diff --git a/docs/release_notes/v0.1.3.md b/docs/release_notes/v0.1.3.md
new file mode 100644
index 0000000..29dc11f
--- /dev/null
+++ b/docs/release_notes/v0.1.3.md
@@ -0,0 +1,3 @@
+# Release v0.1.3
+
+Added listing all secrets endpoint.
diff --git a/pkg/server/server.go b/pkg/server/server.go
index 7205e08..b01876d 100644
--- a/pkg/server/server.go
+++ b/pkg/server/server.go
@@ -69,6 +69,7 @@ func (s *Server) Run(_ context.Context) error {
 
 	// The header will always contain the right credentials.
 	warden.Get("/secret", s.getSecretHandler)
+	warden.Get("/secrets", s.listSecretsHandler)
 	warden.Delete("/secret", s.deleteSecretHandler)
 	warden.Post("/secret", s.createSecretHandler)
 
@@ -109,6 +110,26 @@ func (s *Server) getSecretHandler(w http.ResponseWriter, r *http.Request) {
 	s.handleResponse(secretResponse, w)
 }
 
+func (s *Server) listSecretsHandler(w http.ResponseWriter, r *http.Request) {
+	request := &sdk.SecretIdentifiersRequest{}
+	c, err := s.getClient(r, &request)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+
+		return
+	}
+	defer c.Close()
+
+	secretResponse, err := c.Secrets().List(request.OrganizationID)
+	if err != nil {
+		http.Error(w, "failed to get secret: "+err.Error(), http.StatusBadRequest)
+
+		return
+	}
+
+	s.handleResponse(secretResponse, w)
+}
+
 func (s *Server) deleteSecretHandler(w http.ResponseWriter, r *http.Request) {
 	request := &sdk.SecretsDeleteRequest{}
 	c, err := s.getClient(r, &request)