EnvKeyVault is a simple tool to share environment variables securely. It uses AES-GCM to encrypt your data before sending it to the server. The encryption key never leaves your browser.
- Shareable Links: Share your environment variables securely by sending a link
- End-to-End Encryption: AES-GCM encryption is used to encrypt your data before sending it to the server
- Limit number of reads: Limit the number of times a link can be read
- Auto Expire: Automatically expire links and delete data after a certain time
ENABLE_VERCEL_ANALYTICS Any truthy value will enable Vercel Analytics. This is turned off by default
UPSTASH_REDIS_REST_URL The REST API endpoint URL for connecting to an Upstash Redis database.
UPSTASH_REDIS_REST_TOKEN The authentication token required to access the Upstash Redis database via REST API.
PLEASE NEVER EVER UPLOAD UNENCRYPTED SECRETS.
This endpoint is only meant to store already encrypted secrets. The encrypted secrets are stored in plain text.
$ curl -XPOST -s https://env-key-vault.vercel.app/api/v1/secret -d "already-encrypted-secret"You can add optional headers to configure the ttl and number of reads.
$ curl -XPOST -s https://env-key-vault.vercel.app/api/v1/secret -d "already-encrypted-secret" -H "envshare-ttl: 3600" -H "envshare-reads: 10"- Omitting the
envshare-ttlheader will set a default of 30 days. Disable the ttl by setting it to 0. (envshare-ttl: 0) - Omitting the
envshare-readsheader will simply disable it and allow reading for an unlimited number of times.
This endpoint returns a JSON response with the secret id:
{
"data": {
"id": "HdPbXgpvUvNk43oxSdK97u",
"ttl": 86400,
"reads": 2,
"expiresAt": "2023-01-19T20:47:28.383Z",
"url": "https://env-key-vault.vercel.app/api/v1/secret/HdPbXgpvUvNk43oxSdK97u"
}
}You need an id to retrieve a secret. The id is returned when you store a secret.
$ curl -s https://env-key-vault.vercel.app/api/v1/secret/HdPbXgpvUvNk43oxSdK97u{
"data": {
"secret": "Hello",
"remainingReads": 1
}
}