POST /api/v2/guest/secret/{identifier}/reveal

Retrieves and permanently reveals a secret's content. Requires the secret identifier, a passphrase if one was set, and a continue flag to confirm the reveal. The secret is destroyed immediately upon reveal and cannot be accessed again. Returns the decrypted secret value along with display metadata.

Path parameters

  • identifier string Required

    The identifier parameter

application/json

Body Required

  • passphrase string
  • continue string

Responses

  • 200 application/json

    Successful response

    Hide response attributes Show response attributes object
    • user_id string
    • shrimp string

      Default value is empty.

    • record object Required
      Hide record attributes Show record attributes object
      • identifier string Required
      • created string Required
      • updated string Required
      • key string Required
      • shortid string Required
      • state string Required

        Values are new, revealed, burned, or previewed.

      • has_passphrase string | null
      • verification string | null
      • secret_value string
      • is_previewed string | null
      • is_revealed string | null
      • secret_ttl string | null Required
      • lifespan string | null Required
      • is_viewed string | null
      • is_received string | null
    • details object
      Hide details attributes Show details attributes object
      • continue string | null
      • is_owner string | null
      • show_secret string | null
      • correct_passphrase string | null
      • display_lines string | null Required
      • one_liner string | null
  • 400 application/json

    Bad Request - Invalid request parameters or body

    Hide response attributes Show response attributes object
    • error string

      Error type identifier (e.g., "FormError")

    • message string Required

      Human-readable error message

    • field string

      Field that caused the error, if applicable

    • error_id string

      Unique error tracking identifier
  • 404 application/json

    Not Found - Resource does not exist

    Hide response attributes Show response attributes object
    • error string

      Error type identifier (e.g., "FormError")

    • message string Required

      Human-readable error message

    • field string

      Field that caused the error, if applicable

    • error_id string

      Unique error tracking identifier
  • 422 application/json

    Unprocessable Entity - Validation failed

    Hide response attributes Show response attributes object
    • error string

      Error type identifier (e.g., "FormError")

    • message string Required

      Human-readable error message

    • field string

      Field that caused the error, if applicable

    • error_id string

      Unique error tracking identifier
  • 429 application/json

    Too Many Requests - Rate limit exceeded

    Hide response attributes Show response attributes object
    • error string

      Error type identifier (e.g., "FormError")

    • message string Required

      Human-readable error message

    • field string

      Field that caused the error, if applicable

    • error_id string

      Unique error tracking identifier
  • 500 application/json

    Internal Server Error - Something went wrong

    Hide response attributes Show response attributes object
    • error string

      Error type identifier (e.g., "FormError")

    • message string Required

      Human-readable error message

    • field string

      Field that caused the error, if applicable

    • error_id string

      Unique error tracking identifier
POST /api/v2/guest/secret/{identifier}/reveal 
curl \
 --request POST 'https://eu.onetimesecret.com/api/v2/guest/secret/{identifier}/reveal' \
 --header "Content-Type: application/json" \
 --data '{"passphrase":"string","continue":"string"}'
Request examples 
{
  "passphrase": "string",
  "continue": "string"
}
Response examples (200) 
{
  "user_id": "string",
  "shrimp": "",
  "record": {
    "identifier": "string",
    "created": "string",
    "updated": "string",
    "key": "string",
    "shortid": "string",
    "state": "new",
    "has_passphrase": "string",
    "verification": "string",
    "secret_value": "string",
    "is_previewed": "string",
    "is_revealed": "string",
    "secret_ttl": "string",
    "lifespan": "string",
    "is_viewed": "string",
    "is_received": "string"
  },
  "details": {
    "continue": "string",
    "is_owner": "string",
    "show_secret": "string",
    "correct_passphrase": "string",
    "display_lines": "string",
    "one_liner": "string"
  }
}
Response examples (400) 
{
  "error": "string",
  "message": "string",
  "field": "string",
  "error_id": "string"
}
Response examples (404) 
{
  "error": "string",
  "message": "string",
  "field": "string",
  "error_id": "string"
}
Response examples (422) 
{
  "error": "string",
  "message": "string",
  "field": "string",
  "error_id": "string"
}
Response examples (429) 
{
  "error": "string",
  "message": "string",
  "field": "string",
  "error_id": "string"
}
Response examples (500) 
{
  "error": "string",
  "message": "string",
  "field": "string",
  "error_id": "string"
}