Develop with Secrets
Shifting security left shouldn't be rocket science. You focus on building; we'll take care of SecretOps.
Seamless dev experience
Create, list and manage secrets from your terminal.
Runtime Secret Injection
Seamlessly inject secrets into your application, container, or runtime as environment variables.
Works with your stack
Integrate with any language or framework, without the need for any code changes or added dependencies.
Deploy Secrets
Centralize, integrate and automate secret deployment pipelines across your infrastructure.
A single source of truth
Centralize your application secrets and configurations.
Automate deployments
Automate critical tasks like secret rotation and keep your deployments in sync.
Works with your infrastructure
Set up automatic secret syncing pipelines in seconds to your favorite platforms.
Manage and Control
Every critical security feature out of the box, with sane defaults.
Audit logs
Batteries included audit logging to monitor every secret CRUD operation.
Role-based access control
Enforce least privilege with cryptographically backed RBAC and custom roles.
version: '1.0'
user:
email: '[email protected]'
permissions:
- application: 'StarlinkCommand'
environments:
- 'development'
- 'production'
folder: '*'
access:
- resource: 'secrets'
actions:
- 'create'
- 'read'
- 'update'
- 'delete'
- resource: 'integrations'
actions:
- 'create'
- 'read'
- 'update'
- 'delete'
IP Allow Listing
Restrict access to secrets to specific IP ranges and networks.
version: '1.0'
user:
email: '[email protected]'
permissions:
- application: 'StarlinkCommand'
environments:
- 'development'
- 'production'
folder: '*'
access:
- resource: 'secrets'
actions:
- 'create'
- 'read'
- 'update'
- 'delete'
- resource: 'integrations'
actions:
- 'create'
- 'read'
- 'update'
- 'delete'
stories
Trusted by builders
Engineers across a wide range of industries use Phase to manage secrets to build world-class software and deploy secrets to critical infrastructure.
I saw Phase on dev hunt and decided to check it out today. Really awesome project! I think this is more superior to other secret managers! Kudos and well done for the good work!
IroroProgrammer & Technical WriterThis is a great tool! When you work with a distributed team it is always a real pain to share secrets and credentials. I also love the fact that you offer a self-hosted version. Especially in Europe a lot of companies insist on hosting on premise 😅
ChristoferWeb DeveloperPhase is a valuable resource for any engineering team looking to improve their security practices and deployment processes. Highly recommended for those looking for robust solutions!
NicolaSenior Frontend Developer @TiledeskThe DX is amazing, especially the CLI! Managing secrets has been such a pain, I am definitely gonna use Phase for projects I work on going forward. Super easy for me to recommend it to my peers.
ShivamLead Product Engineer @ ChatwootPhase has one of the most well thought out security architectures I've seen. The encryption implementation is one I show my students as a benchmark for robust cryptography in a real-world application.
AshSecurity Engineer & TA @ UofTPhase looks like a solid tool for managing secrets in a secure and efficient way. I've used similar tools, but the ease of integration with other services like GitHub and AWS really sets this apart.
MaryCo-founder @ VoxifyI have just starred the repo. The UX is much better than Infisical!
FaizanCEO @ QuvorOur team tried several tools before settling on Phase. The decision was easy once we self-hosted it on our Kubernetes cluster.
EmilySenior EngineerI was seeking a simpler and more cost-effective solution that precisely meets my requirements, and this is even easier than Infisical! Thanks for building Phase.
RebazDeveloperSwitched from HashiCorp Vault to Phase and haven't looked back. The GitHub Action integration is a huge plus.
EmmaDevOps EngineerPhase was super easy to set up and onboard our team. Love the DX.
EthanSecurity ConsultantSecret management was a mess for us. We don't know where to store them safely. Sharing this with our CTO!
AlvaroFounder @ Clous
platform
Secret management that works for you
The Phase platform provides powerful tools to build flexible solutions to meet the needs of your stack. Architect your own secret management setup to be as simple or complex as you need.
import (
"log"
"github.com/phasehq/golang-sdk/phase"
)
getOpts := phase.GetSecretOptions{
EnvName: "Production",
AppName: "MyApp",
KeyToFind: "API_KEY",
}
secret, err := phaseClient.Get(getOpts)
if err != nil {
log.Fatalf("Failed to get secret: %v", err)
} else {
log.Printf("Secret: %+v", secret)
}
Secure by default
Phase uses a sophisticated end-to-end encryption architecture to secure secrets, provision access to users and machines, and provide multiple layers of protection accross the platform.Learn about Phase Security
Audit logs
Keep track of changes to secrets, user roles, permissions and access events with detailed logs.
DB_NAME
DB_HOST
DB_PORT
DB_USER
DB_PASSWORD
DB_CONN_STRING
> phase run "printenv | grep DB_CONN_STRING"DB_CONN_STRING=postgresql://api:yc57lc4y57lk568gdxchg3@localhost:5432/postgres
Secret referencing
Construct sophisticated configuration patterns by using references to other secrets and inheriting values across folders and environments Explore
Native integrations
Integrate, don't replace. Phase works hand-in-hand with your favoritie tools and platforms to keep your application secrets secure and synced accross your infrastructure. Explore
Secret Diffs & Roll-back
Track secret changes over time via git-styled diffs. Restore secrets or entire environments with a single click.
latest updates
