The Public API accepts multiple modes of authentication being via Infisical Token or API Key.
- Infisical Token: Provides short-lived, scoped CRUD access to the secrets of a specific project and environment.
- API Key: Provides full access to all endpoints representing the user without ability to encrypt/decrypt secrets for E2EE endpoints.
The Infisical Token mode uses an Infisical Token to authenticate with the API.
To authenticate requests with Infisical using the Infisical Token, you must include your Infisical Token in the
Authorization header of HTTP requests made to the platform with the value
You can obtain an Infisical Token in Project Settings > Service Tokens.