What is Infisical?
An Introduction to the Infisical secret management platform.
Infisical is the open source secret management platform that developers use to centralize their application configuration and secrets like API keys and database credentials as well as manage their internal PKI. Additionally, developers use Infisical to prevent secrets leaks to git and securely share secrets amongst engineers.
Start managing secrets securely with Infisical Cloud or learn how to host Infisical yourself.
Infisical Cloud
Get started with Infisical Cloud in just a few minutes.
Self-hosting
Self-host Infisical on your own infrastructure.
Why Infisical?
Infisical helps developers achieve secure centralized secret management and provides all the tools to easily manage secrets in various environments and infrastructure components. In particular, here are some of the most common points that developers mention after adopting Infisical:
- Streamlined local development processes (switching .env files to Infisical CLI and removing secrets from developer machines).
- Best-in-class developer experience with an easy-to-use Web Dashboard.
- Simple secret management inside CI/CD pipelines and staging environments.
- Secure and compliant secret management practices in production environments.
- Facilitated workflows around secret change management, access requests, temporary access provisioning, and more.
- Improved security posture thanks to secret scanning, granular access control policies, automated secret rotation, and dynamic secrets capabilities.
How does Infisical work?
To make secret management effortless and secure, Infisical follows a certain structure for enabling secret management workflows as defined below.
Identities in Infisical are users or machine which have a certain set of roles and permissions assigned to them. Such identities are able to manage secrets in various Clients throughout the entire infrastructure. To do that, identities have to verify themselves through one of the available Authentication Methods.
As a result, the 3 main concepts that are important to understand are:
- Identities: users or machines with a set permissions assigned to them.
- Clients: Infisical-developed tools for managing secrets in various infrastructure components (e.g., Kubernetes Operator, Infisical Agent, CLI, SDKs, API, Web Dashboard).
- Authentication Methods: ways for Identities to authenticate inside different clients (e.g., SAML SSO for Web Dashboard, Universal Auth for Infisical Agent, AWS Auth etc.).
How to get started with Infisical?
Depending on your use case, it might be helpful to look into some of the resources and guides provided below.
Command Line Interface (CLI)
Inject secrets into any application process/environment.
SDKs
Fetch secrets with any programming language on demand.
Docker
Inject secrets into Docker containers.
Kubernetes
Fetch and save secrets as native Kubernetes secrets.
REST API
Fetch secrets via HTTP request.
Native Integrations
Explore integrations for GitHub, Vercel, AWS, and more.