Credentials API
Manage API credentials (client ID and secret pairs) for your organization. Credentials are used to authenticate programmatic access to LeadVibe, such as event ingestion from your backend systems or third-party integrations.
GET /secrets
List all API credentials for the active Organizational Unit. The client secret is not returned in the list response for security -- it is only shown once when the credential is created.
Request
No query parameters required.
Response
200 OK
[
{
"secret_id": "sec_abc123",
"unit_id": "unit_default",
"client_id": "lv_ci_abc123def456",
"name": "Production Pipeline",
"trust_upstream_consent": false,
"created_at": "2025-06-01T10:00:00Z"
}
]
Response Fields
| Field | Type | Description |
|---|---|---|
secret_id | string | Unique credential identifier |
unit_id | string | Organizational Unit the credential belongs to |
client_id | string | Client ID for authentication |
name | string | Descriptive name for the credential |
trust_upstream_consent | boolean | Whether to trust consent status from the upstream system |
created_at | timestamp | When the credential was created |
Example
curl -X GET "https://api.leadvibe.com/secrets" \
-H "Authorization: Bearer <token>"
Common Errors
| Status | Meaning | Solution |
|---|---|---|
| 400 | Bad Request | Active OU must be set |
| 401 | Unauthorized | Check authentication credentials |
POST /secrets
Create a new API credential. The client_secret is returned only in this response -- store it securely, as it cannot be retrieved again.
Request Body
| Field | Type | Required | Description |
|---|---|---|---|
name | string | Yes | Descriptive name for the credential (1-50 characters) |
{
"name": "Staging Pipeline"
}
Response
200 OK
{
"secret_id": "sec_def456",
"unit_id": "unit_default",
"client_id": "lv_ci_def456ghi789",
"client_secret": "lv_cs_secretvalue123",
"name": "Staging Pipeline",
"trust_upstream_consent": false,
"created_at": "2025-06-15T14:30:00Z"
}
Response Fields
| Field | Type | Description |
|---|---|---|
secret_id | string | Unique credential identifier |
unit_id | string | Organizational Unit the credential belongs to |
client_id | string | Client ID for authentication |
client_secret | string | Client secret -- store securely, shown only once |
name | string | Descriptive name |
trust_upstream_consent | boolean | Whether to trust upstream consent (default: false) |
created_at | timestamp | When the credential was created |
Example
curl -X POST "https://api.leadvibe.com/secrets" \
-H "Authorization: Bearer <token>" \
-H "Content-Type: application/json" \
-d '{"name": "Staging Pipeline"}'
Common Errors
| Status | Meaning | Solution |
|---|---|---|
| 400 | Bad Request | Name must be 1-50 characters |
| 401 | Unauthorized | Check authentication credentials |
Notes
- Credentials are scoped to the active Organizational Unit at the time of creation
- The
client_secretis only returned once during creation -- store it immediately in a secure location - Use credentials for server-to-server authentication (e.g.,
Authorization: Basic base64(client_id:client_secret)) - The
trust_upstream_consentflag controls whether LeadVibe accepts consent status from the system sending events through this credential
Related Endpoints
- Credential by ID - Update or delete a credential
- Ingest - Use credentials to authenticate event ingestion