github/infisical
1
0
Fork 0
mirror of https://github.com/Infisical/infisical.git synced 2026-01-10 07:58:15 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
fc12174cadda5ea48b655c0354d3237f052a5fce
infisical/docs/documentation/platform/event-subscriptions.mdx
Sid c1fb5d8998 docs: add events system pages (#4294) 
* feat: events docs

* fix: make the conditions optional in casl check

* Update backend/src/lib/api-docs/constants.ts

* Update backend/src/lib/api-docs/constants.ts

Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>

* Update docs/docs.json

* docs: content

* fix: pr changes

* feat: improve docs

* chore: remove recursive

* fix: pr changes

* fix: change

* fix: pr changes

* fix: pr changes

* fix: change
2025-08-06 00:43:41 +05:30

119 lines
4.7 KiB
Plaintext
Raw Blame History

---
title: "Event Subscriptions"
sidebarTitle: "Events"
description: "Subscribe to events in Infisical for real-time updates"
---
<Info>
**Note:** Event Subscriptions is a paid feature. - **Infisical Cloud users:** Event Subscriptions is available under
the **Enterprise Tier**. - **Self-Hosted Infisical:** Please contact [sales@infisical.com](mailto:sales@infisical.com)
to purchase an enterprise license.
</Info>
Event Subscriptions in Infisical allow you to receive real-time notifications when specific actions occur within your account or organization. These notifications include changes to secrets, users, teams, and many more **coming soon**.
## How It Works
- Server receives message over pubsub connection indicating changes have occurred
- Server processes the change notification
- Updated data is synchronized across all connected Infisical instances
- Client applications receive real-time updates through [Server-Sent Events (SSE)](https://developer.mozilla.org/en-US/docs/Web/API/Server-sent_events)
- All servers maintain consistent state without manual intervention
This ensures your infrastructure stays up-to-date automatically, without requiring restarts or manual synchronization.
<Note>
Event Subscriptions are designed for real-time communication and do not include persistence or replay
capabilities—events are delivered once and are not stored for future retrieval.
</Note>
## Supported Resources
You can currently subscribe to notifications for the following resources and event types:
- **Secrets**
- `secret:created`: Triggered when a secret is created
- `secret:updated`: Triggered when a secret is updated
- `secret:deleted`: Triggered when a secret is deleted
## Permissions Setup
To receive events on a supported resource, the identity must have `Subscribe` action permission on that resource.
Follow these steps to set up the necessary permissions:
<Steps>
<Step title="Select a project and copy the Project ID">
![Select Project](/images/platform/events/select-project.png)
On your project page, open **Project Settings** from the sidebar.
In the Project name section, click **Copy Project ID** to copy your Project ID, or extract it from the URL:
`https://app.infisical.com/project/<your_project_id>/settings`
</Step>
<Step title="Navigate to Access Management and open Project Roles">
![Project Detail](/images/platform/events/project-detail.png) ![Project
Access](/images/platform/events/project-access.png) Navigate to **Access Management**, then select **Project Roles**.
</Step>
<Step title="Select an existing role or create a new one">
![Project Role](/images/platform/events/project-role.png) You can either edit an existing role or create a new role
for event subscriptions.
</Step>
<Step title="Assign policies to the role">
![Role Detail](/images/platform/events/role-detail.png) Select the specific resources that the role should have access
to. ![Add policy](/images/platform/events/add-policy.png)
</Step>
<Step title="Enable the Subscribe action in permissions">
![Policy setting](/images/platform/events/policy-setting.png)
Ensure the **Subscribe** action is selected for the relevant resources and events.
## Conditions
By default, the role will have access to all events for the selected resources in this project.
<AccordionGroup>
<Accordion title="Full Access">
![Policy setting](/images/platform/events/access-full.png)
</Accordion>
<Accordion title="Path Prefix">
![Policy setting](/images/platform/events/access-path.png)
</Accordion>
<Accordion title="Environment">
![Policy setting](/images/platform/events/access-dev.png)
</Accordion>
</AccordionGroup>
</Step>
</Steps>
## Getting Started
Currently, events are only available via [API](/api-reference/endpoints/events) but will soon be available in our SDKs, Kubernetes Operator, and more.
### API Usage
You need an auth token to use this API. To get an authentication token, follow the authentication guide for one of our supported auth methods from the [machine identities documentation](/documentation/platform/identities/machine-identities#authentication-methods).
#### Creating a Subscription
![Postman Subscription](/images/platform/events/postman-subscribe.png)
**Request Parameters:**
- `projectId`: Project whose events you want to subscribe to
- `register`: List of event filters
- `conditions`: Conditions to filter events on
- `environmentSlug`: Project environment
- `secretPath`: Path of the secrets
![Postman Subscription Response](/images/platform/events/postman-sse-response.png)
The subscribe endpoint responds with a `text/event-stream` content type to initiate SSE streaming.
For more specific details, please refer to our [API Reference](/api-reference/endpoints/events).
Reference in New Issue View Git Blame Copy Permalink