github/infisical
1
0
Fork 0
mirror of https://github.com/Infisical/infisical.git synced 2026-01-05 05:34:17 -05:00
Code Issues Packages Projects Releases Wiki Activity

documentation update

Browse Source
This commit is contained in:
Victor Santos
2025-11-24 19:59:00 -03:00
parent 8722f657c9
commit 95fdff7747
48 changed files with 21 additions and 1622 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
.env.example
View File

@@ -31,25 +31,14 @@ SMTP_FROM_NAME=
SMTP_USERNAME=
SMTP_PASSWORD=
# Integration
# Optional only if integration is used
CLIENT_ID_HEROKU=
CLIENT_ID_VERCEL=
CLIENT_ID_NETLIFY=
# CICD Integration
CLIENT_ID_GITHUB=
CLIENT_ID_GITHUB_APP=
CLIENT_SLUG_GITHUB_APP=
CLIENT_ID_GITLAB=
CLIENT_ID_BITBUCKET=
CLIENT_SECRET_HEROKU=
CLIENT_SECRET_VERCEL=
CLIENT_SECRET_NETLIFY=
CLIENT_SECRET_GITHUB=
CLIENT_SECRET_GITHUB_APP=
CLIENT_ID_GITLAB=
CLIENT_SECRET_GITLAB=
CLIENT_SECRET_BITBUCKET=
CLIENT_SLUG_VERCEL=
CLIENT_PRIVATE_KEY_GITHUB_APP=
CLIENT_APP_ID_GITHUB_APP=

8
company/documentation/getting-started/introduction.mdx
View File

@@ -95,12 +95,4 @@ Depending on your use case, it might be helpful to look into some of the resourc
>
Fetch secrets via HTTP request.
</Card>
<Card
href="/integrations/overview"
title="Native Integrations"
icon="clouds"
color="#000000"
>
Explore integrations for GitHub, Vercel, AWS, and more.
</Card>
</CardGroup>

16
docker-swarm/.env-example
View File

@@ -25,22 +25,6 @@ SMTP_FROM_NAME=
SMTP_USERNAME=
SMTP_PASSWORD=
# Integration
# Optional only if integration is used
CLIENT_ID_HEROKU=
CLIENT_ID_VERCEL=
CLIENT_ID_NETLIFY=
CLIENT_ID_GITHUB=
CLIENT_ID_GITLAB=
CLIENT_ID_BITBUCKET=
CLIENT_SECRET_HEROKU=
CLIENT_SECRET_VERCEL=
CLIENT_SECRET_NETLIFY=
CLIENT_SECRET_GITHUB=
CLIENT_SECRET_GITLAB=
CLIENT_SECRET_BITBUCKET=
CLIENT_SLUG_VERCEL=
# Sentry (optional) for monitoring errors
SENTRY_DSN=

90
docs/api-reference/overview/examples/integration.mdx
View File

@@ -1,90 +0,0 @@
---
title: "Configure native integrations via API"
description: "How to use Infisical API to sync secrets to external secret managers"
---
The Infisical API allows you to create programmatic integrations that connect with third-party secret managers to synchronize secrets from Infisical.
This guide will primarily demonstrate the process using AWS Secret Store Manager (AWS SSM), but the steps are generally applicable to other secret management integrations.
<Info>
For details on setting up AWS SSM synchronization and understanding its prerequisites, refer to the [AWS SSM integration setup documentation](../../../integrations/cloud/aws-secret-manager).
</Info>
<Steps>
<Step title="Authenticate with AWS SSM">
Authentication is required for all integrations. Use the [Integration Auth API](../../endpoints/integrations/create-auth) with the following parameters to authenticate.
<ParamField body="integration" type="string" initialValue="aws-secret-manager" required>
Set this parameter to **aws-secret-manager**.
</ParamField>
<ParamField body="workspaceId" type="string" required>
The Infisical project ID for the integration.
</ParamField>
<ParamField body="accessId" type="string" required>
The AWS IAM User Access ID.
</ParamField>
<ParamField body="accessToken" type="string" required>
The AWS IAM User Access Secret Key.
</ParamField>
```bash Request
curl --request POST \
--url https://app.infisical.com/api/v1/integration-auth/access-token \
--header 'Authorization: <authorization>' \
--header 'Content-Type: application/json' \
--data '{
"workspaceId": "<workspaceid>",
"integration": "aws-secret-manager",
"accessId": "<aws iam user access id>",
"accessToken": "<aws iam user access secret key>"
}'
```
</Step>
<Step title="Configure the Synchronization Setup">
Once authentication between AWS SSM and Infisical is established, you can configure the synchronization behavior.
This involves specifying the source (environment and secret path in Infisical) and the destination in SSM to which the secrets will be synchronized.
Use the [integration API](../../endpoints/integrations/create) with the following parameters to configure the sync source and destination.
<ParamField body="integrationAuthId" type="string" required>
The ID of the integration authentication object used with AWS, obtained from the previous API response.
</ParamField>
<ParamField body="isActive" type="boolean">
Indicates whether the integration should be active or inactive.
</ParamField>
<ParamField body="app" type="string" required>
The secret name for saving in AWS SSM, which can be arbitrarily chosen.
</ParamField>
<ParamField body="region" type="string" required>
The AWS region where the SSM is located, e.g., `us-east-1`.
</ParamField>
<ParamField body="sourceEnvironment" type="string" required>
The Infisical environment slug from which secrets will be synchronized, e.g., `dev`.
</ParamField>
<ParamField body="secretPath" type="string" required>
The Infisical folder path from which secrets will be synchronized, e.g., `/some/path`. The root path is `/`.
</ParamField>
```bash Request
curl --request POST \
--url https://app.infisical.com/api/v1/integration \
--header 'Authorization: <authorization>' \
--header 'Content-Type: application/json' \
--data '{
"integrationAuthId": "<integrationauthid>",
"sourceEnvironment": "<sourceenvironment>",
"secretPath": "<secret-path, default is '/' >",
"app": "<app>",
"region": "<aws-ssm-region>"
}'
```
</Step>
</Steps>
<Check>
Congratulations! You have successfully set up an integration to synchronize secrets from Infisical with AWS SSM.
For more information, [view the integration API reference](../../endpoints/integrations).
</Check>

84
docs/docs.json
View File

@@ -568,71 +568,15 @@
}
]
},
{
"group": "Native Integrations",
"pages": [
{
"group": "AWS",
"pages": [
"integrations/cloud/aws-parameter-store",
"integrations/cloud/aws-secret-manager",
"integrations/cloud/aws-amplify"
]
},
"integrations/cloud/vercel",
"integrations/cloud/azure-key-vault",
"integrations/cloud/azure-app-configuration",
"integrations/cloud/azure-devops",
"integrations/cloud/gcp-secret-manager",
{
"group": "Cloudflare",
"pages": [
"integrations/cloud/cloudflare-pages",
"integrations/cloud/cloudflare-workers"
]
},
"integrations/cloud/terraform-cloud",
"integrations/cloud/databricks",
{
"group": "View more",
"pages": [
"integrations/cloud/digital-ocean-app-platform",
"integrations/cloud/heroku",
"integrations/cloud/netlify",
"integrations/cloud/flyio",
"integrations/cloud/railway",
"integrations/cloud/render",
"integrations/cloud/laravel-forge",
"integrations/cloud/supabase",
"integrations/cloud/northflank",
"integrations/cloud/hasura-cloud",
"integrations/cloud/qovery",
"integrations/cloud/hashicorp-vault",
"integrations/cloud/cloud-66",
"integrations/cloud/windmill"
]
}
]
},
{
"group": "CI/CD Integrations",
"pages": [
"integrations/cicd/jenkins",
"integrations/cicd/aws-amplify",
"integrations/cicd/bitbucket",
"integrations/cicd/checkly",
"integrations/cicd/githubactions",
"integrations/cicd/gitlab",
"integrations/cicd/bitbucket",
"integrations/cloud/teamcity",
{
"group": "View more",
"pages": [
"integrations/cicd/circleci",
"integrations/cicd/travisci",
"integrations/cicd/rundeck",
"integrations/cicd/codefresh",
"integrations/cloud/checkly",
"integrations/cicd/octopus-deploy"
]
}
"integrations/cicd/jenkins"
]
},
{
@@ -884,11 +828,7 @@
"group": "Overview",
"pages": [
"api-reference/overview/introduction",
"api-reference/overview/authentication",
{
"group": "Examples",
"pages": ["api-reference/overview/examples/integration"]
}
"api-reference/overview/authentication"
]
},
{
@@ -2490,20 +2430,6 @@
]
}
]
},
{
"group": "Integrations",
"pages": [
"api-reference/endpoints/integrations/create-auth",
"api-reference/endpoints/integrations/list-auth",
"api-reference/endpoints/integrations/find-auth",
"api-reference/endpoints/integrations/delete-auth",
"api-reference/endpoints/integrations/delete-auth-by-id",
"api-reference/endpoints/integrations/create",
"api-reference/endpoints/integrations/update",
"api-reference/endpoints/integrations/delete",
"api-reference/endpoints/integrations/list-project-integrations"
]
}
]
},

29
docs/documentation/guides/nextjs-vercel.mdx
View File

@@ -183,32 +183,7 @@ At this stage, you know how to use the Infisical CLI to inject secrets into your
## Infisical-Vercel integration for production environment variables
We'll now use the Infisical-Vercel integration send secrets from Infisical to Vercel as production environment variables.
### Infisical-Vercel integration
To begin we have to import the Next.js app into Vercel as a project. [Follow these instructions](https://vercel.com/docs/frameworks/nextjs) to deploy the Next.js app to Vercel.
Next, navigate to your project's integrations tab in Infisical and press on the Vercel tile to grant Infisical access to your Vercel account.
![integrations](../../images/integrations.png)
![integrations vercel authorization](../../images/integrations/vercel/integrations-vercel-auth.png)
<Note>
Opting in for the Infisical-Vercel integration will break end-to-end encryption since Infisical will be able to read
your secrets. This is, however, necessary for Infisical to sync the secrets to Vercel.
Your secrets remain encrypted at rest following our [security guide mechanics](/internals/security).
</Note>
Now select **Production** for (the source) **Environment** and sync it to the **Production Environment** of the (target) application in Vercel.
Lastly, press create integration to start syncing secrets to Vercel.
![integrations vercel](../../images/integrations/vercel/integrations-vercel-create.png)
![integrations vercel](../../images/integrations/vercel/integrations-vercel.png)
You should now see your secret from Infisical appear as production environment variables in your Vercel project.
Use our [Vercel Secret Syncs](../../integrations/secret-syncs/vercel) guide to sync secrets from Infisical to Vercel as production environment variables.
At this stage, you know how to use the Infisical-Vercel integration to sync production secrets from Infisical to Vercel.
@@ -245,4 +220,4 @@ At this stage, you know how to use the Infisical-Vercel integration to sync prod
See also:
- [Documentation for the Infisical CLI](/cli/overview)
- [Documentation for the Vercel integration](/integrations/cloud/vercel)
- [Documentation for the Vercel Secret Sync](../../integrations/secret-syncs/vercel)

12
docs/documentation/platform/integrations.mdx
View File

@@ -1,12 +0,0 @@
---
title: "Integrations"
description: "How to sync your secrets among various 3rd-party services with Infisical."
---
Integrations allow environment variables to be synced across your entire infrastructure from local development to CI/CD and production.
<Card title="View integrations" icon="link" href="/integrations/overview">
View all available integrations and their guides
</Card>
![integrations](../../images/integrations.png)

2
docs/integrations/app-connections/gitlab.mdx
View File

@@ -12,6 +12,8 @@ Infisical supports two methods for connecting to GitLab: **OAuth** and **Access
<Accordion title="Self-Hosted Instance Setup">
Using the GitLab Connection with OAuth on a self-hosted instance of Infisical requires configuring an OAuth application in GitLab and registering your instance with it.
<Tip>If you're self-hosting Gitlab with custom certificates, you will have to configure your Infisical instance to trust these certificates. To learn how, please follow [this guide](../../self-hosting/guides/custom-certificates).</Tip>
**Prerequisites:**
- A GitLab account with existing projects
- Self-hosted Infisical instance

4
docs/integrations/app-connections/overview.mdx
View File

@@ -75,10 +75,6 @@ to limit the access of this entity to the minimal permission set required to per
4. <strong>Utilize the Connection:</strong> Use your App Connection for various features across Infisical such as our Secrets Sync by selecting it via the dropdown menu
in the UI or by passing the associated `connectionId` when generating resources via the API.
<Note>
Infisical is continuously expanding its third-party application support. If your desired application isn't listed,
you can still use previous methods of connecting to it such as our Native Integrations.
</Note>
## Platform Managed Credentials

2
docs/integrations/cloud/aws-amplify.mdx → docs/integrations/cicd/aws-amplify.mdx
View File

@@ -108,7 +108,7 @@ This approach enables you to fetch secrets from Infisical during Amplify build t
<Steps>
<Step title="Follow the AWS SSM Parameter Store Integration guide">
Follow the [Infisical AWS SSM Parameter Store Integration Guide](./aws-parameter-store) to set up the integration. Pause once you reach the step where it asks you to select the path you would like to sync.
Follow the [Infisical AWS SSM Parameter Store Secret Syncs Guide](../secret-syncs/aws-parameter-store) to set up the integration. Pause once you reach the step where it asks you to select the path you would like to sync.
</Step>
<Step title="Find your Amplify App ID">
![amplify app id](../../images/integrations/aws/integrations-amplify-app-id.png)

24
docs/integrations/cicd/bitbucket.mdx
View File

@@ -12,29 +12,7 @@ Prerequisites:
<AccordionGroup>
<Accordion title="Push secrets to Bitbucket from Infisical">
<Steps>
<Step title="Authorize Infisical for Bitbucket">
Navigate to your project's integrations tab in Infisical.
![integrations](/images/integrations.png)
Press on the Bitbucket tile and grant Infisical access to your Bitbucket account.
![integrations bitbucket authorization](/images/integrations/bitbucket/integrations-bitbucket.png)
</Step>
<Step title='Configure integration'>
Select which workspace, repository, and optionally, deployment environment, you'd like to sync your secrets
to.
![integrations configure
bitbucket](/images/integrations/bitbucket/integrations-bitbucket-configuration.png)
Once created, your integration will begin syncing secrets to the configured repository or deployment
environment.
![integrations bitbucket](/images/integrations/bitbucket/integrations-bitbucket.png)
</Step>
</Steps>
Use our [Bitbucket Secret Syncs](../secret-syncs/bitbucket)
</Accordion>
<Accordion title="Pull secrets in Bitbucket pipelines from Infisical">
<Steps>

0
docs/integrations/cloud/checkly.mdx → docs/integrations/cicd/checkly.mdx
View File

40
docs/integrations/cicd/circleci.mdx
View File

@@ -1,40 +0,0 @@
---
title: "CircleCI"
description: "How to sync secrets from Infisical to CircleCI"
---
Prerequisites:
- Set up and add envars to [Infisical Cloud](https://app.infisical.com)
<Steps>
<Step title="Authorize Infisical for CircleCI">
Obtain an API token in User Settings > Personal API Tokens
![integrations circleci token](/images/integrations/circleci/integrations-circleci-token.png)
Navigate to your project's integrations tab in Infisical.
![integrations](/images/integrations.png)
Press on the CircleCI tile and input your CircleCI API token to grant Infisical access to your CircleCI account.
![integrations circleci authorization](/images/integrations/circleci/integrations-circleci-auth.png)
</Step>
<Step title="Start integration">
Select which Infisical environment secrets you want to sync to which CircleCI project or context.
<Tabs>
<Tab title="Project">
![integrations circle ci project](/images/integrations/circleci/integrations-circleci-create-project.png)
</Tab>
<Tab title="Context">
![integrations circle ci project](/images/integrations/circleci/integrations-circleci-create-context.png)
</Tab>
</Tabs>
Finally, press create integration to start syncing secrets to CircleCI.
![integrations circleci](/images/integrations/circleci/integrations-circleci.png)
</Step>
</Steps>

32
docs/integrations/cicd/codefresh.mdx
View File

@@ -1,32 +0,0 @@
---
title: "Codefresh"
description: "How to sync secrets from Infisical to Codefresh"
---
Prerequisites:
- Set up and add envars to [Infisical Cloud](https://app.infisical.com)
<Steps>
<Step title="Authorize Infisical for Codefresh">
Obtain an API key in User Settings > API Keys
![integrations codefresh dashboard](../../images/integrations/codefresh/integrations-codefresh-dashboard.png)
![integrations codefresh token](../../images/integrations/codefresh/integrations-codefresh-token.png)
Navigate to your project's integrations tab in Infisical.
![integrations](../../images/integrations.png)
Press on the Codefresh tile and input your Codefresh API key to grant Infisical access to your Codefresh account.
![integrations codefresh authorization](../../images/integrations/codefresh/integrations-codefresh-auth.png)
</Step>
<Step title="Start integration">
Select which Infisical environment secrets you want to sync to which Codefresh service and press create integration to start syncing secrets to Codefresh.
![create integration codefresh](../../images/integrations/codefresh/integrations-codefresh-create.png)
![integrations codefresh](../../images/integrations/codefresh/integrations-codefresh.png)
</Step>
</Steps>

204
docs/integrations/cicd/githubactions.mdx
View File

@@ -4,204 +4,6 @@ description: "How to sync secrets from Infisical to GitHub Actions"
---
<Note>
Alternatively, you can use Infisical's official GitHub Action
[here](https://github.com/Infisical/secrets-action).
</Note>
Infisical lets you sync secrets to GitHub at the organization-level, repository-level, and repository environment-level.
## Connecting with GitHub App (Recommended)
<Tabs>
<Tab title="Usage">
<Steps>
<Step title="Authorize GitHub Infisical App">
Navigate to your project's integrations tab in Infisical and press on the GitHub tile.
![integrations](../../images/integrations/github/app/integration-overview.png)
Select GitHub App as the authentication method and click **Connect to GitHub**.
![integrations github app auth selection](../../images/integrations/github/app/github-app-method-selection.png)
You will then be redirected to the GitHub app installation page.
![integrations github app installation](../../images/integrations/github/app/github-app-installation.png)
Install and authorize the GitHub application. This will redirect you back to the Infisical integration page.
</Step>
<Step title="Configure Infisical GitHub integration">
Select which Infisical environment secrets you want to sync to which GitHub organization, repository, or repository environment.
<Tabs>
<Tab title="Repository">
![integrations github](../../images/integrations/github/integrations-github-scope-repo.png)
</Tab>
<Tab title="Organization">
![integrations github](../../images/integrations/github/integrations-github-scope-org.png)
When using the organization scope, your secrets will be saved in the top-level of your GitHub Organization.
You can choose the visibility, which defines which repositories can access the secrets. The options are:
- **All public repositories**: All public repositories in the organization can access the secrets.
- **All private repositories**: All private repositories in the organization can access the secrets.
- **Selected repositories**: Only the selected repositories can access the secrets. This gives a more fine-grained control over which repositories can access the secrets. You can select _both_ private and public repositories with this option.
</Tab>
<Tab title="Repository Environment">
![integrations github](../../images/integrations/github/integrations-github-scope-env.png)
</Tab>
</Tabs>
Finally, press create integration to start syncing secrets to GitHub.
![integrations github](../../images/integrations/github/integrations-github.png)
</Step>
</Steps>
</Tab>
<Tab title="Self-Hosted Setup">
Using the GitHub integration with app authentication on a self-hosted instance of Infisical requires configuring an application on GitHub
and registering your instance with it.
<Steps>
<Step title="Create an application on GitHub">
Navigate to the GitHub app settings [here](https://github.com/settings/apps). Click **New GitHub App**.
![integrations github app create](../../images/integrations/github/app/self-hosted-github-app-create.png)
Give the application a name, a homepage URL (your self-hosted domain i.e. `https://your-domain.com`), and a callback URL (i.e. `https://your-domain.com/integrations/github/oauth2/callback`).
![integrations github app basic details](../../images/integrations/github/app/self-hosted-github-app-basic-details.png)
Enable request user authorization during app installation.
![integrations github app enable auth](../../images/integrations/github/app/self-hosted-github-app-enable-oauth.png)
Disable webhook by unchecking the Active checkbox.
![integrations github app webhook](../../images/integrations/github/app/self-hosted-github-app-webhook.png)
Set the repository permissions as follows: Metadata: Read-only, Secrets: Read and write, Environments: Read and write, Actions: Read.
![integrations github app repository](../../images/integrations/github/app/self-hosted-github-app-repository.png)
Similarly, set the organization permissions as follows: Secrets: Read and write.
![integrations github app organization](../../images/integrations/github/app/self-hosted-github-app-organization.png)
Create the Github application.
![integrations github app create confirm](../../images/integrations/github/app/self-hosted-github-app-create-confirm.png)
<Note>
If you have a GitHub organization, you can create an application under it
in your organization Settings > Developer settings > GitHub Apps > New GitHub App.
</Note>
</Step>
<Step title="Add your application credentials to Infisical">
Generate a new **Client Secret** for your GitHub application.
![integrations github app create secret](../../images/integrations/github/app/self-hosted-github-app-secret.png)
Generate a new **Private Key** for your Github application.
![integrations github app create private key](../../images/integrations/github/app/self-hosted-github-app-private-key.png)
Obtain the necessary Github application credentials. This would be the application slug, client ID, app ID, client secret, and private key.
![integrations github app credentials](../../images/integrations/github/app/self-hosted-github-app-credentials.png)
Back in your Infisical instance, add the five new environment variables for the credentials of your GitHub application:
- `CLIENT_ID_GITHUB_APP`: The **Client ID** of your GitHub application.
- `CLIENT_SECRET_GITHUB_APP`: The **Client Secret** of your GitHub application.
- `CLIENT_SLUG_GITHUB_APP`: The **Slug** of your GitHub application. This is the one found in the URL.
- `CLIENT_APP_ID_GITHUB_APP`: The **App ID** of your GitHub application.
- `CLIENT_PRIVATE_KEY_GITHUB_APP`: The **Private Key** of your GitHub application.
Once added, restart your Infisical instance and use the GitHub integration via app authentication.
</Step>
</Steps>
</Tab>
</Tabs>
## Connecting with GitHub OAuth
Prerequisites:
- Set up and add envars to [Infisical Cloud](https://app.infisical.com)
- Ensure that you have admin privileges to the repository you want to sync secrets to.
<Tabs>
<Tab title="Usage">
<Steps>
<Step title="Authorize Infisical for GitHub">
Navigate to your project's integrations tab in Infisical and press on the GitHub tile.
![integrations](../../images/integrations/github/integration-overview.png)
Select OAuth as the authentication method and click **Connect to GitHub**.
![integrations github oauth auth selection](../../images/integrations/github/github-oauth-method-selection.png)
Grant Infisical access to your GitHub account (organization and repo privileges).
![integrations github authorization](../../images/integrations/github/integrations-github-auth.png)
</Step>
<Step title="Configure Infisical GitHub integration">
Select which Infisical environment secrets you want to sync to which GitHub organization, repository, or repository environment.
<Tabs>
<Tab title="Repository">
![integrations github](../../images/integrations/github/integrations-github-scope-repo.png)
</Tab>
<Tab title="Organization">
![integrations github](../../images/integrations/github/integrations-github-scope-org.png)
When using the organization scope, your secrets will be saved in the top-level of your GitHub Organization.
You can choose the visibility, which defines which repositories can access the secrets. The options are:
- **All public repositories**: All public repositories in the organization can access the secrets.
- **All private repositories**: All private repositories in the organization can access the secrets.
- **Selected repositories**: Only the selected repositories can access the secrets. This gives a more fine-grained control over which repositories can access the secrets. You can select _both_ private and public repositories with this option.
</Tab>
<Tab title="Repository Environment">
![integrations github](../../images/integrations/github/integrations-github-scope-env.png)
</Tab>
</Tabs>
Finally, press create integration to start syncing secrets to GitHub.
![integrations github](../../images/integrations/github/integrations-github.png)
</Step>
</Steps>
</Tab>
<Tab title="Self-Hosted Setup">
Using the GitHub integration on a self-hosted instance of Infisical requires configuring an OAuth application in GitHub
and registering your instance with it.
<Steps>
<Step title="Create an OAuth application in GitHub">
Navigate to your user Settings > Developer settings > OAuth Apps to create a new GitHub OAuth application.
![integrations github config](../../images/integrations/github/integrations-github-config-settings.png)
![integrations github config](../../images/integrations/github/integrations-github-config-dev-settings.png)
![integrations github config](../../images/integrations/github/integrations-github-config-new-app.png)
Create the OAuth application. As part of the form, set the **Homepage URL** to your self-hosted domain `https://your-domain.com`
and the **Authorization callback URL** to `https://your-domain.com/integrations/github/oauth2/callback`.
![integrations github config](../../images/integrations/github/integrations-github-config-new-app-form.png)
<Note>
If you have a GitHub organization, you can create an OAuth application under it
in your organization Settings > Developer settings > OAuth Apps > New Org OAuth App.
</Note>
</Step>
<Step title="Add your OAuth application credentials to Infisical">
Obtain the **Client ID** and generate a new **Client Secret** for your GitHub OAuth application.
![integrations github config](../../images/integrations/github/integrations-github-config-credentials.png)
Back in your Infisical instance, add two new environment variables for the credentials of your GitHub OAuth application:
- `CLIENT_ID_GITHUB`: The **Client ID** of your GitHub OAuth application.
- `CLIENT_SECRET_GITHUB`: The **Client Secret** of your GitHub OAuth application.
Once added, restart your Infisical instance and use the GitHub integration.
</Step>
</Steps>
</Tab>
</Tabs>
Use our [GitHub Secret Syncs](../secret-syncs/github) to sync secrets to GitHub at the organization-level, repository-level, and repository environment-level.
Alternatively, you can use Infisical's official GitHub Action [here](https://github.com/Infisical/secrets-action).
</Note>

74
docs/integrations/cicd/gitlab.mdx
View File

@@ -3,41 +3,13 @@ title: "GitLab"
description: "How to sync secrets from Infisical to GitLab"
---
<Tabs>
<Tab title="Usage">
Prerequisites:
- Set up and add envars to [Infisical Cloud](https://app.infisical.com)
- Set up and add envars to [Infisical Cloud](https://app.infisical.com).
<AccordionGroup>
<Accordion title="Standard">
<Steps>
<Step title="Authorize Infisical for GitLab">
Navigate to your project's integrations tab in Infisical.
![integrations](../../images/integrations.png)
Press on the GitLab tile and grant Infisical access to your GitLab account.
![integrations gitlab authorization](../../images/integrations/gitlab/integrations-gitlab-auth.png)
</Step>
<Step title="Start integration">
Select which Infisical environment secrets you want to sync to which GitLab repository and press create integration to start syncing secrets to GitLab.
![integrations gitlab](../../images/integrations/gitlab/integrations-gitlab-create.png)
Note that the GitLab integration supports a few options in the **Options** tab:
- Secret Prefix: If inputted, the prefix is appended to the front of every secret name prior to being synced.
- Secret Suffix: If inputted, the suffix to appended to the back of every name of every secret prior to being synced.
Setting a secret prefix or suffix ensures that existing secrets in GitLab are not overwritten during the sync. As part of this process, Infisical abstains from mutating any secrets in GitLab without the specified prefix or suffix.
![integrations gitlab options](../../images/integrations/gitlab/integrations-gitlab-create-options.png)
![integrations gitlab](../../images/integrations/gitlab/integrations-gitlab.png)
</Step>
</Steps>
Use our [GitLab Secret Syncs](../secret-syncs/gitlab)
</Accordion>
<Accordion title="Pipeline">
<Steps>
@@ -70,42 +42,4 @@ description: "How to sync secrets from Infisical to GitLab"
</Step>
</Steps>
</Accordion>
</AccordionGroup>
</Tab>
<Tab title="Self-Hosted Setup">
Using the GitLab integration on a self-hosted instance of Infisical requires configuring an application in GitLab
and registering your instance with it.
<Tip>If you're self-hosting Gitlab with custom certificates, you will have to configure your Infisical instance to trust these certificates. To learn how, please follow [this guide](../../self-hosting/guides/custom-certificates).</Tip>
<Steps>
<Step title="Create an OAuth application in GitLab">
Navigate to your user Settings > Applications to create a new GitLab application.
![integrations gitlab config](../../images/integrations/gitlab/integrations-gitlab-config-edit-profile.png)
![integrations gitlab config](../../images/integrations/gitlab/integrations-gitlab-config-new-app.png)
Create the application. As part of the form, set the **Redirect URI** to `https://your-domain.com/integrations/gitlab/oauth2/callback`.
![integrations gitlab config](../../images/integrations/gitlab/integrations-gitlab-config-new-app-form.png)
<Note>
If you have a GitLab group, you can create an OAuth application under it
in your group Settings > Applications.
</Note>
</Step>
<Step title="Add your OAuth application credentials to Infisical">
Obtain the **Application ID** and **Secret** for your GitLab application.
![integrations gitlab config](../../images/integrations/gitlab/integrations-gitlab-config-credentials.png)
Back in your Infisical instance, add two new environment variables for the credentials of your GitLab application:
- `CLIENT_ID_GITLAB`: The **Client ID** of your GitLab application.
- `CLIENT_SECRET_GITLAB`: The **Secret** of your GitLab application.
Once added, restart your Infisical instance and use the GitLab integration.
</Step>
</Steps>
</Tab>
</Tabs>
</AccordionGroup>

76
docs/integrations/cicd/octopus-deploy.mdx
View File

@@ -1,76 +0,0 @@
---
title: "Octopus Deploy"
description: "Learn how to sync secrets from Infisical to Octopus Deploy"
---
Prerequisites:
- Set up and add secrets to [Infisical Cloud](https://app.infisical.com)
<Steps>
<Step title="Create a Service Account for Infisical in Octopus Deploy">
Navigate to **Configuration** > **Users** and click on the **Create Service Account** button.
![integrations octopus deploy
users](/images/integrations/octopus-deploy/integrations-octopus-deploy-user-settings.png)
Fill out the required fields and click on the **Save** button.
![integrations octopus deploy service
account](/images/integrations/octopus-deploy/integrations-octopus-deploy-create-service-account.png)
</Step>
<Step title="Generate an API Key for your Service Account">
On the **Service Account** user page, expand the **API Keys** section and click on the **New API Key** button.
![integrations octopus deploy
new api key](/images/integrations/octopus-deploy/integrations-octopus-deploy-create-api-key.png)
Fill out the required fields and click on the **Generate New** button.
![integrations octopus deploy
generate api key](/images/integrations/octopus-deploy/integrations-octopus-deploy-generate-api-key.png)
<Note>If you configure your access token to expire,
you will need to generate a new API key for Infisical prior to this date to keep your integration running.</Note>
Copy the generated **API Key** and click on the **Close** button.
![integrations octopus deploy
copy api key](/images/integrations/octopus-deploy/integrations-octopus-deploy-copy-api-key.png)
</Step>
<Step title="Create a Service Accounts Team and assign your Service Account">
<Note>You can skip creating a new team if you already have an Octopus Deploy team configured with
the **Project Contributor** role to assign your Service Account to.</Note>
Navigate to **Configuration** > **Teams** and click on the **Add Team** button.
![integrations octopus deploy
teams](/images/integrations/octopus-deploy/integrations-octopus-deploy-team-settings.png)
Create a new team for **Service Accounts** and click on the **Save** button.
![integrations octopus deploy add
team](/images/integrations/octopus-deploy/integrations-octopus-deploy-create-team.png)
On the **Members** tab, click on the **Add Member** button, add your **Infisical Service Account** and click on the **Add** button.
![integrations octopus deploy add service account to team](/images/integrations/octopus-deploy/integrations-octopus-deploy-add-to-team.png)
On the **User Roles** tab, click on the **Include User Role** button, and add the **Project Contributor** role. Optionally,
click on the **Define Scope** button to further refine what projects your Service Account has access to. Click on the **Apply** button once complete.
![integrations octopus deploy add user roles to team](/images/integrations/octopus-deploy/integrations-octopus-deploy-add-role.png)
Save your team changes by clicking on the **Save** button.
![integrations octopus deploy save team changes](/images/integrations/octopus-deploy/integrations-octopus-deploy-save-team.png)
</Step>
<Step title="Setup Integration">
In Infisical, navigate to your **Project** > **Integrations** page and select the **Octopus Deploy** integration.
![integration octopus deploy](/images/integrations/octopus-deploy/integrations-octopus-deploy-integrations.png)
Enter your **Instance URL** and **API Key** from **Octopus Deploy** to authorize Infisical.
![integration octopus deploy](/images/integrations/octopus-deploy/integrations-octopus-deploy-authorize.png)
Select a **Space** and **Project** from **Octopus Deploy** to sync secrets to; configuring additional **Scope Values** as needed. Click on the **Create Integration** button once configured.
![integration octopus deploy](/images/integrations/octopus-deploy/integrations-octopus-deploy-create.png)
Your Infisical secrets will begin to sync to **Octopus Deploy**.
![integration octopus deploy](/images/integrations/octopus-deploy/integrations-octopus-deploy-sync.png)
</Step>
</Steps>

32
docs/integrations/cicd/rundeck.mdx
View File

@@ -1,32 +0,0 @@
---
title: "Rundeck"
description: "How to sync secrets from Infisical to Rundeck"
---
Prerequisites:
- Set up and add envars to [Infisical Cloud](https://app.infisical.com)
<Steps>
<Step title="Authorize Infisical for Rundeck">
Obtain a User API Token in the Profile settings of Rundeck
![integrations rundeck token](../../images/integrations/rundeck/integrations-rundeck-token.png)
Navigate to your project's integrations tab in Infisical.
![integrations](../../images/integrations.png)
Press on the Rundeck tile and input your Rundeck instance Base URL and User API token to grant Infisical access to manage Rundeck keys
![integrations rundeck authorization](../../images/integrations/rundeck/integrations-rundeck-auth.png)
</Step>
<Step title="Start integration">
Select which Infisical environment secrets you want to sync to a Rundeck Key Storage Path and press create integration to start syncing secrets to Rundeck.
![create integration rundeck](../../images/integrations/rundeck/integrations-rundeck-create.png)
![integrations rundeck](../../images/integrations/rundeck/integrations-rundeck.png)
</Step>
</Steps>

0
docs/integrations/cloud/teamcity.mdx → docs/integrations/cicd/teamcity.mdx
View File

31
docs/integrations/cicd/travisci.mdx
View File

@@ -1,31 +0,0 @@
---
title: "Travis CI"
description: "How to sync secrets from Infisical to Travis CI"
---
Prerequisites:
- Set up and add envars to [Infisical Cloud](https://app.infisical.com)
<Steps>
<Step title="Authorize Infisical for Travis CI">
Obtain your API token in User Settings > API authentication > Token
![integrations travis ci token](../../images/integrations/travis-ci/integrations-travisci-token.png)
Navigate to your project's integrations tab in Infisical.
![integrations](../../images/integrations.png)
Press on the Travis CI tile and input your Travis CI API token to grant Infisical access to your Travis CI account.
![integrations travis ci authorization](../../images/integrations/travis-ci/integrations-travisci-auth.png)
</Step>
<Step title="Start integration">
Select which Infisical environment secrets you want to sync to which Travis CI repository and press create integration to start syncing secrets to Travis CI.
![create integration travis ci](../../images/integrations/travis-ci/integrations-travisci-create.png)
![integrations travis ci](../../images/integrations/travis-ci/integrations-travisci.png)
</Step>
</Steps>

8
docs/integrations/cloud/aws-parameter-store.mdx
View File

@@ -1,8 +0,0 @@
---
title: "AWS Parameter Store"
description: "Learn how to sync secrets from Infisical to AWS Parameter Store."
---
<Note>
The AWS Parameter Store Native Integration will be deprecated in 2026. Please migrate to our new [AWS Parameter Store Sync](../secret-syncs/aws-parameter-store).
</Note>

8
docs/integrations/cloud/aws-secret-manager.mdx
View File

@@ -1,8 +0,0 @@
---
title: "AWS Secrets Manager"
description: "Learn how to sync secrets from Infisical to AWS Secrets Manager."
---
<Note>
The AWS Secrets Manager Native Integration will be deprecated in 2026. Please migrate to our new [AWS Secrets Manager Sync](../secret-syncs/aws-secrets-manager).
</Note>

8
docs/integrations/cloud/azure-app-configuration.mdx
View File

@@ -1,8 +0,0 @@
---
title: "Azure App Configuration"
description: "How to sync secrets from Infisical to Azure App Configuration"
---
<Note>
The Azure App Configuration Native Integration will be deprecated in 2026. Please migrate to our new [Azure App Configuration Sync](../secret-syncs/azure-app-configuration).
</Note>

55
docs/integrations/cloud/azure-devops.mdx
View File

@@ -1,55 +0,0 @@
---
title: "Azure DevOps"
description: "How to sync secrets from Infisical to Azure DevOps"
---
### Usage
Prerequisites:
- Set up and add envars to [Infisical Cloud](https://app.infisical.com).
- Create a new [Azure DevOps](https://dev.azure.com) project if you don't have one already.
#### Create a new Azure DevOps personal access token (PAT)
You'll need to create a new personal access token (PAT) in order to authenticate Infisical with Azure DevOps.
<Steps>
<Step title="Navigate to Azure DevOps">
![integrations](../../images/integrations/azure-devops/overview-page.png)
</Step>
<Step title="Create a new token">
Make sure the newly created token has Read/Write access to the Release scope.
![integrations](../../images/integrations/azure-devops/create-new-token.png)
<Note>
Please make sure that the token has access to the following scopes: Variable Groups _(read, create, & manage)_, Release _(read/write)_, Project and Team _(read)_, Service Connections _(read & query)_
</Note>
</Step>
<Step title="Copy the new access token">
Copy the newly created token as this will be used to authenticate Infisical with Azure DevOps.
![integrations](../../images/integrations/azure-devops/new-token-created.png)
</Step>
</Steps>
#### Setup the Infisical Azure DevOps integration
Navigate to your project's integrations tab and select the 'Azure DevOps' integration.
![integrations](../../images/integrations.png)
<Steps>
<Step title="Authorize Infisical for Azure DevOps">
Enter your credentials that you obtained from the previous step.
1. Azure DevOps API token is the personal access token (PAT) you created in the previous step.
2. Azure DevOps organization name is the name of your Azure DevOps organization.
![integrations](../../images/integrations/azure-devops/new-infiscial-integration-step-1.png)
</Step>
<Step title="Configure the integration">
Select Infisical project and secret path you want to sync into Azure DevOps.
Finally, press create integration to start syncing secrets to Azure DevOps.
![integrations](../../images/integrations/azure-devops/new-infiscial-integration-step-2.png)
</Step>
</Steps>
Now you have successfully integrated Infisical with Azure DevOps. Your existing and future secret changes will automatically sync to Azure DevOps.
You can view your secrets by navigating to your Azure DevOps project and selecting the 'Library' tab under 'Pipelines' in the 'Library' section.

8
docs/integrations/cloud/azure-key-vault.mdx
View File

@@ -1,8 +0,0 @@
---
title: "Azure Key Vault"
description: "How to sync secrets from Infisical to Azure Key Vault"
---
<Note>
The Azure Key Vault Native Integration will be deprecated in 2026. Please migrate to our new [Azure Key Vault Sync](../secret-syncs/azure-key-vault).
</Note>

48
docs/integrations/cloud/cloud-66.mdx
View File

@@ -1,48 +0,0 @@
---
title: "Cloud 66"
description: "How to sync secrets from Infisical to Cloud 66"
---
Prerequisites:
- Set up and add envars to [Infisical Cloud](https://app.infisical.com)
## Navigate to your project's integrations tab
![integrations](../../images/integrations.png)
## Enter your Cloud 66 Access Token
In Cloud 66 Dashboard, click on the top right icon > Account Settings > Access Token
![integrations cloud 66 dashboard](../../images/integrations/cloud-66/integrations-cloud-66-dashboard.png)
![integrations cloud 66 access token](../../images/integrations/cloud-66/integrations-cloud-66-access-token.png)
Create new Personal Access Token.
![integrations cloud 66 personal access token](../../images/integrations/cloud-66/integrations-cloud-66-pat.png)
Name it **infisical** and check **Public** and **Admin**. Then click "Create Token"
![integrations cloud 66 personal access token setup](../../images/integrations/cloud-66/integrations-cloud-66-pat-setup.png)
Copy and save your token.
![integrations cloud 66 copy API token](../../images/integrations/cloud-66/integrations-cloud-66-copy-pat.png)
### Go to Infisical Integration Page
Click on the Cloud 66 tile and enter your API token to grant Infisical access to your Cloud 66 account.
![integrations cloud 66 tile in infisical dashboard](../../images/integrations/cloud-66/integrations-cloud-66-infisical-dashboard.png)
Enter your Cloud 66 Personal Access Token here. Then click "Connect to Cloud 66".
![integrations cloud 66 tile in infisical dashboard](../../images/integrations/cloud-66/integrations-cloud-66-paste-pat.png)
## Start integration
Select which Infisical environment secrets you want to sync to which Cloud 66 stacks and press create integration to start syncing secrets to Cloud 66.
![integrations laravel forge](../../images/integrations/cloud-66/integrations-cloud-66-create.png)
<Warning>
Any existing environment variables in Cloud 66 will be deleted when you start syncing. Make sure to add all the secrets into the Infisical dashboard first before doing any integrations.
</Warning>
Done!
![integrations laravel forge](../../images/integrations/cloud-66/integrations-cloud-66-done.png)

39
docs/integrations/cloud/cloudflare-pages.mdx
View File

@@ -1,39 +0,0 @@
---
title: "Cloudflare Pages"
description: "How to sync secrets from Infisical to Cloudflare Pages"
---
Prerequisites:
- Set up and add envars to [Infisical Cloud](https://app.infisical.com)
<Steps>
<Step title="Authorize Infisical for Cloudflare Pages">
Obtain a Cloudflare [API token](https://dash.cloudflare.com/profile/api-tokens) and [Account ID](https://developers.cloudflare.com/fundamentals/get-started/basic-tasks/find-account-and-zone-ids/):
Create a new [API token](https://dash.cloudflare.com/profile/api-tokens) in My Profile > API Tokens
![integrations cloudflare credentials 1](../../images/integrations/cloudflare/integrations-cloudflare-credentials-1.png)
![integrations cloudflare credentials 2](../../images/integrations/cloudflare/integrations-cloudflare-credentials-2.png)
![integrations cloudflare credentials 3](../../images/integrations/cloudflare/integrations-cloudflare-credentials-3.png)
Copy your [Account ID](https://developers.cloudflare.com/fundamentals/get-started/basic-tasks/find-account-and-zone-ids/) from Account > Workers & Pages > Overview
![integrations cloudflare credentials 4](../../images/integrations/cloudflare/integrations-cloudflare-credentials-4.png)
Navigate to your project's integrations tab in Infisical.
![integrations](../../images/integrations.png)
Press on the Cloudflare Pages tile and input your Cloudflare API token and account ID to grant Infisical access to your Cloudflare Pages.
![integrations cloudflare authorization](../../images/integrations/cloudflare/integrations-cloudflare-auth.png)
</Step>
<Step title="Start integration">
Select which Infisical environment secrets you want to sync to Cloudflare and press create integration to start syncing secrets.
![integrations cloudflare](../../images/integrations/cloudflare/integrations-cloudflare-create.png)
![integrations cloudflare](../../images/integrations/cloudflare/integrations-cloudflare.png)
</Step>
</Steps>

39
docs/integrations/cloud/cloudflare-workers.mdx
View File

@@ -1,39 +0,0 @@
---
title: "Cloudflare Workers"
description: "How to sync secrets from Infisical to Cloudflare Workers"
---
Prerequisites:
- Set up and add envars to [Infisical Cloud](https://app.infisical.com)
<Steps>
<Step title="Authorize Infisical for Cloudflare Workers">
Obtain a Cloudflare [API token](https://dash.cloudflare.com/profile/api-tokens) and [Account ID](https://developers.cloudflare.com/fundamentals/get-started/basic-tasks/find-account-and-zone-ids/):
Create a new [API token](https://dash.cloudflare.com/profile/api-tokens) in My Profile > API Tokens
![integrations cloudflare credentials 1](../../images/integrations/cloudflare/integrations-cloudflare-credentials-1.png)
![integrations cloudflare credentials 2](../../images/integrations/cloudflare/integrations-cloudflare-credentials-2.png)
![integrations cloudflare credentials 3](../../images/integrations/cloudflare/integrations-cloudflare-workers-permission.png)
Copy your [Account ID](https://developers.cloudflare.com/fundamentals/get-started/basic-tasks/find-account-and-zone-ids/) from Account > Workers & Pages > Overview
![integrations cloudflare credentials 4](../../images/integrations/cloudflare/integrations-cloudflare-credentials-4.png)
Navigate to your project's integrations tab in Infisical.
![integrations](../../images/integrations.png)
Press on the Cloudflare Workers tile and input your Cloudflare API token and account ID to grant Infisical access to your Cloudflare Workers.
![integrations cloudflare authorization](../../images/integrations/cloudflare/integration-cloudflare-workers-connect.png)
</Step>
<Step title="Start integration">
Select which Infisical environment secrets you want to sync to Cloudflare Workers and press create integration to start syncing secrets.
![integrations cloudflare](../../images/integrations/cloudflare/integration-cloudflare-workers-create.png)
</Step>
</Steps>

8
docs/integrations/cloud/databricks.mdx
View File

@@ -1,8 +0,0 @@
---
title: "Databricks"
description: "Learn how to sync secrets from Infisical to Databricks."
---
<Note>
The Databricks Native Integration will be deprecated in 2026. Please migrate to our new [Databricks Sync](../secret-syncs/databricks).
</Note>

32
docs/integrations/cloud/digital-ocean-app-platform.mdx
View File

@@ -1,32 +0,0 @@
---
title: "Digital Ocean App Platform"
description: "How to sync secrets from Infisical to Digital Ocean App Platform"
---
Prerequisites:
- Set up and add envars to [Infisical Cloud](https://app.infisical.com)
## Get your Digital Ocean Personal Access Tokens
On Digital Ocean dashboard, navigate to **API > Tokens** and click on "Generate New Token"
![integrations digital ocean dashboard](../../images/integrations/digital-ocean/integrations-do-dashboard.png)
Name it **infisical**, choose **No expiry**, and make sure to check **Write (optional)**. Then click on "Generate Token" and copy your API token.
![integrations digital ocean token modal](../../images/integrations/digital-ocean/integrations-do-token-modal.png)
## Navigate to your project's integrations tab
Click on the **Digital Ocean App Platform** tile and enter your API token to grant Infisical access to your Digital Ocean account.
![integrations](../../images/integrations.png)
Then enter your Digital Ocean Personal Access Token here. Then click "Connect to Digital Ocean App Platform".
![integrations infisical dashboard digital ocean integration](../../images/integrations/digital-ocean/integrations-do-enter-token.png)
## Start integration
Select which Infisical environment secrets you want to sync to which Digital Ocean App and click "Create Integration".
![integrations digital ocean select projects](../../images/integrations/digital-ocean/integrations-do-select-projects.png)
Done!
![integrations digital ocean integration success](../../images/integrations/digital-ocean/integrations-do-success.png)

32
docs/integrations/cloud/flyio.mdx
View File

@@ -1,32 +0,0 @@
---
title: "Fly.io"
description: "How to sync secrets from Infisical to Fly.io"
---
Prerequisites:
- Set up and add envars to [Infisical Cloud](https://app.infisical.com)
<Steps>
<Step title="Authorize Infisical for Fly.io">
Obtain a Fly.io access token in Access Tokens
![integrations fly dashboard](../../images/integrations/flyio/integrations-flyio-dashboard.png)
![integrations fly token](../../images/integrations/flyio/integrations-flyio-token.png)
Navigate to your project's integrations tab in Infisical.
![integrations](../../images/integrations.png)
Press on the Fly.io tile and input your Fly.io access token to grant Infisical access to your Fly.io account.
![integrations fly authorization](../../images/integrations/flyio/integrations-flyio-auth.png)
</Step>
<Step title="Start integration">
Select which Infisical environment secrets you want to sync to which Fly.io app and press create integration to start syncing secrets to Fly.io.
![integrations fly](../../images/integrations/flyio/integrations-flyio-create.png)
![integrations fly](../../images/integrations/flyio/integrations-flyio.png)
</Step>
</Steps>

8
docs/integrations/cloud/gcp-secret-manager.mdx
View File

@@ -1,8 +0,0 @@
---
title: "GCP Secret Manager"
description: "How to sync secrets from Infisical to GCP Secret Manager"
---
<Note>
The GCP Secret Manager Native Integration will be deprecated in 2026. Please migrate to our new [GCP Secret Manager Sync](../secret-syncs/gcp-secret-manager).
</Note>

8
docs/integrations/cloud/hashicorp-vault.mdx
View File

@@ -1,8 +0,0 @@
---
title: "HashiCorp Vault"
description: "How to sync secrets from Infisical to HashiCorp Vault"
---
<Note>
The Hashicorp Vault Native Integration will be deprecated in 2026. Please migrate to our new [Hashicorp Vault Sync](../secret-syncs/hashicorp-vault).
</Note>

31
docs/integrations/cloud/hasura-cloud.mdx
View File

@@ -1,31 +0,0 @@
---
title: "Hasura Cloud"
description: "How to sync secrets from Infisical to Hasura Cloud"
---
Prerequisites:
- Set up and add envars to [Infisical Cloud](https://app.infisical.com)
<Steps>
<Step title="Authorize Infisical for Hasura Cloud">
Obtain a Hasura Cloud Access Token in My Account > Access Tokens
![integrations hasura cloud tokens](../../images/integrations/hasura-cloud/integrations-hasura-cloud-tokens.png)
Navigate to your project's integrations tab in Infisical.
![integrations](../../images/integrations.png)
Press on the Hasura Cloud tile and input your Hasura Cloud access token to grant Infisical access to your Hasura Cloud account.
![integrations hasura cloud authorization](../../images/integrations/hasura-cloud/integrations-hasura-cloud-auth.png)
</Step>
<Step title="Start integration">
Select which Infisical environment secrets you want to sync to which Hasura Cloud project and press create integration to start syncing secrets to Hasura Cloud.
![integrations hasura cloud](../../images/integrations/hasura-cloud/integrations-hasura-cloud-create.png)
![integrations hasura cloud](../../images/integrations/hasura-cloud/integrations-hasura-cloud.png)
</Step>
</Steps>

71
docs/integrations/cloud/heroku.mdx
View File

@@ -1,71 +0,0 @@
---
title: "Heroku"
description: "How to sync secrets from Infisical to Heroku"
---
<Tabs>
<Tab title="Usage">
Prerequisites:
- Set up and add envars to [Infisical Cloud](https://app.infisical.com)
<Steps>
<Step title="Authorize Infisical for Heroku">
Navigate to your project's integrations tab in Infisical.
![integrations](../../images/integrations.png)
Press on the Heroku tile and grant Infisical access to your Heroku account.
![integrations heroku authorization](../../images/integrations/heroku/integrations-heroku-auth.png)
</Step>
<Step title="Start integration">
Select which Infisical environment secrets you want to sync to which Heroku app and press create integration to start syncing secrets to Heroku.
![integrations heroku](../../images/integrations/heroku/integrations-heroku-create.png)
Here's some guidance on each field:
- Project Environment: The environment in the current Infisical project from which you want to sync secrets from.
- Secrets Path: The path in the current Infisical project from which you want to sync secrets from such as `/` (for secrets that do not reside in a folder) or `/foo/bar` (for secrets nested in a folder, in this case a folder called `bar` in another folder called `foo`).
- Heroku App: The application in Heroku that you want to sync secrets to.
- Initial Sync Behavior (default is **Import - Prefer values from Infisical**): The behavior of the first sync operation triggered after creating the integration.
- **No Import - Overwrite all values in Heroku**: Sync secrets and overwrite any existing secrets in Heroku.
- **Import - Prefer values from Infisical**: Import secrets from Heroku to Infisical; if a secret with the same name already exists in Infisical, do nothing. Afterwards, sync secrets to Heroku.
- **Import - Prefer values from Heroku**: Import secrets from Heroku to Infisical; if a secret with the same name already exists in Infisical, replace its value with the one from Heroku. Afterwards, sync secrets to Heroku.
![integrations heroku](../../images/integrations/heroku/integrations-heroku.png)
</Step>
</Steps>
</Tab>
<Tab title="Self-Hosted Setup">
Using the Heroku integration on a self-hosted instance of Infisical requires configuring an API client in Heroku
and registering your instance with it.
<Steps>
<Step title="Create an API client in Heroku">
Navigate to your user Account settings > Applications to create a new API client.
![integrations Heroku config](../../images/integrations/heroku/integrations-heroku-config-settings.png)
![integrations Heroku config](../../images/integrations/heroku/integrations-heroku-config-applications.png)
![integrations Heroku config](../../images/integrations/heroku/integrations-heroku-config-new-app.png)
Create the API client. As part of the form, set the **OAuth callback URL** to `https://your-domain.com/integrations/heroku/oauth2/callback`.
![integrations Heroku config](../../images/integrations/heroku/integrations-heroku-config-new-app-form.png)
</Step>
<Step title="Add your Heroku API client credentials to Infisical">
Obtain the **Client ID** and **Client Secret** for your Heroku API client.
![integrations Heroku config](../../images/integrations/heroku/integrations-heroku-config-credentials.png)
Back in your Infisical instance, add two new environment variables for the credentials of your Heroku API client.
- `CLIENT_ID_HEROKU`: The **Client ID** of your Heroku API client.
- `CLIENT_SECRET_HEROKU`: The **Client Secret** of your Heroku API client.
Once added, restart your Infisical instance and use the Heroku integration.
</Step>
</Steps>
</Tab>
</Tabs>

38
docs/integrations/cloud/laravel-forge.mdx
View File

@@ -1,38 +0,0 @@
---
title: "Laravel Forge"
description: "How to sync secrets from Infisical to Laravel Forge"
---
Prerequisites:
- Set up and add envars to [Infisical Cloud](https://app.infisical.com)
<Steps>
<Step title="Authorize Infisical for Laravel Forge">
Obtain a Laravel Forge access token in API Tokens
![integrations laravel forge dashboard](../../images/integrations/laravel-forge/integrations-laravelforge-dashboard.png)
![integrations laravel forge api tokens](../../images/integrations/laravel-forge/integrations-laravelforge-api.png)
Obtain your Laravel Forge Server ID in Servers > Server ID
![integrations laravel forge server](../../images/integrations/laravel-forge/integrations-laravelforge-servers.png)
![integrations laravel forge server id](../../images/integrations/laravel-forge/integrations-laravelforge-serverid.png)
Navigate to your project's integrations tab in Infisical.
![integrations](../../images/integrations.png)
Press on the Laravel Forge tile and input your Laravel Forge access token and server ID to grant Infisical access to your Laravel Forge account.
![integrations laravel forge authorization](../../images/integrations/laravel-forge/integrations-laravelforge-auth.png)
</Step>
<Step title="Start integration">
Select which Infisical environment secrets you want to sync to which Laravel Forge site and press create integration to start syncing secrets to Laravel Forge.
![integrations laravel forge](../../images/integrations/laravel-forge/integrations-laravelforge-create.png)
![integrations laravel forge](../../images/integrations/laravel-forge/integrations-laravelforge.png)
</Step>
</Steps>

66
docs/integrations/cloud/netlify.mdx
View File

@@ -1,66 +0,0 @@
---
title: "Netlify"
description: "How to sync secrets from Infisical to Netlify"
---
<Tabs>
<Tab title="Usage">
<Warning>
Infisical integrates with Netlify's new environment variable experience. If
your site uses Netlify's old environment variable experience, you'll have to
upgrade it to the new one to use this integration.
</Warning>
Prerequisites:
- Set up and add envars to [Infisical Cloud](https://app.infisical.com)
<Steps>
<Step title="Authorize Infisical for Netlify">
Navigate to your project's integrations tab in Infisical.
![integrations](../../images/integrations.png)
Press on the Netlify tile and grant Infisical access to your Netlify account.
![integrations netlify authorization](../../images/integrations/netlify/integrations-netlify-auth.png)
</Step>
<Step title="Start integration">
Select which Infisical environment secrets you want to sync to which Netlify app and context. Lastly, press create integration to start syncing secrets to Netlify.
![integrations netlify](../../images/integrations/netlify/integrations-netlify-create.png)
![integrations netlify](../../images/integrations/netlify/integrations-netlify.png)
</Step>
</Steps>
</Tab>
<Tab title="Self-Hosted Setup">
Using the Netlify integration on a self-hosted instance of Infisical requires configuring an OAuth application in Netlify
and registering your instance with it.
<Steps>
<Step title="Create an OAuth application in Netlify">
Navigate to your User settings > Applications > OAuth to create a new OAuth application.
![integrations Netlify config](../../images/integrations/netlify/integrations-netlify-config-user-settings.png)
![integrations Netlify config](../../images/integrations/netlify/integrations-netlify-config-new-app.png)
Create the OAuth application. As part of the form, set the **Redirect URI** to `https://your-domain.com/integrations/netlify/oauth2/callback`.
![integrations Netlify config](../../images/integrations/netlify/integrations-netlify-config-new-app-form.png)
</Step>
<Step title="Add your Netlify OAuth application credentials to Infisical">
Obtain the **Client ID** and **Secret** for your Netlify OAuth application.
![integrations Netlify config](../../images/integrations/netlify/integrations-netlify-config-credentials.png)
Back in your Infisical instance, add two new environment variables for the credentials of your Netlify OAuth application.
- `CLIENT_ID_NETLIFY`: The **Client ID** of your Netlify OAuth application.
- `CLIENT_SECRET_NETLIFY`: The **Secret** of your Netlify OAuth application.
Once added, restart your Infisical instance and use the Netlify integration.
</Step>
</Steps>
</Tab>
</Tabs>

33
docs/integrations/cloud/northflank.mdx
View File

@@ -1,33 +0,0 @@
---
title: "Northflank"
description: "How to sync secrets from Infisical to Northflank"
---
Prerequisites:
- Set up and add envars to [Infisical Cloud](https://app.infisical.com)
- Have a [Northflank](https://northflank.com) project with a secret group ready
<Steps>
<Step title="Authorize Infisical for Northflank">
Obtain a Northflank API token in Account settings > API > Tokens
![integrations northflank dashboard](../../images/integrations/northflank/integrations-northflank-dashboard.png)
![integrations northflank token](../../images/integrations/northflank/integrations-northflank-token.png)
Navigate to your project's integrations tab in Infisical.
![integrations](../../images/integrations.png)
Press on the Northflank tile and input your Northflank API token to grant Infisical access to your Northflank account.
![integrations northflank authorization](../../images/integrations/northflank/integrations-northflank-auth.png)
</Step>
<Step title="Start integration">
Select which Infisical environment secrets you want to sync to which Northflank project and secret group. Finally, press create integration to start syncing secrets to Northflank.
![integrations northflank](../../images/integrations/northflank/integrations-northflank-create.png)
![integrations northflank](../../images/integrations/northflank/integrations-northflank.png)
</Step>
</Steps>

38
docs/integrations/cloud/qovery.mdx
View File

@@ -1,38 +0,0 @@
---
title: "Qovery"
description: "How to sync secrets from Infisical to Qovery"
---
Prerequisites:
- Set up and add envars to [Infisical Cloud](https://app.infisical.com)
<Steps>
<Step title="Authorize Infisical for Qovery">
Obtain a Qovery API Token in Settings > API Token.
![integrations qovery api token](../../images/integrations/qovery/integrations-qovery-token.png)
Navigate to your project's integrations tab in Infisical.
![integrations](../../images/integrations.png)
Press on the Qovery tile and input your Qovery API Token to grant Infisical access to your Qovery account.
![integrations qovery authorization](../../images/integrations/qovery/integrations-qovery-auth.png)
</Step>
<Step title="Start integration">
Select which Infisical environment secrets you want to sync to Qovery and press create integration to start syncing secrets.
![integrations qovery create](../../images/integrations/qovery/integrations-qovery-create-1.png)
![integrations qovery create](../../images/integrations/qovery/integrations-qovery-create-2.png)
<Note>
Infisical supports syncing secrets to various Qovery scopes including applications, jobs, or containers.
</Note>
![integrations qovery settings](../../images/integrations/qovery/integrations-qovery.png)
</Step>
</Steps>

47
docs/integrations/cloud/railway.mdx
View File

@@ -1,47 +0,0 @@
---
title: "Railway"
description: "How to sync secrets from Infisical to Railway"
---
Prerequisites:
- Set up and add envars to [Infisical Cloud](https://app.infisical.com)
<Steps>
<Step title="Authorize Infisical for Railway">
Obtain a Railway API Token in your Railway [Account Settings > Tokens](https://railway.app/account/tokens).
![integrations railway dashboard](../../images/integrations/railway/integrations-railway-dashboard.png)
![integrations railway token](../../images/integrations/railway/integrations-railway-token.png)
<Note>
If this is your first time creating a Railway API token, then you'll be prompted to join
Railway's Private Boarding Beta program on the Railway Account Settings > Tokens page.
Note that Railway project tokens will not work for this integration since they don't work with
Railway's Public API.
</Note>
Navigate to your project's integrations tab in Infisical.
![integrations](../../images/integrations.png)
Press on the Railway tile and input your Railway API Key to grant Infisical access to your Railway account.
![integrations railway authorization](../../images/integrations/railway/integrations-railway-authorization.png)
</Step>
<Step title="Start integration">
Select which Infisical environment secrets you want to sync to which Railway project and environment (and optionally service). Lastly, press create integration to start syncing secrets to Railway.
![integrations create railway](../../images/integrations/railway/integrations-railway-create.png)
<Note>
Infisical integrates with both Railway's [shared variables](https://blog.railway.app/p/shared-variables-release) at the project environment level as well as service variables at the service level.
To sync secrets to a specific service in a project, you can select a service from the Railway Service dropdown; otherwise, leaving it empty will sync secrets to the shared variables of that project.
</Note>
![integrations railway](../../images/integrations/railway/integrations-railway.png)
</Step>
</Steps>

9
docs/integrations/cloud/render.mdx
View File

@@ -1,9 +0,0 @@
---
title: "Render"
description: "How to sync secrets from Infisical to Render"
---
<Note>
The Render Native Integration will be deprecated in 2026. Please migrate to
our new [Render Sync](../secret-syncs/render).
</Note>

39
docs/integrations/cloud/supabase.mdx
View File

@@ -1,39 +0,0 @@
---
title: "Supabase"
description: "How to sync secrets from Infisical to Supabase"
---
<Note>
The Supabase integration is useful if your Supabase project uses sensitive-information such as [environment variables in edge functions](https://supabase.com/docs/guides/functions/secrets).
Synced envars can be accessed in edge functions using Deno's built-in handler: `Deno.env.get(MY_SECRET_NAME)`.
</Note>
Prerequisites:
- Have an account and project set up at [Supabase](https://supabase.com/)
- Set up and add envars to [Infisical Cloud](https://app.infisical.com)
<Steps>
<Step title="Authorize Infisical for Supabase">
Obtain a Supabase Access Token in your Supabase [Account > Access Tokens](https://app.supabase.com/account/tokens).
![integrations supabase dashboard](../../images/integrations/supabase/integrations-supabase-dashboard.png)
![integrations supabase token](../../images/integrations/supabase/integrations-supabase-token.png)
Navigate to your project's integrations tab in Infisical.
![integrations](../../images/integrations.png)
Press on the Supabase tile and input your Supabase Access Token to grant Infisical access to your Supabase account.
![integrations supabase authorization](../../images/integrations/supabase/integrations-supabase-authorization.png)
</Step>
<Step title="Start integration">
Select which Infisical environment secrets you want to sync to which Supabase project. Lastly, press create integration to start syncing secrets to Supabase.
![integrations supabase create](../../images/integrations/supabase/integrations-supabase-create.png)
![integrations supabase](../../images/integrations/supabase/integrations-supabase.png)
</Step>
</Steps>

8
docs/integrations/cloud/terraform-cloud.mdx
View File

@@ -1,8 +0,0 @@
---
title: "Terraform Cloud"
description: "How to sync secrets from Infisical to Terraform Cloud"
---
<Note>
The Terraform Cloud Native Integration will be deprecated in 2026. Please migrate to our new [Terraform Cloud Sync](../secret-syncs/terraform-cloud).
</Note>

8
docs/integrations/cloud/vercel.mdx
View File

@@ -1,8 +0,0 @@
---
title: "Vercel"
description: "How to sync secrets from Infisical to Vercel"
---
<Note>
The Vercel Native Integration will be deprecated in 2026. Please migrate to our new [Vercel Sync](../secret-syncs/vercel).
</Note>

8
docs/integrations/cloud/windmill.mdx
View File

@@ -1,8 +0,0 @@
---
title: "Windmill"
description: "How to sync secrets from Infisical to Windmill"
---
<Note>
The Windmill Native Integration will be deprecated in 2026. Please migrate to our new [Windmill Sync](../secret-syncs/windmill).
</Note>

61
docs/integrations/overview.mdx
View File

@@ -1,61 +0,0 @@
---
title: "Overview"
description: "How to use Infisical to inject secrets and configs into various 3-rd party services and frameworks."
---
Integrations allow environment variables to be synced from Infisical into your local development workflow, CI/CD pipelines, and production infrastructure.
Missing an integration? [Throw in a request](https://github.com/Infisical/infisical/issues).
| Integration | Type | Status |
| ------------------------------------------------------------------------------------- | ---------------------- | ---------------------------------- |
| [Docker](/integrations/platforms/docker) | Platform | Available |
| [Docker-Compose](/integrations/platforms/docker-compose) | Platform | Available |
| [Kubernetes](/integrations/platforms/kubernetes) | Platform | Available |
| [Terraform](https://registry.terraform.io/providers/Infisical/infisical/latest/docs) | Infrastructure as code | Available |
| [PM2](/integrations/platforms/pm2) | Platform | Available |
| [Heroku](/integrations/cloud/heroku) | Cloud | Available |
| [Vercel](/integrations/cloud/vercel) | Cloud | Available |
| [Netlify](/integrations/cloud/netlify) | Cloud | Available |
| [Render](/integrations/cloud/render) | Cloud | Available |
| [Laravel Forge](/integrations/cloud/laravel-forge) | Cloud | Available |
| [Railway](/integrations/cloud/railway) | Cloud | Available |
| [Terraform Cloud](/integrations/cloud/terraform-cloud) | Cloud | Available |
| [TeamCity](/integrations/cloud/teamcity) | Cloud | Available |
| [Fly.io](/integrations/cloud/flyio) | Cloud | Available |
| [Supabase](/integrations/cloud/supabase) | Cloud | Available |
| [Northflank](/integrations/cloud/northflank) | Cloud | Available |
| [Cloudflare Pages](/integrations/cloud/cloudflare-pages) | Cloud | Available |
| [Cloudflare Workers](/integrations/cloud/cloudflare-workers) | Cloud | Available |
| [Checkly](/integrations/cloud/checkly) | Cloud | Available |
| [Qovery](/integrations/cloud/qovery) | Cloud | Available |
| [HashiCorp Vault](/integrations/cloud/hashicorp-vault) | Cloud | Available |
| [AWS Parameter Store](/integrations/cloud/aws-parameter-store) | Cloud | Available |
| [AWS Secrets Manager](/integrations/cloud/aws-secret-manager) | Cloud | Available |
| [Azure Key Vault](/integrations/cloud/azure-key-vault) | Cloud | Available |
| [GCP Secret Manager](/integrations/cloud/gcp-secret-manager) | Cloud | Available |
| [Windmill](/integrations/cloud/windmill) | Cloud | Available |
| [Bitbucket](/integrations/cicd/bitbucket) | CI/CD | Available |
| [Codefresh](/integrations/cicd/codefresh) | CI/CD | Available |
| [GitHub Actions](/integrations/cicd/githubactions) | CI/CD | Available |
| [GitLab](/integrations/cicd/gitlab) | CI/CD | Available |
| [CircleCI](/integrations/cicd/circleci) | CI/CD | Available |
| [Travis CI](/integrations/cicd/travisci) | CI/CD | Available |
| [Rundeck](/integrations/cicd/rundeck) | CI/CD | Available |
| [Octopus Deploy](/integrations/cicd/octopus-deploy) | CI/CD | Available |
| [React](/integrations/frameworks/react) | Framework | Available |
| [Vue](/integrations/frameworks/vue) | Framework | Available |
| [Express](/integrations/frameworks/express) | Framework | Available |
| [Next.js](/integrations/frameworks/nextjs) | Framework | Available |
| [NestJS](/integrations/frameworks/nestjs) | Framework | Available |
| [SvelteKit](/integrations/frameworks/sveltekit) | Framework | Available |
| [Nuxt](/integrations/frameworks/nuxt) | Framework | Available |
| [Gatsby](/integrations/frameworks/gatsby) | Framework | Available |
| [Remix](/integrations/frameworks/remix) | Framework | Available |
| [Vite](/integrations/frameworks/vite) | Framework | Available |
| [Fiber](/integrations/frameworks/fiber) | Framework | Available |
| [Django](/integrations/frameworks/django) | Framework | Available |
| [Flask](/integrations/frameworks/flask) | Framework | Available |
| [Laravel](/integrations/frameworks/laravel) | Framework | Available |
| [Ruby on Rails](/integrations/frameworks/rails) | Framework | Available |
| Jenkins | CI/CD | Available |

6
docs/integrations/secret-syncs/overview.mdx
View File

@@ -5,10 +5,6 @@ description: "Learn how to sync secrets to third-party services with Infisical."
Secret Syncs enable you to sync secrets from Infisical to third-party services using [App Connections](/integrations/app-connections/overview).
<Note>
Secret Syncs will gradually replace Native Integrations as they become available. Native Integrations will be deprecated in the future, so opt for configuring a Secret Sync when available.
</Note>
## Concept
Secret Syncs are a project-level resource used to sync secrets, via an [App Connection](/integrations/app-connections/overview), from a particular project environment and folder path (source)
@@ -92,7 +88,7 @@ via the UI or API for the third-party service you intend to sync secrets to.
<Note>
Infisical is continuously expanding it's Secret Sync third-party service support. If the service you need isn't available,
you can still use our Native Integrations in the interim, or contact us at team@infisical.com to make a request .
you can contact us at team@infisical.com to make a request .
</Note>
## Key Schemas

104
docs/self-hosting/configuration/envars.mdx
View File

@@ -703,110 +703,6 @@ You can configure third-party app connections for re-use across Infisical Projec
</ParamField>
</Accordion>
## Native Secret Integrations
To help you sync secrets from Infisical to services such as Github and Gitlab, Infisical provides native integrations out of the box.
<Accordion title="Heroku">
<ParamField query="CLIENT_ID_HEROKU" type="string" default="none" optional>
OAuth2 client ID for Heroku integration
</ParamField>
<ParamField
query="CLIENT_SECRET_HEROKU"
type="string"
default="none"
optional
>
OAuth2 client secret for Heroku integration
</ParamField>
</Accordion>
<Accordion title="Vercel">
<ParamField query="CLIENT_ID_VERCEL" type="string" default="none" optional>
OAuth2 client ID for Vercel integration
</ParamField>
{" "}
<ParamField query="CLIENT_SECRET_VERCEL" type="string" default="none" optional>
OAuth2 client secret for Vercel integration
</ParamField>
<ParamField query="CLIENT_SLUG_VERCEL" type="string" default="none" optional>
OAuth2 slug for Vercel integration
</ParamField>
</Accordion>
<Accordion title="Netlify">
<ParamField query="CLIENT_ID_NETLIFY" type="string" default="none" optional>
OAuth2 client ID for Netlify integration
</ParamField>
<ParamField query="CLIENT_SECRET_NETLIFY" type="string" default="none" optional>
OAuth2 client secret for Netlify integration
</ParamField>
</Accordion>
<Accordion title="Github">
<ParamField query="CLIENT_ID_GITHUB" type="string" default="none" optional>
OAuth2 client ID for GitHub integration
</ParamField>
<ParamField query="CLIENT_SECRET_GITHUB" type="string" default="none" optional>
OAuth2 client secret for GitHub integration
</ParamField>
</Accordion>
<Accordion title="Bitbucket">
<ParamField query="CLIENT_ID_BITBUCKET" type="string" default="none" optional>
OAuth2 client ID for Bitbucket integration
</ParamField>
<ParamField query="CLIENT_SECRET_BITBUCKET" type="string" default="none" optional>
OAuth2 client secret for Bitbucket integration
</ParamField>
</Accordion>
<Accordion title="GCP Secrets Manager">
<ParamField query="CLIENT_ID_GCP_SECRET_MANAGER" type="string" default="none" optional>
OAuth2 client id for GCP secrets manager integration
</ParamField>
<ParamField query="CLIENT_SECRET_GCP_SECRET_MANAGER" type="string" default="none" optional>
OAuth2 client secret for GCP secrets manager integration
</ParamField>
</Accordion>
<Accordion title="AWS Integration">
<ParamField query="CLIENT_ID_AWS_INTEGRATION" type="string" default="none" optional>
The AWS IAM User access key for assuming roles.
</ParamField>
<ParamField query="CLIENT_SECRET_AWS_INTEGRATION" type="string" default="none" optional>
The AWS IAM User secret key for assuming roles.
</ParamField>
</Accordion>
<Accordion title="Azure">
<ParamField query="CLIENT_ID_AZURE" type="string" default="none" optional>
OAuth2 client id for Azure integration
</ParamField>
<ParamField query="CLIENT_SECRET_AZURE" type="string" default="none" optional>
OAuth2 client secret for Azure integration
</ParamField>
</Accordion>
<Accordion title="Gitlab">
<ParamField query="CLIENT_ID_GITLAB" type="string" default="none" optional>
OAuth2 client id for Gitlab integration
</ParamField>
<ParamField query="CLIENT_SECRET_GITLAB" type="string" default="none" optional>
OAuth2 client secret for Gitlab integration
</ParamField>
</Accordion>
## Secret Scanning
<Accordion title="GitHub">