII

Required

The secret key; up to 100 characters.

Valuetype: stringNot PII

Required

The secret value; up to 4096 characters.

Create a Device Secret

Node.js

Python

Java

PHP

Ruby

twilio-cli

curl


_11// Download the helper library from https://www.twilio.com/docs/node/install
_11// Find your Account SID and Auth Token at twilio.com/console
_11// and set the environment variables. See http://twil.io/secure
_11const accountSid = process.env.TWILIO_ACCOUNT_SID;
_11const authToken = process.env.TWILIO_AUTH_TOKEN;
_11const client = require('twilio')(accountSid, authToken);
_11
_11client.microvisor.v1.devices('UVxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx')
_11                 .deviceSecrets
_11                 .create({key: 'key', value: 'value'})
_11                 .then(device_secret => console.log(device_secret.deviceSid));

Output


_10{
_10  "device_sid": "UVXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
_10  "key": "first",
_10  "date_rotated": "2021-01-01T12:34:56Z",
_10  "url": "https://microvisor.twilio.com/v1/Devices/UVXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/Secrets/first"
_10}

Read a single Device Secret's metadata

GET https://microvisor.twilio.com/v1/Devices/{DeviceSid}/Secrets/{Key}

Parameters

URI parameters

DeviceSidtype: stringNot PII

Path Parameter

A 34-character string that uniquely identifies the Device.

Keytype: stringNot PII

Path Parameter

The secret key; up to 100 characters.

Read a single Device Secret's metadata

Node.js

Python

Java

PHP

Ruby

twilio-cli

curl


_11// Download the helper library from https://www.twilio.com/docs/node/install
_11// Find your Account SID and Auth Token at twilio.com/console
_11// and set the environment variables. See http://twil.io/secure
_11const accountSid = process.env.TWILIO_ACCOUNT_SID;
_11const authToken = process.env.TWILIO_AUTH_TOKEN;
_11const client = require('twilio')(accountSid, authToken);
_11
_11client.microvisor.v1.devices('UVxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx')
_11                 .deviceSecrets('key_name')
_11                 .fetch()
_11                 .then(device_secret => console.log(device_secret.deviceSid));

Output


_10{
_10  "device_sid": "UVXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
_10  "key": "key_name",
_10  "date_rotated": "2021-01-01T12:34:57Z",
_10  "url": "https://microvisor.twilio.com/v1/Devices/UVXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/Secrets/first"
_10}

List all of a Device's Secrets

GET https://microvisor.twilio.com/v1/Devices/{DeviceSid}/Secrets

Parameters

URI parameters

DeviceSidtype: stringNot PII

Path Parameter

A 34-character string that uniquely identifies the Device.

PageSizetype: integerNot PII

Query Parameter

How many resources to return in each list page. The default is 50, and the maximum is 1000.

Pagetype: integerNot PII

Query Parameter

The page index. This value is simply for client state.

PageTokentype: stringNot PII

Query Parameter

The page token. This is provided by the API.

List all of a Device's Secrets

Node.js

Python

Java

PHP

Ruby

twilio-cli

curl


_11// Download the helper library from https://www.twilio.com/docs/node/install
_11// Find your Account SID and Auth Token at twilio.com/console
_11// and set the environment variables. See http://twil.io/secure
_11const accountSid = process.env.TWILIO_ACCOUNT_SID;
_11const authToken = process.env.TWILIO_AUTH_TOKEN;
_11const client = require('twilio')(accountSid, authToken);
_11
_11client.microvisor.v1.devices('UVxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx')
_11  .deviceSecrets
_11  .list({limit: 20})
_11  .then(deviceSecrets => deviceSecrets.forEach(d => console.log(d.deviceSid)));

Output


_25{
_25  "secrets": [
_25    {
_25      "device_sid": "UVXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
_25      "key": "first",
_25      "date_rotated": "2021-01-01T12:34:56Z",
_25      "url": "https://microvisor.twilio.com/v1/Devices/UVXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/Secrets/first"
_25    },
_25    {
_25      "device_sid": "UVXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
_25      "key": "second",
_25      "date_rotated": "2021-01-01T12:34:57Z",
_25      "url": "https://microvisor.twilio.com/v1/Devices/UVXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/Secrets/second"
_25    }
_25  ],
_25  "meta": {
_25    "page": 0,
_25    "page_size": 50,
_25    "first_page_url": "https://microvisor.twilio.com/v1/Devices/UVXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/Secrets?PageSize=50&Page=0",
_25    "previous_page_url": "https://microvisor.twilio.com/v1/Devices/UVXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/Secrets?PageSize=50&Page=0",
_25    "url": "https://microvisor.twilio.com/v1/Devices/UVXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/Secrets?PageSize=50&Page=0",
_25    "next_page_url": "https://microvisor.twilio.com/v1/Devices/UVXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/Secrets?PageSize=50&Page=1",
_25    "key": "secrets"
_25  }
_25}

Delete a Device Secret

DELETE https://microvisor.twilio.com/v1/Devices/{DeviceSid}/Secrets/{Key}

Parameters

URI parameters

DeviceSidtype: stringNot PII

Path Parameter

A 34-character string that uniquely identifies the Device.

Keytype: stringNot PII

Path Parameter

The secret key; up to 100 characters.

Delete a Device Secret

Node.js

Python

Java

PHP

Ruby

twilio-cli

curl


_10// Download the helper library from https://www.twilio.com/docs/node/install
_10// Find your Account SID and Auth Token at twilio.com/console
_10// and set the environment variables. See http://twil.io/secure
_10const accountSid = process.env.TWILIO_ACCOUNT_SID;
_10const authToken = process.env.TWILIO_AUTH_TOKEN;
_10const client = require('twilio')(accountSid, authToken);
_10
_10client.microvisor.v1.devices('UVxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx')
_10                    .deviceSecrets('key_name')
_10                    .remove();