Variables

List variables for a project or environment

get

Lists project-scoped variables, or — when environmentName is provided — the environment-scoped variables for that environment. Secret values are masked.

Authentication: Requires Owner or Member role.

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Query parameters

repositoryIdentifierstringRequired

Repository identifier (owner/repo)

Example: flxbl-io/sf-core

environmentNamestringOptional

Environment name. When provided, returns environment-scoped variables for that environment.

Example: dev

Responses

200

List of variables (secret values masked)

No content

403

Forbidden - Requires role: owner, member

get

/sfp/api/variables

GET /sfp/api/variables?repositoryIdentifier=flxbl-io%2Fsf-core HTTP/1.1
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

No content

Create or update a variable or secret

post

Upserts a project- or environment-scoped variable. Omit environmentName for a project-scoped value; supply it for an environment-scoped override.

Set isSecret: true to encrypt the value at rest — secret values are never returned by list/get and are only decrypted at workflow runtime.

Authentication: Requires Owner role.

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Body

repositoryIdentifierstringRequired

Repository identifier (owner/repo) the variable belongs to

Example: flxbl-io/sf-core

keystringRequired

Variable name. Uppercase, alphanumeric and underscores, starting with a letter.

Example: POOL_NAME

valuestringRequired

Variable value. For secrets this is the plaintext that gets encrypted at rest.

isSecretbooleanOptional

When true the value is encrypted at rest and never returned by list/get.

Default: false

environmentNamestringOptional

Environment name for an environment-scoped variable. Omit for a project-scoped variable.

Example: dev

Responses

201

Variable created or updated

400

Invalid key, unknown project, or unknown environment

403

Forbidden - Requires role: owner

post

/sfp/api/variables

POST /sfp/api/variables HTTP/1.1
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 117

{
  "repositoryIdentifier": "flxbl-io/sf-core",
  "key": "POOL_NAME",
  "value": "text",
  "isSecret": false,
  "environmentName": "dev"
}

No content

Delete a variable

delete

Permanently deletes a variable and any encrypted secret value. Authentication: Requires Owner role.

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Query parameters

repositoryIdentifierstringRequired

keystringRequired

environmentNamestringOptional

Responses

204

Variable deleted

403

Forbidden - Requires role: owner

404

Variable not found

delete

/sfp/api/variables

DELETE /sfp/api/variables?repositoryIdentifier=text&key=text HTTP/1.1
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

No content

Effective variables with provenance for a project or environment

get

Returns the resolved set of variables a workflow would see, annotated with where each value comes from (project or environment) and whether an environment value overrides a project one. Secret values are not included — only their keys. Use this to show inherited vs overridden variables.

Authentication: Requires Owner or Member role.

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Query parameters

repositoryIdentifierstringRequired

Repository identifier (owner/repo)

Example: flxbl-io/sf-core

environmentNamestringOptional

Environment name. When provided, returns environment-scoped variables for that environment.

Example: dev

Responses

200

Effective variables with source/override provenance

No content

403

Forbidden - Requires role: owner, member

get

/sfp/api/variables/effective

GET /sfp/api/variables/effective?repositoryIdentifier=flxbl-io%2Fsf-core HTTP/1.1
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

No content

Get a single variable by key

get

Returns one variable. Secret values are masked. Authentication: Requires Owner or Member role.

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Query parameters

repositoryIdentifierstringRequired

keystringRequired

environmentNamestringOptional

Responses

200

The variable (secret value masked)

No content

403

Forbidden - Requires role: owner, member

404

Variable not found

get

/sfp/api/variables/lookup

GET /sfp/api/variables/lookup?repositoryIdentifier=text&key=text HTTP/1.1
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

No content

Delete a variable across all scopes (project + every environment)

delete

Removes the variable from the project scope AND every environment override for the repository, in one atomic operation. Encrypted secret values are removed too.

Authentication: Requires Owner role.

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Query parameters

repositoryIdentifierstringRequired

keystringRequired

Responses

200

Deleted; returns the affected scopes ({ deleted, project, environments })

No content

403

Forbidden - Requires role: owner

404

Variable not found in any scope

delete

/sfp/api/variables/all

DELETE /sfp/api/variables/all?repositoryIdentifier=text&key=text HTTP/1.1
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

No content

Resolve variables & secrets for a task execution (worker-only)

get

Returns the effective variables for the execution scope (environment overrides project), with secret values decrypted for immediate use by the worker.

Path parameters

taskExecutionIdstringRequired

Task execution id of the running workflow

Responses

200

Resolved { vars, secrets, entries }

No content

404

Task execution not found

get

/sfp/api/flows/internal/variables/{taskExecutionId}

GET /sfp/api/flows/internal/variables/{taskExecutionId} HTTP/1.1
Accept: */*

No content

Last updated 12 hours ago

Was this helpful?