Open Source
Secret Management

All-in-one platform to securely manage application configuration and secrets across your team and infrastructure.

Everyone has secrets. We secure over
100 Million
every day.
Start quickly, scale effortlessly. Secure your applications without any hassle.
1import { InfisicalClient, LogLevel } from "@infisical/sdk";
2
3const client = new InfisicalClient({
4clientId: "YOUR_CLIENT_ID",
5clientSecret: "YOUR_CLIENT_SECRET"
6});
7
8const secret = await client.getSecret({
9projectId: "PROJECT_ID",
10environment: "prod",
11secretName: "POSTGRES_TOKEN"
12});
Quickstart Guide
Building secure applications can be
easy.
Infisical provides a set of tools to automate your security in a “security shift left” way.
Infisical CLI
Switch from .env files to Infisical CLI. Keep secrets always in sync with your teammates. Works with any platform and framework.
(base) user@MacBook % infisical run --env=dev -- npm run devInjecting 13 Infisical secrets into your application process...
Web Dashboard
A simple interface to manage your secrets, environments, and applications.
Secret
Dev
Staging
Prod
DATABASE_URL
TWILIO_TOKEN
JWT_TOKEN
ENCRYPTION_KEY
Secret Leak Prevention
Automatically identify and prevent secret leaks to git using Infisical's continuous monitoring and precommit checks. Supports 150+ secret types.
(base) user@MacBook % git commit -m "Code Update"Warning: Hardcoded secret detected – commit blocked by Infisical.File: backend/src/json/integrations.json Line: 5
Secret Versioning
Track every change of your secrets and rollback to any point in time.
ENCRYPTION_KEY
1
Value: 2B7E151628AED2A6ABF7158809CF4F3CTimestamp: March 1st at 12:03amBy: [email protected]
2
Value: 8E73B0F7DA0E6452C810F32B809079E56Timestamp: March 3rd at 7:45amBy: [email protected]
3
Value: 603DEB1015CA71BE2B73AEF0857D77811Timestamp: March 7th at 4:23pmBy: [email protected]
Secret Rotation and Dynamic Secrets
Eliminate long-lasting credentials to reduce risk of breach and credential leaks. Generate secrets dynamically on-demand in a way that is unique to every client.
Set up Automatic Secret Rotation
Secret Path: /Secret Key: POSTGRES_TOKENEnvironment: ProductionInterval: 1 day
Cancel
Start
We’ve got your back,
no matter your stack.
Use Infisical to manage secrets in your favorite cloud providers, Infrastructure tools, frameworks, and more.
Integration Logo
GitHub
Integration Logo
Secrets Manager
Integration Logo
Kubernetes
Integration Logo
Docker
Integration Logo
Azure Key Vault
Integration Logo
Terraform
Integration Logo
GitLab
Integration Logo
Ansible
Integration Logo
GCP Secret Manager
Integration Logo
Vercel
Integration Logo
Heroku
Integration Logo
Cloudflare
Integration Logo
Jenkins
Integration Logo
Bitbucket
Explore Integrations
Hugging Face Logo
Securing the future of AI with Infisical
"Infisical provided all the functionality and security settings we needed to boost our security posture and save engineering time. Whether you're working locally, running kubernetes clusters in production, or operating secrets within CI/CD pipelines, Infisical has a seamless prebuilt workflow."Adrien Carreira, Head of Infrastructure, Hugging Face
Read Customer Story
Enterprise-level
governance.
Infisical lets you set up tight authorization policies, and provides access control tools to embrace "security shift left".
Audit Logs
Track everything. Be aware of every action that is happening to your secrets and other sensitive data.
Event
User
Source
IP-address
Time
23 Secrets Viewed
[email protected]
Web
2001:0000:13...
2 min ago
1 Secret Added
[email protected]
CLI
2001:0000:13...
5 min ago
User Logged In
[email protected]
Web
2001:0000:13...
9 min ago
Secret Added
[email protected]
Terraform
2001:db8:331...
11 min ago
Access Controls
Stay in control. Set up tight granular permissions for human and machine identities.
Name
Email
Role
Aarron Johnson
[email protected]
Admin
Taylor Swift
[email protected]
Superadmin
John Smith
[email protected]
Developer
Glenn Taylow
[email protected]
Developer
Approval Workflows
Review sensitive changes. Just like in git, assign reviewers to approve secret changes before propagating to apps.
1 Secret Added[email protected] submitted a change request to production environment.
New Secret
Value
ENCRYPTION_KEY
******************
Reject
Approve
Temporary Access
Trust minimally. Give access to sensitive resources only temporarily. Revoke automatically upon expiration.
Grant Temporary Access
User: [email protected]Environment: Pre-productionPeriod: 90 minutes
Automatically rotate secrets upon access revocation
Cancel
Grant
Reliability you can count on.Infisical leads the industry with its reliability and security inititatives.
Compliant
Infisical is SOC 2 compliant and is constantly undergoing continuous penetration testing.
Reliable
Powering mission-critical infrastructures of all sizes, with support SLAs and observability.
Secure
Infisical encrypts secrets with AES-GCM-256, enforces tight authentication policies, and more.
Self-hostable
Deploy Infisical on your own infrastructure or use Infisical Cloud with no maintenance overhead.
Explore Security
2,500+
Community Members
10,000+
Organizations on Infisical
99.99%
Uptime Guarantee
Starting with Infisical is simple, fast, and free.
Get StartedGet a demo
Full Infisical Logo

PRODUCT

Secret Management

Secret Scanning

Share Secret

Pricing

Security

USE CASES

Infisical AgentKubernetesDynamic SecretsTerraformAnsibleJenkinsDockerAWS ECSGitLabGitHubSDKs

DEVELOPERS

DocumentationChangelogAPI ReferenceStatusFeedback & RequestsCommunity SlackHow to contribute

RESOURCES

Blog

Infisical vs Vault

Careers

Hiring

Forum

Open Source Friends

Customers

Company Handbook

Trust Center

LEGAL

Terms of Service

Privacy Policy

Subprocessors

Service Level Agreement

CONTACT

Team Email

Sales

Support