bhatti secret set
Create or update a secret.
Synopsis
Section titled “Synopsis”bhatti secret set <name> <value>
Description
Section titled “Description”Encrypts the value with the server’s age key and stores it under the given name, scoped to the authenticated user. Re-running with the same name overwrites the previous value with no error.
The CLI takes the value as a positional argument. There’s no stdin variant — long or multiline values pass through your shell history. For sensitive values, use a shell that doesn’t record (HISTCONTROL=ignorespace + leading space) or pipe through a temp variable that you unset afterwards.
Examples
Section titled “Examples”bhatti secret set OPENAI_KEY sk-abc123def456ok# Update is the same callbhatti secret set OPENAI_KEY sk-new-value# Multiline / connection stringbhatti secret set DATABASE_URL "postgres://user:pass@db.internal:5432/app?sslmode=require"# Avoid shell history (bash with HISTCONTROL=ignorespace, note leading space) bhatti secret set OPENAI_KEY sk-abc123def456Options
Section titled “Options”This command takes only global flags. See Global flags for --url, --token, --json, --timing, --data-dir.
See also
Section titled “See also”bhatti create --secret— inject the secret into a sandbox at boot- API:
POST /secrets