EnvKey v2

Configuration and secrets management done right.

🔒 End-to-end encryption for API keys, encryption keys, and other secrets.

⚡️ Live reload for environment variables and config.

Open Source MIT License. Cloud or self-hosted.

EnvKey is desktop-only.
Check back on desktop to download.
Zillow Sky News 8x8 Qogita Leif Ginger RVShare Athletic Greens Lingoda The Daily Beast

Step 1

From development to CI to staging to production, securely manage configuration and secrets all in one place.

Step 2

Load your config anywhere. Reload automatically after a change.

$ envkey-source -- any-shell-command$ envkey-source -- command
# That's it!# That's it! Your command runs with the latest environment variables.

$ envkey-source -w -- ./start-server
# Automatically reload.# Automatically reload with the latest environment after a change.

More ways to load ˯

Accelerate development. Tighten security. Delight your team.

🛳 Ship faster by preventing config bugs and keeping environments in sync automatically, in development and across your whole infrastructure. You'll be amazed by how much time you save.

☠️ Avoid costly and embarrassing security incidents by keeping secrets away from code, email, chat, and third party services that don't deserve your trust. Sloppy secrets management is the leading cause of breaches. Don't be the next victim.

🐎 Tame your org's config. Prevent duplication and sprawl. Control access. Log everything. Rotate secrets easily.

🛠 Works with any language, host, or platform, including Docker, Kubernetes, Heroku, VMs, and every cloud vendor.

🧘 Experience configuration nirvana. Integrate your first project in 2 minutes. You'll never go back.

See it in action.

Watch Dane integrate EnvKey with an app in just a few minutes.

The first time we used EnvKey, it really felt like magic. A dev would build a feature, add the new value into EnvKey, and magically, all other devs had the value.

It has eliminated a class of problem which absolutely plagued us, especially on new fast-moving projects, where you can't afford to lose half a day debugging some cryptic error message because there just happens to be a random new env var.

Gabriel Fortuna - Founder, Zero One

EnvKey has been such a lifesaver for our team at Soundstripe. Onboarding new developers was instantly streamlinedas far as environment setups are concerned, and configuring servers has been simplified dramatically. We're hooked!

Trevor Hinesley - CTO, Soundstripe

First of all, I would like to say THANK YOU. EnvKey has solved a major problem for us, in managing our secrets really well.

We rolled it out across our dev, staging and production environments yesterday, and it was a smooth, 15 minute process.

We host everything on AWS, and I spent a week studying their key management solution. EnvKey made it ridiculously easy.

Devan Sabaratnam - Founder, HRPartner

Uncompromising security.

Audit logs
Combined Shape Created with Sketch. Device-based auth
Secure invitations
Artboard 23 Easy access control
OS keyring integration
Trusted IPs

Enhanced productivity.

Version control
Powerful, scriptable CLI
Auto-reloading environments
Environment branches
noun_boxes_3254207 Created with Sketch. Stackable config blocks
Custom environments
Environment inheritance
007 - Laptop Local development overrides
Data import/export
Conflict resolution
Change hooks
Account recovery keys

Flexible hosting.

Turn-key self-hosting
Multi-region redundancy
Behind-your-firewall mode

Advanced user management.

SCIM directory sync

Open Source

EnvKey is open source under the MIT License.

EnvKey's Cloud and Business Self-Hosted products include commercially licensed server-side extensions for battle-ready infrastructure and advanced user management.

Next Level Data Security

Zero-knowledge end-to-end encryption with out-of-band verification ensures that no host, server, employee, or third party ever has access to your organization's secrets, unless it is specifically granted.

Even if an attacker takes over EnvKey Cloud or your Self-Hosted EnvKey host, your secrets will still be safe.

EnvKey's client-side end-to-end encryption is built with the NaCl cryptography library: a fast, modern, trusted standard.

Highly Available & Redundant

EnvKey's Cloud and Business Self-Hosted products run on highly secure, highly available, auto-scaling infrastructure. Your encrypted config is replicated to Amazon S3 in multiple regions for additional redundancy.

Integrate in minutes. Save hundreds of developer hours.

EnvKey is desktop-only.
Check back on desktop to download.
Backed By
YCombinator FundersClub