> ## Documentation Index > Fetch the complete documentation index at: https://www.c1.ai/docs/llms.txt > Use this file to discover all available pages before exploring further. # Create > Create provisions a new external secret storage vault and returns it. ## OpenAPI ````yaml https://spec.speakeasy.com/conductor-one/conductorone/my-source-with-code-samples post /api/v1/vaults openapi: 3.1.0 info: description: The C1 API is a HTTP API for managing C1 resources. title: C1 API version: 0.1.0-alpha servers: - description: The C1 API server for the current tenant. url: https://{tenantDomain}.conductor.one variables: tenantDomain: default: example description: The domain of the tenant to use for this request. security: - bearerAuth: [] oauth: [] paths: /api/v1/vaults: post: tags: - Vault summary: Create description: Create provisions a new external secret storage vault and returns it. operationId: c1.api.vault.v1.VaultService.Create requestBody: content: application/json: schema: $ref: '#/components/schemas/c1.api.vault.v1.VaultServiceCreateRequest' responses: '200': content: application/json: schema: $ref: >- #/components/schemas/c1.api.vault.v1.VaultServiceCreateResponse description: >- VaultServiceCreateResponse is the response message for creating a new vault. x-codeSamples: - lang: go label: Create source: "package main\n\nimport(\n\t\"context\"\n\t\"github.com/conductorone/conductorone-sdk-go/pkg/models/shared\"\n\tconductoronesdkgo \"github.com/conductorone/conductorone-sdk-go\"\n\t\"log\"\n)\n\nfunc main() {\n ctx := context.Background()\n\n s := conductoronesdkgo.New(\n conductoronesdkgo.WithSecurity(shared.Security{\n BearerAuth: \"\",\n Oauth: \"\",\n }),\n )\n\n res, err := s.Vault.Create(ctx, nil)\n if err != nil {\n log.Fatal(err)\n }\n if res.VaultServiceCreateResponse != nil {\n // handle response\n }\n}" - lang: typescript label: Typescript (SDK) source: >- import { ConductoroneSDKTypescript } from "conductorone-sdk-typescript"; const conductoroneSDKTypescript = new ConductoroneSDKTypescript({ security: { bearerAuth: "", oauth: "", }, }); async function run() { const result = await conductoroneSDKTypescript.vault.create(); console.log(result); } run(); components: schemas: c1.api.vault.v1.VaultServiceCreateRequest: description: > VaultServiceCreateRequest is the request message for creating a new vault. This message contains a oneof named vault. Only a single field of the following list may be set at a time: - groupAuthzVault - magicVault properties: description: description: A free-text description of the vault's purpose or configuration. readOnly: false type: string displayName: description: The human-readable name for the new vault. readOnly: false type: string groupAuthzVault: $ref: '#/components/schemas/c1.api.vault.v1.GroupAuthzVault' magicVault: $ref: '#/components/schemas/c1.api.vault.v1.MagicVault' ownerIds: description: The IDs of users to assign as owners of this vault. items: type: string nullable: true readOnly: false type: array required: - displayName title: Vault Service Create Request type: object x-speakeasy-name-override: VaultServiceCreateRequest c1.api.vault.v1.VaultServiceCreateResponse: description: >- VaultServiceCreateResponse is the response message for creating a new vault. properties: vault: $ref: '#/components/schemas/c1.api.vault.v1.Vault' title: Vault Service Create Response type: object x-speakeasy-name-override: VaultServiceCreateResponse c1.api.vault.v1.GroupAuthzVault: description: >- GroupAuthzVault configures a vault that uses group-based authorization to control access to stored credentials. nullable: true title: Group Authz Vault type: object x-speakeasy-name-override: GroupAuthzVault c1.api.vault.v1.MagicVault: description: >- MagicVault configures a vault that grants time-limited credential access via magic links. nullable: true properties: allowUnauthedViews: description: >- Controls whether unauthenticated users can view credentials via a magic link. readOnly: false type: boolean allowedViews: description: >- The maximum number of times a credential in this vault may be viewed. format: uint32 readOnly: false type: integer title: Magic Vault type: object x-speakeasy-name-override: MagicVault c1.api.vault.v1.Vault: description: > Vault represents an external secret storage integration used to store connector credentials securely. This message contains a oneof named vault. Only a single field of the following list may be set at a time: - groupAuthzVault - magicVault properties: createdAt: format: date-time readOnly: true type: string credentialExpirationDuration: format: duration readOnly: false type: string deletedAt: format: date-time readOnly: true type: string description: description: A free-text description of the vault's purpose or configuration. readOnly: false type: string displayName: description: The human-readable name of the vault. readOnly: false type: string groupAuthzVault: $ref: '#/components/schemas/c1.api.vault.v1.GroupAuthzVault' id: description: The unique identifier of the vault. readOnly: false type: string magicVault: $ref: '#/components/schemas/c1.api.vault.v1.MagicVault' updatedAt: format: date-time readOnly: true type: string title: Vault type: object x-speakeasy-entity: Vault x-speakeasy-name-override: Vault securitySchemes: bearerAuth: scheme: bearer type: http oauth: description: >- This API uses OAuth2 with the Client Credential flow. Client Credentials must be sent in the BODY, not the headers. For an example of how to implement this, refer to the [c1TokenSource.Token()](https://github.com/ConductorOne/conductorone-sdk-go/blob/3375fe7c0126d17e7ec4e711693dee7b791023aa/token_source.go#L101-L187) function. flows: clientCredentials: scopes: {} tokenUrl: /auth/v1/token type: oauth2 ````