SDK secrets endpoint

Use the SDK secrets endpoints to manage SDK secrets for your apps. You can revoke outdated secrets, revoke specific secrets, or reactivate previously revoked secrets.

Revoke outdated secrets

Revoke all SDK secrets that are older than a specified version. This is useful for cleaning up old secrets after migrating to a newer SDK signature version.

API protocol

Endpoint: https://automate.adjust.com/app-automation/app/{app_token}/secrets/revoke_outdated

Method: POST

Request body: Revoke Outdated Request

Response: Revoke Outdated Response

Parameters

Parameter	Data type	In	Required	Description
`app_token`	`String`	Path	Yes	The Adjust app token.
`min_active_version`	`Integer`	Body	No	Minimum version to keep active. Secrets older than this version are revoked. Default: `3`.
`force`	`Boolean`	Body	No	Set to `true` to revoke secrets even if it would leave no active secrets. Default: `false`.

Behavior

Secrets with a version less than min_active_version are revoked.
If revoking would result in no active secrets remaining, the operation fails unless force: true is set.
The default min_active_version of 3 means v1 and v2 secrets are revoked, keeping only v3 secrets active.

Example

Revoke all secrets older than v3

curl --location 'https://automate.adjust.com/app-automation/app/abc123xyz/secrets/revoke_outdated' \
--header 'Authorization: Bearer {your-adjust-api-token}' \
--header 'Content-Type: application/json' \
--data '{
    "min_active_version": 3
}'

{
   "combined_secrets": {
      "enforce_install_signing": true,
      "secrets": [
         {
            "id": 1001,
            "name": "Legacy Secret",
            "active": false,
            "value": ["secret1", "secret2", "info1", "info2"],
            "internal_version": 3,
            "version": 2,
            "created_at": "2023-01-15T10:30:00Z",
            "updated_at": "2024-06-15T14:00:00Z"
         },
         {
            "id": 2001,
            "platform": "android",
            "label": "Android SDK Secret",
            "active": true,
            "algorithm": "adj1",
            "internal_version": "3.47.0",
            "version": 3,
            "created_at": "2024-06-01T12:00:00Z",
            "updated_at": "2024-06-01T12:00:00Z"
         }
      ]
   },
   "revoked": 1
}

Force revoke even with no remaining active secrets

curl --location 'https://automate.adjust.com/app-automation/app/abc123xyz/secrets/revoke_outdated' \
--header 'Authorization: Bearer {your-adjust-api-token}' \
--header 'Content-Type: application/json' \
--data '{
    "min_active_version": 3,
    "force": true
}'

Revoke a specific secret

Revoke a specific SDK secret by its ID. This deactivates the secret immediately.

API protocol

Endpoint: https://automate.adjust.com/app-automation/app/{app_token}/secrets/{secret_id}/revoke

Method: POST

Response: HTTP 202 Accepted on success

Parameters

Parameter	Data type	In	Required	Description
`app_token`	`String`	Path	Yes	The Adjust app token.
`secret_id`	`Integer`	Path	Yes	The ID of the secret to revoke.

Example

curl --location --request POST 'https://automate.adjust.com/app-automation/app/abc123xyz/secrets/1001/revoke' \
--header 'Authorization: Bearer {your-adjust-api-token}'

HTTP/1.1 202 Accepted

Reactivate a secret

Reactivate a previously revoked SDK secret. This makes the secret active again.

API protocol

Endpoint: https://automate.adjust.com/app-automation/app/{app_token}/secrets/{secret_id}/reactivate

Method: POST

Response: HTTP 202 Accepted on success

Parameters

Parameter	Data type	In	Required	Description
`app_token`	`String`	Path	Yes	The Adjust app token.
`secret_id`	`Integer`	Path	Yes	The ID of the secret to reactivate.

Example

curl --location --request POST 'https://automate.adjust.com/app-automation/app/abc123xyz/secrets/1001/reactivate' \
--header 'Authorization: Bearer {your-adjust-api-token}'

HTTP/1.1 202 Accepted

Viewing all secrets

To view all SDK secrets for an app, use the App Settings endpoint with the combined_secrets section:

curl --location 'https://automate.adjust.com/app-automation/app/abc123xyz/settings?sections=combined_secrets' \
--header 'Authorization: Bearer {your-adjust-api-token}'

{
   "combined_secrets": {
      "enforce_install_signing": true,
      "secrets": [
         {
            "id": 1001,
            "name": "Legacy Secret v2",
            "active": true,
            "value": ["secret1", "secret2", "info1", "info2"],
            "internal_version": 3,
            "version": 2,
            "created_at": "2023-01-15T10:30:00Z",
            "updated_at": "2023-01-15T10:30:00Z"
         },
         {
            "id": 2001,
            "platform": "android",
            "label": "Android SDK Secret",
            "active": true,
            "algorithm": "adj1",
            "internal_version": "3.47.0",
            "version": 3,
            "created_at": "2024-06-01T12:00:00Z",
            "updated_at": "2024-06-01T12:00:00Z"
         },
         {
            "id": 2002,
            "platform": "ios",
            "label": "iOS SDK Secret",
            "active": true,
            "algorithm": "adj1",
            "internal_version": "3.47.0",
            "version": 3,
            "created_at": "2024-06-01T12:00:00Z",
            "updated_at": "2024-06-01T12:00:00Z"
         }
      ]
   }
}

Data models

Revoke Outdated Request

Parameter	Data type	Description
`min_active_version`	`Integer`	Minimum version to keep active. Secrets older than this are revoked. Default: `3`.
`force`	`Boolean`	Revoke secrets even if no active secrets would remain. Default: `false`.

Revoke Outdated Response

Parameter	Data type	Description
`combined_secrets`*	`Object`	Updated secrets state after revocation.
`revoked`*	`Integer`	Number of secrets that were revoked.

Combined Secrets

Parameter	Data type	Description
`enforce_install_signing`*	`Boolean`	Whether to reject unsigned installs.
`secrets`*	`Array[Object]`	List of all SDK secrets including the legacy one.

Legacy Secret

Parameter	Data type	Description
`id`*	`Integer`	Secret ID.
`name`	`String`	Secret name/label.
`active`*	`Boolean`	Whether the secret is active.
`value`*	`Array[String]`	Secret values (4 elements).
`internal_version`*	`Integer`	SDK Signature library version.
`version`*	`Integer`	SDK secret version (`1` or `2`).
`created_at`*	`String`	ISO datetime when the secret was created.
`updated_at`*	`String`	ISO datetime when the secret was last updated.

SDK Secret

Parameter	Data type	Description
`id`*	`Integer`	Secret ID.
`platform`*	`String`	Target platform (`android` or `ios`).
`label`*	`String`	Human-readable label for the secret.
`active`*	`Boolean`	Whether the secret is active.
`algorithm`*	`String`	Signature algorithm used.
`internal_version`*	`String`	SDK Signature library version.
`version`*	`Integer`	SDK secret version (3 or higher).
`created_at`*	`String`	ISO datetime when the secret was created.
`updated_at`*	`String`	ISO datetime when the secret was last updated.