To create secrets using the REST API, you must have write access to the repository or admin access to the organization. For more information, see "[AUTOTITLE](/rest/actions#secrets)."