The CLI is designed for a variety of applications, ranging from local secret management to CI/CD and production scenarios. The distinguishing factor, however, is the authentication method used.

  • Local development only

  • Staging, production & all other use case

To use the Infisical CLI in your local development environment, simply run the command below and follow the interactive guide.

infisical login 

If you are in a containerized environment such as WSL 2 or Codespaces, run infisical login -i to avoid browser based login

Initialize Infisical for your project

# navigate to your project
cd /path/to/project

# initialize infisical
infisical init

This will create .infisical.json file at the location the command was executed. This file contains your local project settings. It does not contain any sensitive data.

Inject environment variables

  • Feed secrets to your application

  • Feed secrets via custom aliases (advanced)

infisical run --env=dev --path=/apps/firefly -- [your application start command]

# example with node (nodemon)
infisical run --env=staging --path=/apps/spotify -- nodemon index.js

# example with flask
infisical run --env=prod --path=/apps/backend -- flask run

# example with spring boot - maven
infisical run --env=dev --path=/apps/ -- ./mvnw spring-boot:run --quiet

View all available options for run command here

Connect CLI to self hosted Infisical