diff --git a/server.js b/server.js
index a0b24bb5b..fcb59d71c 100644
--- a/server.js
+++ b/server.js
@@ -3585,7 +3585,7 @@ require('./src/endpoints/tokenizers').registerEndpoints(app, jsonParser);
 require('./src/endpoints/presets').registerEndpoints(app, jsonParser);
 
 // Secrets managemenet
-require('./src/endpoints/secrets').registerEndpoints(app, jsonParser);
+app.use('/api/secrets', require('./src/endpoints/secrets').router);
 
 // Thumbnail generation
 require('./src/endpoints/thumbnails').registerEndpoints(app, jsonParser);
diff --git a/src/endpoints/secrets.js b/src/endpoints/secrets.js
index a0282c5e1..54687cbeb 100644
--- a/src/endpoints/secrets.js
+++ b/src/endpoints/secrets.js
@@ -1,7 +1,9 @@
 const fs = require('fs');
 const path = require('path');
+const express = require('express');
 const { getConfigValue } = require('../util');
 const writeFileAtomicSync = require('write-file-atomic').sync;
+const { jsonParser } = require('../express-common');
 
 const SECRETS_FILE = path.join(process.cwd(), './secrets.json');
 const SECRET_KEYS = {
@@ -143,78 +145,71 @@ function getAllSecrets() {
     return secrets;
 }
 
-/**
- * Registers endpoints for the secret management API
- * @param {import('express').Express} app Express app
- * @param {any} jsonParser JSON parser middleware
- */
-function registerEndpoints(app, jsonParser) {
+const router = express.Router();
 
-    app.post('/api/secrets/write', jsonParser, (request, response) => {
-        const key = request.body.key;
-        const value = request.body.value;
+router.post('/write', jsonParser, (request, response) => {
+    const key = request.body.key;
+    const value = request.body.value;
 
-        writeSecret(key, value);
-        return response.send('ok');
-    });
+    writeSecret(key, value);
+    return response.send('ok');
+});
 
-    app.post('/api/secrets/read', jsonParser, (_, response) => {
+router.post('/read', jsonParser, (_, response) => {
+    try {
+        const state = readSecretState();
+        return response.send(state);
+    } catch (error) {
+        console.error(error);
+        return response.send({});
+    }
+});
 
-        try {
-            const state = readSecretState();
-            return response.send(state);
-        } catch (error) {
-            console.error(error);
-            return response.send({});
-        }
-    });
+router.post('/view', jsonParser, async (_, response) => {
+    const allowKeysExposure = getConfigValue('allowKeysExposure', false);
 
-    app.post('/api/secrets/view', jsonParser, async (_, response) => {
-        const allowKeysExposure = getConfigValue('allowKeysExposure', false);
+    if (!allowKeysExposure) {
+        console.error('secrets.json could not be viewed unless the value of allowKeysExposure in config.yaml is set to true');
+        return response.sendStatus(403);
+    }
 
-        if (!allowKeysExposure) {
-            console.error('secrets.json could not be viewed unless the value of allowKeysExposure in config.yaml is set to true');
-            return response.sendStatus(403);
+    try {
+        const secrets = getAllSecrets();
+
+        if (!secrets) {
+            return response.sendStatus(404);
         }
 
-        try {
-            const secrets = getAllSecrets();
+        return response.send(secrets);
+    } catch (error) {
+        console.error(error);
+        return response.sendStatus(500);
+    }
+});
 
-            if (!secrets) {
-                return response.sendStatus(404);
-            }
+router.post('/find', jsonParser, (request, response) => {
+    const allowKeysExposure = getConfigValue('allowKeysExposure', false);
 
-            return response.send(secrets);
-        } catch (error) {
-            console.error(error);
-            return response.sendStatus(500);
-        }
-    });
+    if (!allowKeysExposure) {
+        console.error('Cannot fetch secrets unless allowKeysExposure in config.yaml is set to true');
+        return response.sendStatus(403);
+    }
 
-    app.post('/api/secrets/find', jsonParser, (request, response) => {
-        const allowKeysExposure = getConfigValue('allowKeysExposure', false);
+    const key = request.body.key;
 
-        if (!allowKeysExposure) {
-            console.error('Cannot fetch secrets unless allowKeysExposure in config.yaml is set to true');
-            return response.sendStatus(403);
+    try {
+        const secret = readSecret(key);
+
+        if (!secret) {
+            response.sendStatus(404);
         }
 
-        const key = request.body.key;
-
-        try {
-            const secret = readSecret(key);
-
-            if (!secret) {
-                response.sendStatus(404);
-            }
-
-            return response.send({ value: secret });
-        } catch (error) {
-            console.error(error);
-            return response.sendStatus(500);
-        }
-    });
-}
+        return response.send({ value: secret });
+    } catch (error) {
+        console.error(error);
+        return response.sendStatus(500);
+    }
+});
 
 module.exports = {
     writeSecret,
@@ -222,6 +217,6 @@ module.exports = {
     readSecretState,
     migrateSecrets,
     getAllSecrets,
-    registerEndpoints,
     SECRET_KEYS,
+    router,
 };