Introduction
Envshed is a secrets management platform for teams. Store, share, and inject environment variables across organizations, projects, and environments — encrypted at rest with AES-256-GCM.
How it works
- Web Dashboard — Manage secrets, organizations, projects, and team members through a browser UI.
- CLI (
envshed) — Pull, push, and inject secrets from the terminal. Integrates into CI/CD pipelines and local development workflows. - REST API — Programmatic access with Bearer token authentication.
Key concepts
| Concept | Description |
|---|---|
| Organization | Top-level team container. Members have org-level roles (owner, admin, member). |
| Project | A service or app within an organization. |
| Environment | A named set of secrets (e.g., development, staging, production). |
| Secret | A key-value pair stored encrypted on the server. |
| Override | A per-user value that replaces a secret for your local development. |
| Shared Secret | A secret shared from one environment to another. |