# Create One Organization Service Account Secret **POST /api/atlas/v2/orgs/{orgId}/serviceAccounts/{clientId}/secrets** Create a secret for the specified Service Account. ## Servers - https://cloud.mongodb.com: https://cloud.mongodb.com () ## Authentication methods - Service accounts - Digest auth ## Parameters ### Path parameters - **orgId** (string) Unique 24-hexadecimal digit string that identifies the organization that contains your projects. Use the [/orgs](#tag/Organizations/operation/listOrganizations) endpoint to retrieve all organizations to which the authenticated user has access. - **clientId** (string) The Client ID of the Service Account. ### Query parameters - **envelope** (boolean) Flag that indicates whether Application wraps the response in an `envelope` JSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body. - **pretty** (boolean) Flag that indicates whether the response body should be in the prettyprint format. ### Body: application/vnd.atlas.2024-08-05+json (object) Details for the new secret. - **secretExpiresAfterHours** (integer(int32)) The expiration time of the new Service Account secret, provided in hours. The minimum and maximum allowed expiration times are subject to change and are controlled by the organization's settings. ## Responses ### 201 Created #### Body: application/vnd.atlas.2024-08-05+json (object) - **createdAt** (string(date-time)) The date that the secret was created on. This parameter expresses its value in the ISO 8601 timestamp format in UTC. - **expiresAt** (string(date-time)) The date for the expiration of the secret. This parameter expresses its value in the ISO 8601 timestamp format in UTC. - **id** (string) Unique 24-hexadecimal digit string that identifies the secret. - **lastUsedAt** (string(date-time)) The last time the secret was used. This parameter expresses its value in the ISO 8601 timestamp format in UTC. - **maskedSecretValue** (string) The masked Service Account secret. - **secret** (string) The secret for the Service Account. It will be returned only the first time after creation. ### 400 Bad Request. #### Body: application/json (object) - **badRequestDetail** (object) Bad request detail. - **detail** (string) Describes the specific conditions or reasons that cause each type of error. - **error** (integer(int32)) HTTP status code returned with this error. - **errorCode** (string) Application error code returned with this error. - **parameters** (array[object]) Parameters used to give more information about the error. - **reason** (string) Application error message returned with this error. ### 401 Unauthorized. #### Body: application/json (object) - **badRequestDetail** (object) Bad request detail. - **detail** (string) Describes the specific conditions or reasons that cause each type of error. - **error** (integer(int32)) HTTP status code returned with this error. - **errorCode** (string) Application error code returned with this error. - **parameters** (array[object]) Parameters used to give more information about the error. - **reason** (string) Application error message returned with this error. ### 403 Forbidden. #### Body: application/json (object) - **badRequestDetail** (object) Bad request detail. - **detail** (string) Describes the specific conditions or reasons that cause each type of error. - **error** (integer(int32)) HTTP status code returned with this error. - **errorCode** (string) Application error code returned with this error. - **parameters** (array[object]) Parameters used to give more information about the error. - **reason** (string) Application error message returned with this error. ### 404 Not Found. #### Body: application/json (object) - **badRequestDetail** (object) Bad request detail. - **detail** (string) Describes the specific conditions or reasons that cause each type of error. - **error** (integer(int32)) HTTP status code returned with this error. - **errorCode** (string) Application error code returned with this error. - **parameters** (array[object]) Parameters used to give more information about the error. - **reason** (string) Application error message returned with this error. ### 500 Internal Server Error. #### Body: application/json (object) - **badRequestDetail** (object) Bad request detail. - **detail** (string) Describes the specific conditions or reasons that cause each type of error. - **error** (integer(int32)) HTTP status code returned with this error. - **errorCode** (string) Application error code returned with this error. - **parameters** (array[object]) Parameters used to give more information about the error. - **reason** (string) Application error message returned with this error. [Powered by Bump.sh](https://bump.sh)