Open source platform for fast-moving engineering teams to secure and deploy application secrets β from development to production.
A developer-friendly alternative to HashiCorp Vault and AWS Secrets Manager that works with your whole team π§βπ».
console-ui.mp4
| Features | |
|---|---|
| π | Phase Console: Dashboard for seamlessly creating, managing, rotating secrets, and environment variables |
| β¨οΈ | CLI: Import existing secrets from .env files, encrypt them, and securely inject them in your application at runtime |
| π€« | Secret management: Secret Diffs, version control, and recovery |
| π | RBAC: Fine-grained, role-based, and cryptographic access control, per application, per environment. |
| π | Integrations: Automatically sync secrets to GitHub, Cloudflare Pages, GitLab CI, Railway, AWS Secrets Manager, etc. |
 |
Kubernetes: Automatically deploy secrets to your Kubernetes Cluster with End-to-End encryption via Phase Secrets Operator |
| βοΈ | Secret referencing & overrides: Create personal secrets. Inherit values from other secrets |
| π | REST API: Access and manage secrets programmatically |
| π¦ | SDKs: SDKs for integrating Phase with various programming languages and frameworks |
| π₯‘ | Self Hosting: Run Phase on your own infrastructure |
| π | Audit Logs: Complete visibility into every change and access event |
Ξ» phase
Securely manage application secrets and environment variables with Phase.
@@@
@@@@@@@@@@
@@@@@@@@@@@@@@@@
P@@@@@&@@@?&@@&@@@@@P
P@@@@# @&@ @P@@@
&@@@# *@& #@@@&
&@@@5 &@? 5@@@&
Y@@@# ^@@ #@@@J
#@@@7 B@5 7@@@#
#@@@? .@@. ?@@@#
@@@@& 5@G &@@@7
#@@@B @@^ #@@@B
B@@@@ .@# 7@@@@B
@@@@@@ &.@ P@@@@@7
@@@@@@@@@@@@@@@@@@@@@
@@@@@@@@@@@@@@@
@@@@@@@@
@@@
options:
-h, --help show this help message and exit
--version, -v
show program's version number and exit
Commands:
auth π» Authenticate with Phase
init π Link your project with your Phase app
run π Run and inject secrets to your app
secrets ποΈ Manage your secrets
secrets list π List all the secrets
secrets get π Get a specific secret by key
secrets create π³ Create a new secret
secrets update π Update an existing secret
secrets delete ποΈ Delete a secret
secrets import π© Import secrets from a .env file
secrets export π₯‘ Export secrets in a dotenv format
users π₯ Manage users and accounts
users whoami π See details of the current user
users logout π Logout from phase-cli
users keyring π Display information about the Phase keyring
docs π Open the Phase CLI Docs in your browser
console π₯οΈ Open the Phase Console in your browser
update π Update the Phase CLI to the latest versionCheck out the Quickstart Guides
The quickest and most reliable way to get started is by signing up on the Phase Console.
| Deploy Phase Console on your infrastructure | |
|---|---|
 |
Docker Compose |
 |
AWS |
 |
Google Cloud Platform |
 |
Azure |
 |
DigitalOcean |
| π₯‘ | Self-hosting Phase |
More coming soon!
Phase operates on an open-core model, similar to that of GitLab.
This repo is available under the MIT expat license, with the exception of the ee directory which will contain Pro or Enterprise features requiring a Phase license.
For more information on how Phase encryption works, please see the Security Docs
Please do not file GitHub issues or post on our public forum for security vulnerabilities, as they are public!
For more information see: SECURITY.md
We love contributions. See CONTRIBUTING.md
You can join our Slack if you have any questions!