Home

Awesome

<h1 align="center"> <img width="300" src="/img/logoname-white.svg#gh-dark-mode-only" alt="infisical"> </h1> <p align="center"> <p align="center"><b>The open-source secret management platform</b>: Sync secrets/configs across your team/infrastructure and prevent secret leaks.</p> </p> <h4 align="center"> <a href="https://infisical.com/slack">Slack</a> | <a href="https://infisical.com/">Infisical Cloud</a> | <a href="https://infisical.com/docs/self-hosting/overview">Self-Hosting</a> | <a href="https://infisical.com/docs/documentation/getting-started/introduction">Docs</a> | <a href="https://www.infisical.com">Website</a> | <a href="https://infisical.com/careers">Hiring (Remote/SF)</a> </h4> <p align="center"> <a href="https://infisical.com/docs/self-hosting/deployment-options/aws-ec2"> <img src=".github/images/deploy-to-aws.png" width="137" /> </a> <a href="https://infisical.com/docs/self-hosting/deployment-options/digital-ocean-marketplace" alt="Deploy to DigitalOcean"> <img width="200" alt="Deploy to DO" src="https://www.deploytodo.com/do-btn-blue.svg"/> </a> </p> <h4 align="center"> <a href="https://github.com/Infisical/infisical/blob/main/LICENSE"> <img src="https://img.shields.io/badge/license-MIT-blue.svg" alt="Infisical is released under the MIT license." /> </a> <a href="https://github.com/infisical/infisical/blob/main/CONTRIBUTING.md"> <img src="https://img.shields.io/badge/PRs-Welcome-brightgreen" alt="PRs welcome!" /> </a> <a href="https://github.com/Infisical/infisical/issues"> <img src="https://img.shields.io/github/commit-activity/m/infisical/infisical" alt="git commit activity" /> </a> <a href="https://cloudsmith.io/~infisical/repos/"> <img src="https://img.shields.io/badge/Downloads-6.95M-orange" alt="Cloudsmith downloads" /> </a> <a href="https://infisical.com/slack"> <img src="https://img.shields.io/badge/chat-on%20Slack-blueviolet" alt="Slack community channel" /> </a> <a href="https://twitter.com/infisical"> <img src="https://img.shields.io/twitter/follow/infisical?label=Follow" alt="Infisical Twitter" /> </a> </h4> <img src="/img/infisical_github_repo2.png" width="100%" alt="Dashboard" />

Introduction

Infisical is the open source secret management platform that teams use to centralize their application configuration and secrets like API keys and database credentials as well as manage their internal PKI.

We're on a mission to make security tooling more accessible to everyone, not just security teams, and that means redesigning the entire developer experience from ground up.

Features

Secrets Management:

Internal PKI:

Key Management (KMS):

General Platform:

Getting started

Check out the Quickstart Guides

Use Infisical CloudDeploy Infisical on premise
The fastest and most reliable way to <br> get started with Infisical is signing up <br> for free to Infisical Cloud.<br> View all deployment options

Run Infisical locally

To set up and run Infisical locally, make sure you have Git and Docker installed on your system. Then run the command for your system:

Linux/macOS:

git clone https://github.com/Infisical/infisical && cd "$(basename $_ .git)" && cp .env.example .env && docker compose -f docker-compose.prod.yml up

Windows Command Prompt:

git clone https://github.com/Infisical/infisical && cd infisical && copy .env.example .env && docker compose -f docker-compose.prod.yml up

Create an account at http://localhost:80

Scan and prevent secret leaks

On top managing secrets with Infisical, you can also scan for over 140+ secret types in your files, directories and git repositories.

To scan your full git history, run:

infisical scan --verbose

Install pre commit hook to scan each commit before you push to your repository

infisical scan install --pre-commit-hook

Lean about Infisical's code scanning feature here

Open-source vs. paid

This repo available under the MIT expat license, with the exception of the ee directory which will contain premium enterprise features requiring a Infisical license.

If you are interested in managed Infisical Cloud of self-hosted Enterprise Offering, take a look at our website or book a meeting with us.

Security

Please do not file GitHub issues or post on our public forum for security vulnerabilities, as they are public!

Infisical takes security issues very seriously. If you have any concerns about Infisical or believe you have uncovered a vulnerability, please get in touch via the e-mail address security@infisical.com. In the message, try to provide a description of the issue and ideally a way of reproducing it. The security team will get back to you as soon as possible.

Note that this security address should be used only for undisclosed vulnerabilities. Please report any security problems to us before disclosing it publicly.

Contributing

Whether it's big or small, we love contributions. Check out our guide to see how to get started.

Not sure where to get started? You can:

Resources