Skip to content

Cache, redirects & secrets

Preview Three small, closely-related env-scoped resources live here: the cache (purge it, read its config), redirects (list and replace rules), and secrets (per-environment config variables). They share a pattern — all are scoped to a single environment, because a redirect or a secret can differ between staging and production — and each is governed by its own write scope.

For the product behavior behind these — how caching works, how redirects are matched, and how config and secrets are inherited across environments — see caching, redirects, and config & secrets. This page is the API reference.

Method + path Scope Does
POST …/{envID}/cache/purge cache:write purge the cache → 202 + a job
GET …/{envID}/cache cache:read read cache configuration and current state
cache:writecache:read

POST …/cache/purge accepts an optional body to scope the purge; an empty body purges everything. Because a global purge briefly raises origin load, it returns a job you can wait on rather than blocking.

Name Type Required Description
type string no page, object, or all (default all)
tags string[] no purge only entries tagged with these
paths string[] no purge only these URL paths
Method + path Scope Does
GET …/{envID}/redirects redirects:read list the environment’s redirect rules
PUT …/{envID}/redirects redirects:write replace the full redirect rule set
redirects:writeredirects:read

PUT is a full replacement — send the complete rule set you want, not a delta. Read first, edit the array, write it back. Each rule has a from, a to, and a status (301 or 302).

Method + path Scope Does
GET …/{envID}/secrets secrets:read list secret keys (names + metadata, never values)
PUT …/{envID}/secrets/{key} secrets:write set or replace a secret’s value
DELETE …/{envID}/secrets/{key} secrets:write remove a secret
secrets:writesecrets:read

Purge everything for a production environment, and wait on the job. Pass an Idempotency-Key so a retry doesn’t queue a second purge.

Purge the page cache
curl -X POST https://api.managed.dev/v1/sites/site_01J7Q2/environments/env_01J8D9/cache/purge \
-H "Authorization: Bearer mfk_live_9aF2…" \
-H "Forge-Version: 2026-06-23" \
-H "Idempotency-Key: purge-after-release-rel_01JE7" \
-H "Content-Type: application/json" \
-d '{ "type": "page" }'
Response — 202 Accepted (Location: /v1/jobs/job_01J9TT)
{
"data": {
"id": "job_01J9TT",
"type": "cache.purge",
"status": "queued",
"created_at": "2026-06-24T01:20:00.300Z",
"resource": { "type": "environment", "id": "env_01J8D9" }
},
"request_id": "req_01JAD3"
}

Set a config secret on the staging environment. The value is write-only — you won’t read it back.

Set an environment secret
curl -X PUT https://api.managed.dev/v1/sites/site_01J7Q2/environments/env_01J8D9/secrets/STRIPE_API_KEY \
-H "Authorization: Bearer mfk_live_9aF2…" \
-H "Forge-Version: 2026-06-23" \
-H "Content-Type: application/json" \
-d '{ "value": "sk_test_51N…" }'
Response — the key, never the value
{
"data": {
"key": "STRIPE_API_KEY",
"env_id": "env_01J8D9",
"updated_at": "2026-06-24T01:21:30Z",
"applies_on": "next-deploy"
},
"request_id": "req_01JAD9"
}