> ## Documentation Index > Fetch the complete documentation index at: https://www.c1.ai/docs/llms.txt > Use this file to discover all available pages before exploring further. # Get Content > GetContent retrieves the encrypted secret content for an authorized recipient. Caller must be in the secret's allowed_user_ids list (for INTERNAL secrets). Returns content re-encrypted to caller's ephemeral public key. ## OpenAPI ````yaml https://spec.speakeasy.com/conductor-one/conductorone/my-source-with-code-samples post /api/v1/secrets/{vault_id}/view openapi: 3.1.0 info: description: The C1 API is a HTTP API for managing C1 resources. title: C1 API version: 0.1.0-alpha servers: - description: The C1 API server for the current tenant. url: https://{tenantDomain}.conductor.one variables: tenantDomain: default: example description: The domain of the tenant to use for this request. security: - bearerAuth: [] oauth: [] paths: /api/v1/secrets/{vault_id}/view: post: tags: - Secrets summary: Get Content description: >- GetContent retrieves the encrypted secret content for an authorized recipient. Caller must be in the secret's allowed_user_ids list (for INTERNAL secrets). Returns content re-encrypted to caller's ephemeral public key. operationId: c1.api.secrets.v1.PaperSecretService.GetContent parameters: - in: path name: vault_id required: true schema: description: The vaultId field. readOnly: false type: string requestBody: content: application/json: schema: $ref: >- #/components/schemas/c1.api.secrets.v1.PaperSecretServiceGetContentRequestInput responses: '200': content: application/json: schema: $ref: >- #/components/schemas/c1.api.secrets.v1.PaperSecretServiceGetContentResponse description: Successful response x-codeSamples: - lang: go label: GetContent source: "package main\n\nimport(\n\t\"context\"\n\t\"github.com/conductorone/conductorone-sdk-go/pkg/models/shared\"\n\tconductoronesdkgo \"github.com/conductorone/conductorone-sdk-go\"\n\t\"github.com/conductorone/conductorone-sdk-go/pkg/models/operations\"\n\t\"log\"\n)\n\nfunc main() {\n ctx := context.Background()\n\n s := conductoronesdkgo.New(\n conductoronesdkgo.WithSecurity(shared.Security{\n BearerAuth: \"\",\n Oauth: \"\",\n }),\n )\n\n res, err := s.PaperSecret.GetContent(ctx, operations.C1APISecretsV1PaperSecretServiceGetContentRequest{\n VaultID: \"\",\n })\n if err != nil {\n log.Fatal(err)\n }\n if res.PaperSecretServiceGetContentResponse != nil {\n // handle response\n }\n}" - lang: typescript label: Typescript (SDK) source: >- import { ConductoroneSDKTypescript } from "conductorone-sdk-typescript"; const conductoroneSDKTypescript = new ConductoroneSDKTypescript({ security: { bearerAuth: "", oauth: "", }, }); async function run() { const result = await conductoroneSDKTypescript.paperSecret.getContent({ vaultId: "", }); console.log(result); } run(); components: schemas: c1.api.secrets.v1.PaperSecretServiceGetContentRequestInput: description: The PaperSecretServiceGetContentRequest message. properties: readerRecipient: description: |- Client's ephemeral Age recipient (age1...) for re-encryption Server re-encrypts the content to this recipient readOnly: false type: string title: Paper Secret Service Get Content Request type: object x-speakeasy-name-override: PaperSecretServiceGetContentRequest c1.api.secrets.v1.PaperSecretServiceGetContentResponse: description: > The PaperSecretServiceGetContentResponse message. This message contains a oneof named content. Only a single field of the following list may be set at a time: - encryptedContent - downloadUrl properties: createdAt: format: date-time readOnly: false type: string creatorUserId: description: The creatorUserId field. readOnly: false type: string downloadUrl: description: >- For file secrets: presigned S3 download URL (5 minute expiry) File is still E2E encrypted - client must decrypt after download This field is part of the `content` oneof. See the documentation for `c1.api.secrets.v1.PaperSecretServiceGetContentResponse` for more details. nullable: true readOnly: false type: string encryptedContent: description: >- For text secrets: Age-encrypted content (encrypted to reader's recipient) This field is part of the `content` oneof. See the documentation for `c1.api.secrets.v1.PaperSecretServiceGetContentResponse` for more details. format: base64 nullable: true readOnly: false type: string filename: description: Original filename (file secrets only) readOnly: false type: string inputFormat: description: Input format hint for rendering (text secrets only) enum: - SECRET_INPUT_FORMAT_UNSPECIFIED - SECRET_INPUT_FORMAT_PLAINTEXT - SECRET_INPUT_FORMAT_JSON - SECRET_INPUT_FORMAT_YAML - SECRET_INPUT_FORMAT_KEY_VALUE readOnly: false type: string x-speakeasy-unknown-values: allow secretType: description: Secret metadata enum: - SECRET_TYPE_UNSPECIFIED - SECRET_TYPE_TEXT - SECRET_TYPE_FILE readOnly: false type: string x-speakeasy-unknown-values: allow viewsRemaining: description: Views remaining after this view (-1 = unlimited) format: int32 readOnly: false type: integer title: Paper Secret Service Get Content Response type: object x-speakeasy-name-override: PaperSecretServiceGetContentResponse securitySchemes: bearerAuth: scheme: bearer type: http oauth: description: >- This API uses OAuth2 with the Client Credential flow. Client Credentials must be sent in the BODY, not the headers. For an example of how to implement this, refer to the [c1TokenSource.Token()](https://github.com/ConductorOne/conductorone-sdk-go/blob/3375fe7c0126d17e7ec4e711693dee7b791023aa/token_source.go#L101-L187) function. flows: clientCredentials: scopes: {} tokenUrl: /auth/v1/token type: oauth2 ````