Infisical

The open-source platform for secrets, certificates, privileged access, and AI agent security — all in one self-hostable system.

27.6Kstars
2Kforks
Custom / Unknown
TypeScript

Infisical is an open-source security infrastructure platform built for developers and infrastructure teams who need centralized control over secrets, certificates, and privileged access without depending on proprietary SaaS. It eliminates scattered .env files, credential sprawl, and manual rotation by providing a unified dashboard, CLI, SDK, and API that spans every environment from local development through Kubernetes and CI/CD.

The platform covers four major domains under one roof: secrets management with versioning, rotation, and dynamic credentials; PKI certificate lifecycle management including private CA hierarchies, external CA integrations, and ACME/EST enrollment; a full KMS for symmetric key operations; and privileged access management that brokers just-in-time access to databases, SSH hosts, Kubernetes clusters, and Windows RDP. Recent additions include post-quantum cryptography support for X.509 certificates using ML-DSA and SLH-DSA algorithms, a Privileged Access Management module with in-browser terminal sessions, and an MCP (Model Context Protocol) server that lets AI agents access secrets and infrastructure without ever holding credentials directly.

Built on a TypeScript/Node.js backend with Fastify, Knex, and PostgreSQL, plus a Go backend for gateway and KMS operations, Infisical ships as a Docker Compose stack or Helm chart. It integrates with AWS, GCP, Azure, GitHub, Vercel, Terraform, Ansible, and dozens of other tools for secret syncs and authentication. Compliance features include FIPS 140-3 mode, SOC 2 audit logs, SCIM provisioning, and ClickHouse-backed audit log streaming.

What You Get

  • Secrets Management Dashboard - A web UI to create, version, and manage API keys, database passwords, and configuration values across multiple projects and environments with RBAC, approval workflows, and point-in-time recovery.
  • Secret Syncs - Declarative sync pipelines that push secrets from Infisical to GitHub Actions, Vercel, AWS Secrets Manager, AWS Parameter Store, Azure Key Vault, GCP Secret Manager, Terraform Cloud, Ansible Vault, and more.
  • Dynamic Secrets - On-demand ephemeral credentials generated for PostgreSQL, MySQL, MSSQL, MongoDB, Redis, RabbitMQ, AWS IAM, Kubernetes, Cassandra, Snowflake, Elasticsearch, and LDAP — with configurable TTLs and automatic lease cleanup.
  • Secret Rotation - Scheduled automatic rotation of long-lived credentials for PostgreSQL, MySQL, AWS IAM users, GitHub tokens, and other services with pre-rotation conflict validation.
  • Infisical Kubernetes Operator - A Kubernetes-native operator that creates InfisicalSecret custom resources, syncs secrets into Kubernetes secrets, and triggers deployment rollouts when values change — without modifying application manifests.
  • Infisical Agent - A sidecar/daemon that reads templates and injects secrets into configuration files or environment variables at runtime, supporting any language or deployment target without code changes.
  • Private PKI and Certificate Lifecycle - A built-in private CA hierarchy (root and intermediate CAs) with certificate profiles, policies, enrollment via API/ACME/EST, CRL/OCSP revocation, inventory tracking, and alerting for expiring certs.
  • External CA Integrations - Native integrations with Let’s Encrypt, DigiCert, Microsoft AD CS, Sectigo, and AWS Private CA to issue publicly trusted certificates or leverage existing PKI infrastructure.
  • Post-Quantum Cryptography for Certificates - Issue X.509 certificates using NIST-standardized post-quantum algorithms including ML-DSA-44/65/87 and SLH-DSA variants, future-proofing PKI against quantum-capable adversaries.
  • Infisical KMS - Manage symmetric AES-GCM-256 cryptographic keys centrally and use them to encrypt or decrypt arbitrary data via API or SDK, with support for hardware security modules (SoftHSM) and FIPS 140-3 compliance.
  • Privileged Access Management (PAM) - Broker just-in-time access to PostgreSQL, MySQL, MSSQL, SSH servers, Kubernetes clusters, Redis, Windows RDP, and Active Directory with automatic credential rotation and full session recording.
  • In-Browser Terminal Sessions - Connect to SSH hosts, PostgreSQL, Redis, and Windows RDP directly from the Infisical UI without a VPN or local client, with recorded sessions and AI-powered session insights.
  • Secret Scanning and Honey Tokens - A CLI-based scanner that detects 140+ secret types across git history, files, and directories with pre-commit hooks; honey tokens plant decoy credentials that alert immediately when accessed.
  • AI Agent Vault (MCP Integration) - An MCP (Model Context Protocol) server that lets AI agents retrieve secrets and call infrastructure tools without ever holding credentials — the gateway proxies and injects secrets before forwarding requests.
  • Audit Logs with Streaming - Full audit trail for every secret read, write, approval, and cert operation with optional streaming to ClickHouse, Datadog, Splunk, or AWS S3 for long-term retention and SIEM integration.
  • Multi-Cloud Machine Identity Auth - Authenticate services and CI/CD pipelines using Kubernetes Auth, AWS IAM, GCP workload identity, Azure Managed Identity, OIDC, JWT, LDAP, or Universal Auth (client credentials).
  • Infisical CLI and SDKs - A cross-platform CLI for local development, secret injection, and scanning; official SDKs for Node.js, Python, Go, Ruby, Java, and .NET for programmatic access.
  • Self-Hosting via Docker Compose and Helm - Deploy on your own infrastructure with a single Docker Compose file for single-node or a Helm chart for Kubernetes, with full control over data residency, networking, and encryption keys.

Common Use Cases

  • Securing Kubernetes application secrets - A platform team deploys the Infisical Kubernetes Operator to replace Kubernetes secrets stored in plaintext YAML; the operator syncs encrypted secrets from Infisical and restarts affected pods whenever values rotate, eliminating manual kubectl secret patching.
  • Blocking credential leaks in CI/CD - A security engineer integrates Infisical’s secret scanner as a pre-commit hook and GitHub Actions step, automatically blocking PRs that contain AWS keys, JWT secrets, or database passwords before they reach version control.
  • Running a private CA for internal services - An enterprise platform team stands up Infisical’s private PKI to issue TLS certificates for internal microservices using ACME enrollment, replacing a fragile mix of self-signed certs and manual OpenSSL commands with policy-enforced, auto-renewing certificates.
  • Just-in-time access for database maintenance - An on-call engineer requests temporary PostgreSQL access through the Infisical PAM module; the system issues a short-lived credential, records the session, and automatically rotates the underlying password when the lease expires — leaving no persistent credentials in engineer hands.
  • AI agent tool access without credential exposure - An AI platform team connects their LLM-based agent to the Infisical MCP server; the agent can invoke approved tools and retrieve results without ever receiving raw API keys, with every tool call logged for compliance review.
  • Compliant secrets management for regulated industries - A healthcare startup self-hosts Infisical in FIPS 140-3 mode to satisfy HIPAA and SOC 2 requirements, using audit log streaming to ClickHouse for immutable evidence of every secret access and approval workflow for production changes.

Under The Hood

Architecture Infisical uses a clean layered monorepo that separates a TypeScript/Node.js backend, a Next.js frontend, and a Go backend into distinct packages with shared type contracts. The Node backend applies a factory-based dependency injection pattern throughout — each service, DAL (data access layer), and queue handler is created via typed factory functions that receive their dependencies explicitly, avoiding global singletons and making unit testing straightforward. The EE (enterprise edition) directory cleanly extends core services through service composition rather than inheritance, so the open-source core remains decoupled from enterprise features. OpenTelemetry instrumentation, Prometheus metrics, and structured logging are injected as middleware at the Fastify layer, preserving separation of concerns across observability, routing, and business logic. The Go backend handles the gateway proxy, KMS operations, and server-side compute tasks that benefit from Go’s concurrency model and smaller binary footprint.

Tech Stack The primary backend is Node.js 20 with TypeScript, Fastify as the HTTP framework, and Knex.js as the SQL query builder against PostgreSQL. A Redis cluster (or BullMQ-backed queue) handles async job processing for secret rotation, certificate renewal, and audit log streaming. The frontend is Next.js 14 with React, using a component library built on Radix UI primitives. The Go backend uses Chi for routing and integrates with AWS KMS, GCP Cloud KMS, and HashiCorp Vault for external key management. Cryptographic operations include native Node.js crypto for AES-GCM, the @peculiar/x509 library for X.509 parsing, OpenSSL via subprocess calls for post-quantum algorithm support (ML-DSA, SLH-DSA), and SoftHSM for PKCS#11-compliant HSM operations in FIPS mode. ClickHouse is an optional dependency for high-volume audit log storage.

Code Quality The codebase demonstrates strong engineering discipline. Vitest powers both unit and end-to-end test suites, with e2e tests exercising real database connections using a dedicated Knex environment. Error handling is explicit and typed — custom error classes (BadRequestError, NotFoundError, ForbiddenRequestError, UnauthorizedError, RateLimitError) are used consistently throughout services and route handlers, with a classifyError utility that maps errors to bounded label categories for telemetry. TypeScript strict mode is enforced across the codebase with Zod schemas used for request validation at every API boundary. ESLint and Prettier enforce consistent style, and a CLAUDE.md in both the root and backend directories documents architectural conventions for contributors. The repository has comprehensive CONTRIBUTING.md documentation and active CI through GitHub Actions.

What Makes It Unique Several technical decisions set Infisical apart from competing secrets managers. First, the addition of post-quantum cryptography support for X.509 certificates (ML-DSA and SLH-DSA via RFC 9881 OIDs) makes it one of the few open-source tools to offer NIST PQC algorithm support in a production PKI. Second, the MCP (Model Context Protocol) integration creates a credential broker specifically designed for AI agents — agents never receive raw secrets, instead invoking tools through the MCP server which proxies requests and injects credentials at the transport layer. Third, dynamic secrets cover an unusually broad range of providers (28+ including cloud IAM, relational databases, message queues, LDAP, Kubernetes, Snowflake, Elasticsearch, and more), all implemented as pluggable provider modules behind a common lease management interface. Finally, the PAM module includes in-browser terminal sessions for SSH, PostgreSQL, and Redis with AI-powered session insights — a capability typically found only in enterprise-only privileged access products.

Self-Hosting

The license is a dual-license structure: core platform code outside any ee/ directory is MIT licensed, meaning you can freely use, modify, and redistribute it commercially with no copyleft obligations. Code within the ee/ directories is governed by a proprietary Infisical Enterprise License that requires a valid subscription for production use. This means most of the open-source core — the secrets management engine, the basic PKI primitives, the CLI, and the SDK — is genuinely MIT. However, several significant features (advanced RBAC, SAML/SCIM SSO, dynamic secrets for some providers, hardware HSM support, and portions of PAM and the AI MCP integration) live under the EE license and require a paid plan to run in production.

Running Infisical yourself requires meaningful infrastructure: a PostgreSQL database (ideally with read replicas for high-availability), a Redis instance or cluster for queuing, and enough compute to run the Node.js backend (the Dockerfile raises the Node.js heap to 2 GB) and optionally the Go gateway service. For production, you’ll need to handle TLS termination (an nginx sidecar is included), configure SMTP for notifications and approval emails, manage database backups, and keep up with a release cadence that ships minor versions multiple times per week. There is no built-in HA mode for the application layer out of the box — that’s left to you via Docker Swarm, Kubernetes, or your orchestrator of choice.

The managed Infisical Cloud tier adds automatic scaling, managed PostgreSQL and Redis, built-in disaster recovery, SOC 2 and HIPAA compliance attestations handled by Infisical, priority support with SLAs, and access to all enterprise features without the operational burden. Self-hosting gives you full data sovereignty and network isolation, which is valuable for air-gapped environments or strict data residency requirements, but you are fully responsible for availability, upgrades (tested against a very frequent release schedule), secret encryption key custody, and responding to security patches. The community Slack is active and responsive, but there is no guaranteed SLA for community support.

Join founders buildingwith open source

Opinionated takes, migration guides, cost-saving tips, and insights from the open source ecosystem.

Subscribe on Substack

No spam. Unsubscribe anytime.

Join 750+ subscribers
No spam. Unsubscribe anytime.

Search