Skip to main content
Infisical’s Public (REST) API provides users an alternative way to programmatically access and manage secrets via HTTPS requests. This can be useful for automating tasks, such as rotating credentials, or for integrating secret management into a larger system. With the Public API, you can create, read, update, and delete secrets, as well as manage access control, query audit logs, and more.

API Versioning

The API is versioned on a per-resource basis. A resource’s version is only incremented for breaking changes, so different endpoints may have different version numbers (e.g., /api/v4/secrets vs. /api/v1/secret-syncs). As a best practice, always use the latest available version for each endpoint to ensure access to the most recent features and improvements.

Rate Limits

Infisical enforces several different types of rate limits:
  • Read: For GET and LIST operations.
  • Write: For CREATE, UPDATE, and DELETE operations.
  • Secret: Specifically for secret management operations such as getting and creating secrets.
  • Identity Creation: For creating new identities within an organization.
  • Project Creation: For creating new projects within an organization.
Self-hosted instances have no limits, these limits apply only to Infisical Cloud.
  • Read: 200/minute
  • Write: 90/minute
  • Secret: 120/minute
  • Identity Creation: 30/minute
  • Project Creation: 30/minute
Custom rate limits are available for Enterprise customers. If you need higher rate limits, please contact [email protected].