Infisical’s Public (REST) API is the most flexible, platform-agnostic way to read/write secrets for your application.
- Have a project with secrets ready in Infisical Cloud.
- Create an Infisical Token scoped to an environment in your project in Infisical.
To keep it simple, we’re going to fetch secrets from the API with End-to-End Encryption (E2EE) disabled.
It’s possible to use the API with E2EE enabled but this means learning about how encryption works with Infisical and performing client-side encryption/decryption operations yourself. yourself.
Head to your Project Settings, where you created your service token, and un-check the E2EE setting.
Retrieve a secret from the project and environment in Infisical scoped to your service token by making a HTTP request with the following format/details:
curl --location --request GET 'https://app.infisical.com/api/v3/secrets/raw/secretName?workspaceId=workspaceId&environment=environment' \ --header 'Authorization: Bearer serviceToken'
Name of secret to retrieve
The ID of the workspace
The environment slug
Path to secrets in workspace
The type of the secret. Valid options are “shared” or “personal”
Depending on your application requirements, you may wish to use Infisical’s API in different ways such as by retaining E2EE or fetching multiple secrets at once instead of one at a time.
Whatever the case, we recommend glossing over the API Examples to gain a deeper understanding of how you to best leverage the Infisical API for your use-case.