github/infisical
1
0
Fork 0
mirror of https://github.com/Infisical/infisical.git synced 2026-01-06 22:23:53 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
95fdff7747fe3e192b065b9f98b4cc8e65fe89a4
infisical/docs/integrations/app-connections/overview.mdx
Victor Santos 95fdff7747 documentation update
2025-11-24 19:59:00 -03:00

83 lines
3.2 KiB
Plaintext
Raw Blame History

---
sidebarTitle: "Overview"
description: "Learn how to manage and configure third-party app connections with Infisical."
---
App Connections enable you to integrate your Infisical projects with third-party services in a secure and versatile way.
<Note>
App connections can also be created and managed independently in projects now.
</Note>
## Concept
App Connections can be used to establish connections with third-party applications
that can be used across multiple features. Example use cases include syncing secrets, rotating credentials, scanning repositories for secret leaks, and more.
<br />
<div align="center">
```mermaid
%%{init: {'flowchart': {'curve': 'linear'} } }%%
graph TD
A[AWS]
B[AWS Connection]
C[Project 1 Secret Sync]
D[Project 2 Secret Sync]
E[Project 3 Generate Dynamic Secret]
B --> A
C --> B
D --> B
E --> B
classDef default fill:#ffffff,stroke:#666,stroke-width:2px,rx:10px,color:black
classDef aws fill:#FFF2B2,stroke:#E6C34A,stroke-width:2px,color:black,rx:15px
classDef project fill:#E6F4FF,stroke:#0096D6,stroke-width:2px,color:black,rx:15px
classDef connection fill:#F4FFE6,stroke:#96D600,stroke-width:2px,color:black,rx:15px
class A aws
class B connection
class C,D,E project
```
</div>
## Workflow
App Connections require initial setup in both your third-party application and Infisical. Follow these steps to establish a secure connection:
<Note>
For step-by-step guides specific to each application, refer to the App Connections section in the Navigation Bar.
</Note>
1. <strong>Create Access Entity:</strong> If necessary, create an entity such as a service account or role within the third-party application you want to connect to. Be sure
to limit the access of this entity to the minimal permission set required to perform the operations you need. For example:
- For secret syncing: Read/write permissions to specific secret stores
- For dynamic secrets: Permissions to create temporary credentials
<Tip>
Whenever possible, Infisical encourages creating a designated service account for your App Connection to limit the scope of permissions based on your use-case.
</Tip>
2. <strong>Generate Authentication Credentials:</strong> Obtain the required credentials from your third-party application. These can vary between applications and might be:
- an API key or access token
- A client ID and secret pair
- other credentials, etc.
3. <strong>Create App Connection:</strong> Configure the connection in Infisical using your generated credentials through either the UI or API.
<Info>
Some App Connections can only be created via the UI such as connections using OAuth.
</Info>
4. <strong>Utilize the Connection:</strong> Use your App Connection for various features across Infisical such as our Secrets Sync by selecting it via the dropdown menu
in the UI or by passing the associated `connectionId` when generating resources via the API.
## Platform Managed Credentials
Some App Connections support the ability to have their credentials managed by Infisical. By enabling this option,
Infisical will modify the credentials to prevent external use of the configured access entity.
Reference in New Issue View Git Blame Copy Permalink