How to use Secrets and Env in curl triggers

Hi. I’m doing a curl call to trigger one of my workflow but the Secrets Env are empty (only when the workflow is triggered by curl)

          curl -H "Authorization: 1234"  -H "Content-type: application/json" bitrise-uri --data '{
              "branch":"${{ github.head_ref }}",
              "commit_hash":"${{ github.event.pull_request.head.sha }}",
              "pull_request_id": "${{ steps.pr_number.outputs.pr_id }}"

Then in my workflow

    title: test curl 
      - script:
          title: Logs
            - content: |
                echo "print env $VALUEFROMSECRETS"
                echo "print secret $VALUEFROMSECRETS"
                echo "PR ID $BITRISE_PULL_REQUEST"

Bitrise do update the enc for the Pull Request and I do have the PR id value

But other secrets/Env are empty

Do I need to expose those secreta to Pull Request or I’m missing a parameter in the curl?

Secrets are stored on the website, for pull request to see them you need to click expose for pull requests