Quick usage

The CLI is designed for a variety of applications, ranging from local secret management to CI/CD and production scenarios. The distinguishing factor, however, is the authentication method used.

Local development only
Staging, production & all other use case

To use the Infisical CLI in your local development environment, simply run the command below and follow the interactive guide.

infisical login

If you are in a containerized environment such as WSL 2 or Codespaces, run infisical login -i to avoid browser based login

Initialize Infisical for your project

# navigate to your project
cd /path/to/project

# initialize infisical
infisical init

This will create .infisical.json file at the location the command was executed. This file contains your local project settings. It does not contain any sensitive data.

Inject environment variables

Feed secrets to your application
Feed secrets via custom aliases (advanced)

infisical run --env=dev --path=/apps/firefly -- [your application start command]

# example with node (nodemon)
infisical run --env=staging --path=/apps/spotify -- nodemon index.js

# example with flask
infisical run --env=prod --path=/apps/backend -- flask run

# example with spring boot - maven
infisical run --env=dev --path=/apps/ -- ./mvnw spring-boot:run --quiet

View all available options for run command here

Connect CLI to self hosted Infisical

The CLI is set to connect to Infisical Cloud by default, but if you’re running your own instance of Infisical, you can direct the CLI to it using one of the methods provided below.

Method 1: Use the updated CLI

Beginning with CLI version V0.4.0, it is now possible to choose between logging in through the Infisical cloud or your own self-hosted instance. Simply execute the infisical login command and follow the on-screen instructions.

Method 2: Export environment variable

You can point the CLI to the self hosted Infisical instance by exporting the environment variable INFISICAL_API_URL in your terminal.

Linux/MacOs
Windows Powershell

# Set backend host 
export INFISICAL_API_URL="https://your-self-hosted-infisical.com/api"

# Remove backend host 
unset INFISICAL_API_URL

Method 3: Set manually on every command

Another option to point the CLI to your self hosted Infisical instance is to set it via a flag on every command you run.

# Example
infisical <any-command> --domain="https://your-self-hosted-infisical.com/api"

Inject environment variables
Connect CLI to self hosted Infisical

Overview

Platform

Self-host Infisical

Command line

Integrations

Infrastructure Integrations

3rd-party Integrations

Framework Integrations

Security

Local development only

Staging, production & all other use case

Initialize Infisical for your project

Inject environment variables

Feed secrets to your application

Feed secrets via custom aliases (advanced)

Connect CLI to self hosted Infisical

Method 1: Use the updated CLI

Method 2: Export environment variable

Linux/MacOs

Windows Powershell

Method 3: Set manually on every command

Overview

Platform

Self-host Infisical

Command line

Integrations

Infrastructure Integrations

3rd-party Integrations

Framework Integrations

Security

Local development only

Staging, production & all other use case

Initialize Infisical for your project

​Inject environment variables

Feed secrets to your application

Feed secrets via custom aliases (advanced)

​Connect CLI to self hosted Infisical

Method 1: Use the updated CLI

Method 2: Export environment variable

Linux/MacOs

Windows Powershell

Method 3: Set manually on every command

Inject environment variables

Connect CLI to self hosted Infisical