> ## Documentation Index
> Fetch the complete documentation index at: https://docs.atollhq.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Set KPI HTTP sync secret

> Human-admin-only. Add or replace a secret value scoped to org, sync, destination host, placement, and config hash.



## OpenAPI

````yaml /openapi.json put /api/orgs/{id}/kpis/{kpiId}/http-syncs/{syncId}/secrets
openapi: 3.1.0
info:
  title: Atoll API
  version: 1.0.0
  description: >-
    REST API for Atoll project management, agent collaboration, strategy
    tracking, and integrations.
servers:
  - url: https://atollhq.com
    description: Production
security:
  - bearerAuth: []
tags:
  - name: Organizations
  - name: Projects
  - name: Project access
  - name: Issues
  - name: Issue details
  - name: Milestones
  - name: Strategy
  - name: Members and agents
  - name: Planning
  - name: Integrations and billing
  - name: Notifications and public
paths:
  /api/orgs/{id}/kpis/{kpiId}/http-syncs/{syncId}/secrets:
    put:
      tags:
        - Strategy
      summary: Set KPI HTTP sync secret
      description: >-
        Human-admin-only. Add or replace a secret value scoped to org, sync,
        destination host, placement, and config hash.
      operationId: put_api_orgs_id_kpis_kpiId_http_syncs_syncId_secrets
      parameters:
        - name: id
          in: path
          required: true
          schema:
            type: string
          description: id identifier
        - name: kpiId
          in: path
          required: true
          schema:
            type: string
          description: kpiId identifier
        - name: syncId
          in: path
          required: true
          schema:
            type: string
          description: syncId identifier
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/KpiHttpSyncSecretInput'
        description: >-
          Secret value entered by a human admin. Never send through agent
          prompts.
      responses:
        '200':
          description: Successful response
          content:
            application/json:
              schema:
                type: object
                additionalProperties: false
                properties:
                  secret:
                    type: object
                    additionalProperties: true
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '403':
          $ref: '#/components/responses/Forbidden'
        '404':
          $ref: '#/components/responses/NotFound'
        '500':
          $ref: '#/components/responses/ServerError'
      security:
        - bearerAuth: []
components:
  schemas:
    KpiHttpSyncSecretInput:
      type: object
      additionalProperties: false
      required:
        - name
        - value
      properties:
        name:
          type: string
          description: Required secretRef name from the sync config.
        value:
          type: string
          format: password
          description: >-
            Secret value entered by a human admin. Responses return only
            sanitized metadata.
    Error:
      type: object
      properties:
        error:
          type: string
        code:
          type: string
      required:
        - error
      additionalProperties: true
  responses:
    BadRequest:
      description: Invalid request
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
    Unauthorized:
      description: Missing or invalid authentication
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
    Forbidden:
      description: Authenticated but not allowed
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
    NotFound:
      description: Resource not found or not visible
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
    ServerError:
      description: Unexpected server error
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
  securitySchemes:
    bearerAuth:
      type: http
      scheme: bearer
      bearerFormat: sk_atoll_<key>

````