Skip to content
Add encrypted credentials to your Laravel production environment.
Branch: master
Clone or download
mpociot Merge pull request #12 from jlmaners/laravel5.7
Add Support for Laravel 5.7
Latest commit 9ac30f5 Sep 18, 2018
Type Name Latest commit message Commit time
Failed to load latest commit information.
src Set all docblocks. Aug 19, 2018
tests Add test for default parameter of helper function May 18, 2018
.editorconfig Initial commit May 15, 2018
.gitattributes Initial commit May 15, 2018
.gitignore Initial commit May 15, 2018
.scrutinizer.yml Initial commit May 15, 2018
.styleci.yml Initial commit May 15, 2018
.travis.yml Initial commit May 15, 2018 Initial commit May 15, 2018 Initial commit May 15, 2018 Initial commit May 15, 2018 Introduce the optional fallback parameter May 29, 2018
composer.json Update dependency for Laravel 5.7 Sep 14, 2018
phpunit.xml.dist Initial commit May 15, 2018

Add encrypted credentials to your Laravel production environment

Latest Version on Packagist Build Status Quality Score Total Downloads

The beyondcode/laravel-credentials package allows you to store all your secret credentials in an encrypted file and put that file into version control instead of having to add multiple credentials into your .env file in your production environment.

There are a couple of benefits of using encrypted credentials instead of environment keys:

  • Your credentials are encrypted. No one will be able to read your credentials without the key.
  • The encrypted credentials are saved in your repository. You'll have a history of the changes and who made them.
  • You can deploy credentials together with your code.
  • All secrets are in one location. Instead of managing multiple environment variables, everything is in one file.

Here's how you can access your stored credentials. In this example we're retrieving the decrypted credential for the key api-password:

$credential = credentials('api-password');

You can also specify a fallback value to be used if the credential for the specified key cannot be decrypted:

$credential = credentials('my-production-token', 'my-fallback-value');

With the built-in edit command, you can easily edit your existing credentials. They will be automatically encrypted after saving your changes.

php artisan credentials:edit

Credentials Demo


You can install the package via composer:

composer require beyondcode/laravel-credentials

The package will automatically register itself.

You can optionally publish the configuration with:

php artisan vendor:publish --provider="BeyondCode\Credentials\CredentialsServiceProvider" --tag="config"

This is the content of the published config file:


return [

     * Defines the file that will be used to store and retrieve the credentials.
    'file' => config_path('credentials.php.enc'),

     * Defines the key that will be used to encrypt / decrypt the credentials.
     * The default is your application key. Be sure to keep this key secret!
    'key' => config('app.key'),

    'cipher' => config('app.cipher'),



composer test


Please see CHANGELOG for more information on what has changed recently.


Please see CONTRIBUTING for details.


If you discover any security related issues, please email instead of using the issue tracker.



The MIT License (MIT). Please see License File for more information.

You can’t perform that action at this time.