Infisical Java SDK
If you’re working with Java, the official Infisical Java SDK package is the easiest way to fetch and work with secrets for your application.
Basic Usage
package com.example.app;
import com.infisical.sdk.InfisicalClient;
import com.infisical.sdk.schema.*;
public class Example {
public static void main(String[] args) {
// Create a new Infisical Client
ClientSettings settings = new ClientSettings();
settings.setClientID("MACHINE_IDENTITY_CLIENT_ID");
settings.setClientSecret("MACHINE_IDENTITY_CLIENT_SECRET");
settings.setCacheTTL(Long.valueOf(300)); // 300 seconds, 5 minutes
InfisicalClient client = new InfisicalClient(settings);
// Create the options for fetching the secret
GetSecretOptions options = new GetSecretOptions();
options.setSecretName("TEST");
options.setEnvironment("dev");
options.setProjectID("PROJECT_ID");
// Fetch the sercret with the provided options
GetSecretResponseSecret secret = client.getSecret(options);
// Print the value
System.out.println(secret.getSecretValue());
// Important to avoid memory leaks!
// If you intend to use the client throughout your entire application, you can omit this line.
client.close();
}
}
This example demonstrates how to use the Infisical Java SDK in a Java application. The application retrieves a secret named TEST
from the dev
environment of the PROJECT_ID
project.
We do not recommend hardcoding your Machine Identity Tokens. Setting it as an environment variable would be best.
Installation
The Infisical Java SDK is hosted on the GitHub Packages Apache Maven registry. Because of this you need to configure your environment properly so it’s able to pull dependencies from the GitHub registry. Please check this guide from GitHub on how to achieve this.
Our package is located here. Please follow the installation guide on the page.
Configuration
Import the SDK and create a client instance with your Machine Identity.
import com.infisical.sdk.InfisicalClient;
import com.infisical.sdk.schema.*;
public class App {
public static void main(String[] args) {
ClientSettings settings = new ClientSettings();
settings.setClientID("MACHINE_IDENTITY_CLIENT_ID");
settings.setClientSecret("MACHINE_IDENTITY_CLIENT_SECRET");
InfisicalClient client = new InfisicalClient(settings); // Your client!
}
}
ClientSettings methods
Caching
To reduce the number of API requests, the SDK temporarily stores secrets it retrieves. By default, a secret remains cached for 5 minutes after it’s first fetched. Each time it’s fetched again, this 5-minute timer resets. You can adjust this caching duration by setting the “cacheTTL” option when creating the client.
Working with Secrets
client.listSecrets(options)
ListSecretsOptions options = new ListSecretsOptions();
options.setEnvironment("dev");
options.setProjectID("PROJECT_ID");
options.setPath("/foo/bar");
options.setIncludeImports(false);
SecretElement[] secrets = client.listSecrets(options);
Retrieve all secrets within the Infisical project and environment that client is connected to
Methods
client.getSecret(options)
GetSecretOptions options = new GetSecretOptions();
options.setSecretName("TEST");
options.setEnvironment("dev");
options.setProjectID("PROJECT_ID");
GetSecretResponseSecret secret = client.getSecret(options);
String secretValue = secret.getSecretValue();
Retrieve a secret from Infisical.
By default, getSecret()
fetches and returns a shared secret.
Methods
client.createSecret(options)
CreateSecretOptions createOptions = new CreateSecretOptions();
createOptions.setSecretName("NEW_SECRET");
createOptions.setEnvironment("dev");
createOptions.setProjectID("PROJECT_ID");
createOptions.setSecretValue("SOME SECRET VALUE");
createOptions.setPath("/"); // Default
createOptions.setType("shared"); // Default
CreateSecretResponseSecret newSecret = client.createSecret(createOptions);
Create a new secret in Infisical.
Methods
client.updateSecret(options)
UpdateSecretOptions options = new UpdateSecretOptions();
options.setSecretName("SECRET_TO_UPDATE");
options.setSecretValue("NEW SECRET VALUE");
options.setEnvironment("dev");
options.setProjectID("PROJECT_ID");
options.setPath("/"); // Default
options.setType("shared"); // Default
UpdateSecretResponseSecret updatedSecret = client.updateSecret(options);
Update an existing secret in Infisical.
Methods
client.deleteSecret(options)
DeleteSecretOptions options = new DeleteSecretOptions();
options.setSecretName("SECRET_TO_DELETE");
options.setEnvironment("dev");
options.setProjectID("PROJECT_ID");
options.setPath("/"); // Default
options.setType("shared"); // Default
DeleteSecretResponseSecret deletedSecret = client.deleteSecret(options);
Delete a secret in Infisical.
Methods
Cryptography
Create a symmetric key
Create a base64-encoded, 256-bit symmetric key to be used for encryption/decryption.
String key = client.createSymmetricKey();
Returns (string)
key
(string): A base64-encoded, 256-bit symmetric key, that can be used for encryption/decryption purposes.
Encrypt symmetric
EncryptSymmetricOptions options = new EncryptSymmetricOptions();
options.setKey(key);
options.setPlaintext("Infisical is awesome!");
EncryptSymmetricResponse encryptedData = client.encryptSymmetric(options);
Methods
Returns (object)
tag (getTag())
(string): A base64-encoded, 128-bit authentication tag.
iv (getIv())
(string): A base64-encoded, 96-bit initialization vector.
ciphertext (getCipherText())
(string): A base64-encoded, encrypted ciphertext.
Decrypt symmetric
DecryptSymmetricOptions decryptOptions = new DecryptSymmetricOptions();
decryptOptions.setKey(key);
decryptOptions.setCiphertext(encryptedData.getCiphertext());
decryptOptions.setIv(encryptedData.getIv());
decryptOptions.setTag(encryptedData.getTag());
String decryptedString = client.decryptSymmetric(decryptOptions);
Methods
Returns (string)
Plaintext
(string): The decrypted plaintext.