The Public API accepts multiple modes of authentication being via Infisical Token or API Key.

  • Infisical Token: Provides short-lived, scoped CRUD access to the secrets of a specific project and environment.
  • API Key: Provides full access to all endpoints representing the user without ability to encrypt/decrypt secrets for E2EE endpoints.
  • Infisical Token

  • API Key

The Infisical Token mode uses an Infisical Token to authenticate with the API.

To authenticate requests with Infisical using the Infisical Token, you must include your Infisical Token in the Authorization header of HTTP requests made to the platform with the value Bearer <infisical_token>.

You can obtain an Infisical Token in Project Settings > Service Tokens.

token add