Submit
Infisical logo

Infisical

Open-source secrets management platform for developers and teams

Replaces
HashiCorp Vault
19k TypeScript MIT 3 days ago

Overview

Infisical is an open-source secrets-management platform for syncing secrets across teams, infrastructure, and CI/CD. It provides a slick dashboard, secret versioning and rotation, dynamic secrets, PKI, an SDK, CLI, and Kubernetes operator. It positions itself as a developer-friendly alternative to HashiCorp Vault.

Key features

  • Centralized secrets syncing across teams, infrastructure, and CI/CD
  • Secret versioning and rotation
  • Dynamic secrets generated on demand
  • Built-in PKI for certificate management
  • SDK, CLI, and Kubernetes operator for integration

Our take

Infisical aims squarely at the developer experience gap that HashiCorp Vault leaves open, pairing a clean dashboard with versioning, rotation, dynamic secrets, and a PKI in one MIT-licensed package. The SDK, CLI, and Kubernetes operator make it straightforward to wire secrets into existing pipelines and clusters. The caveat is that secrets management is inherently sensitive infrastructure, so self-hosting means you own the operational burden of keeping it available, backed up, and secure, and the broad feature set is still maturing compared to Vault's battle-tested core. For teams that want Vault-style capabilities without Vault's complexity, it's a strong fit as long as you take the operational responsibility seriously.

Ideal for: Developer teams that find HashiCorp Vault too heavy and want a friendlier dashboard-driven secrets platform.

Where it falls short of HashiCorp Vault

  • Core is MIT but a number of features live under an enterprise (ee) license requiring a paid plan
  • Less battle-tested than Vault for low-level cryptographic/dynamic-secret workloads
  • Self-hosted instances do not include all features available in the paid cloud tier
  • Smaller plugin/integration catalog than HashiCorp Vault

We list the gaps honestly so you can decide if the trade-off is worth owning your data.

Tags

secrets
developer-tools
typescript
secret-rotation
kubernetes
ci-cd
Maintain Infisical?

Claim this listing to keep it accurate, add a deploy template, or feature it on relevant pages.

Claim / suggest an editGet featured
Show off your self-host difficulty score

Embed the Infisical difficulty badge in your README — it links back here.

Self-host difficulty badge← add this to your README
[![Self-host difficulty](https://openreplace.com/api/badge/infisical)](https://openreplace.com/infisical)

Similar open-source projects

Other self-hostable tools in the same space worth comparing.

Vaultwarden

Lightweight Bitwarden-compatible server written in Rust, perfect for self-hosting

50k Rust AGPL-3.0 5 days ago
2/5
Details & deploy →Repo
Infisical vs Vaultwarden
SOPS

Encrypt files in Git with KMS/age/PGP — secrets management without a server

22k Go MPL-2.0 1 month ago
1/5
Details & deploy →Repo
Infisical vs SOPS
Bitwarden Server

Official open-source server for the Bitwarden password manager

17k C# AGPL-3.0 5 days ago
3/5
Details & deploy →Repo
Infisical vs Bitwarden Server
OpenBao

Open-source secrets management forked from HashiCorp Vault under the Linux Foundation

6.5k Go MPL-2.0 26 days ago
4/5
Details & deploy →Repo
Infisical vs OpenBao