Infisical introduced a new machine authentication method called 'Identities', providing granular access to its full REST API with a role-based permission system.
Identities function similarly to IAM users in AWS or service accounts in GCP, and they come with improved user experience and security features such as TTLs, access restrictions, and IP allowlisting.
To use identities, create an identity with an organization-level role, configure a Client ID and Secret for Universal Authentication, and add the identity to projects.
Access to the Infisical API with the identity is secured via a login operation to obtain a short-lived access token, enhancing current secret management workflows.
The system aims to streamline secret management for teams and organizations, as part of Infisical's open source secret management platform.

Infisical is an end-to-end, open-source platform focused on SecretOps, designed to securely manage an organization's secrets and configurations across teams and infrastructure. They offer features for automatically rotating database tokens and API keys, using templates, setting user permissions, and generating compliance audit reports. The company is a strong proponent of open source, especially for security software, aiming to provide the highest security standards. With 120+ contributors and a significant community presence, Infisical seems dedicated to community engagement and transparency. They provide secret management and scanning services, and pride themselves on ease of setup and maintenance.

Infisical

Secure open-source platform for managing team secrets and configurations.

Infisical Launches New Machine Identity Authentication

Recent Product News