Components

​

Overview

Infisical is architected around several key components that work in concert to provide a secure and streamlined secret management experience. These components span the client, API, and storage layers, ensuring that secrets are protected at every stage of their lifecycle.

​

1. API (Backend)

Infisical exposes a well-documented REST API that enables programmatic interaction with the platform, enabling a wide range of use cases.

​

2. Storage Backend

Infisical relies on a robust storage backend to durably store secrets, users, and other platform data. Infisical’s storage backend is PostgreSQL.

​

3. Caching Layer

Infisical uses Redis to enable more complex workflows including a queuing system to manage long-running asynchronous tasks, cron jobs, as well as reliable cache for frequently used resources.

​

4. Clients

Clients are interfaces through which users and applications interact with the Infisical API:

• Web UI: A browser-based portal providing a user-friendly interface for managing secrets, configurations, and performing administrative tasks.

• CLI: A terminal-based tool for interacting with the Infisical API, enabling automation, scripting, and integration into CI/CD pipelines.

• SDKs (Software Development Kits): Platform-specific libraries with method abstractions for working with secrets. Supported languages include Node.js, Python, Java, Golang, Ruby and .NET.

• Kubernetes Operator: A Kubernetes-native component that facilitates the secure retrieval and management of secrets within a Kubernetes cluster. The operator supports multiple custom resource definitions (CRDs) for syncing secrets.

• Infisical Agent: Daemon that automatically fetches and manages access tokens and secrets to be used in various client resources.