{"id":20268520,"url":"https://github.com/infisical/infisical-node","last_synced_at":"2025-05-07T15:31:34.359Z","repository":{"id":155966068,"uuid":"601948056","full_name":"Infisical/infisical-node","owner":"Infisical","description":"♾ Official Infisical SDK for Node","archived":true,"fork":false,"pushed_at":"2024-03-17T04:31:00.000Z","size":208,"stargazers_count":72,"open_issues_count":12,"forks_count":19,"subscribers_count":4,"default_branch":"main","last_synced_at":"2025-05-01T19:57:36.470Z","etag":null,"topics":["end-to-end-encryption","environment-variables","javascript","nodejs","open-source","secret-management","secrets","security","typescript"],"latest_commit_sha":null,"homepage":"https://infisical.com","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Infisical.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-02-15T07:01:49.000Z","updated_at":"2025-04-30T14:22:18.000Z","dependencies_parsed_at":"2023-05-25T23:15:42.932Z","dependency_job_id":"f9a284e9-3bd8-4cc3-b286-66b3669264a3","html_url":"https://github.com/Infisical/infisical-node","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Infisical%2Finfisical-node","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Infisical%2Finfisical-node/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Infisical%2Finfisical-node/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Infisical%2Finfisical-node/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Infisical","download_url":"https://codeload.github.com/Infisical/infisical-node/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252905825,"owners_count":21822870,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["end-to-end-encryption","environment-variables","javascript","nodejs","open-source","secret-management","secrets","security","typescript"],"created_at":"2024-11-14T12:18:40.816Z","updated_at":"2025-05-07T15:31:33.866Z","avatar_url":"https://github.com/Infisical.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003ch1 align=\"center\"\u003e\n    \u003ca href=\"https://github.com/Infisical/infisical\"\u003e\n        \u003cimg width=\"300\" src=\"/img/logoname-white.svg#gh-dark-mode-only\" alt=\"infisical\"\u003e\n    \u003c/a\u003e\n\u003c/h1\u003e\n\u003cp align=\"center\"\u003e\n  \u003cp align=\"center\"\u003eOpen-source, end-to-end encrypted tool to manage secrets and configs across your team and infrastructure.\u003c/p\u003e\n\u003c/p\u003e\n\n# Deprecated!\n\nThis is now considered a legacy SDK, as we have released a new SDK that will be receiving all future updates. [You can find it here](https://www.npmjs.com/package/@infisical/sdk).\n\n# Table of Contents\n\n-   [Links](#links)\n-   [Basic Usage](#basic-usage)\n-   [Secrets](#working-with-secrets)\n    -   [Get Secrets](#get-secrets)\n    -   [Get Secret](#get-secret)\n    -   [Create Secret](#create-secret)\n    -   [Update Secret](#update-secret)\n    -   [Delete Secret](#delete-secret)\n-   [Cryptography](#cryptography)\n    -   [Create Symmetric Key](#create-symmetric-key)\n    -   [Encrypt Symmetric](#encrypt-symmetric)\n    -   [Decrypt Symmetric](#decrypt-symmetric)\n\n# Links\n\n-   [Infisical](https://github.com/Infisical/infisical)\n\n# Basic Usage\n\n```js\nimport express from \"express\";\nimport InfisicalClient from \"infisical-node\";\nconst app = express();\nconst PORT = 3000;\n\nconst client = new InfisicalClient({\n    token: \"YOUR_INFISICAL_TOKEN\"\n});\n\napp.get(\"/\", async (req, res) =\u003e {\n    // access value\n    const name = await client.getSecret(\"NAME\", {\n        environment: \"dev\",\n        path: \"/\",\n        type: \"shared\"\n    });\n    res.send(`Hello! My name is: ${name.secretValue}`);\n});\n\napp.listen(PORT, async () =\u003e {\n    // initialize client\n    console.log(`App listening on port ${port}`);\n});\n```\n\nThis example demonstrates how to use the Infisical Node SDK with an Express application. The application retrieves a secret named \"NAME\" and responds to requests with a greeting that includes the secret value.\n\nIt is also possible to use the SDK to encrypt/decrypt text; the implementation uses `aes-256-gcm` with components of the encryption/decryption encoded in `base64`.\n\n```js\nimport InfisicalClient from \"infisical-node\";\nconst client = new InfisicalClient();\n\n// some plaintext you want to encrypt\nconst plaintext = \"The quick brown fox jumps over the lazy dog\";\n\n// create a base64-encoded, 256-bit symmetric key\nconst key = client.createSymmetricKey();\n\n// encrypt\nconst { ciphertext, iv, tag } = client.encryptSymmetric(plaintext, key);\n\n// decrypt\nconst cleartext = client.decryptSymmetric(ciphertext, key, iv, tag);\n```\n\n# Installation\n\n```console\n$ npm install infisical-node\n```\n\n# Configuration\n\nImport the SDK and create a client instance with your [Infisical Token](https://infisical.com/docs/getting-started/dashboard/token).\n\n```js\nconst InfisicalClient = require(\"infisical-node\");\n\nconst client = new InfisicalClient({\n    token: \"your_infisical_token\"\n});\n```\n\nUsing ES6:\n\n```js\nimport InfisicalClient from \"infisical-node\";\n\nconst client = new InfisicalClient({\n    token: \"your_infisical_token\"\n});\n\n// your app logic\n```\n\nUsing Infisical Token V3 (Beta):\n\nIn `v1.4.0`, we released a superior token authentication method; this credential is a JSON containing a `publicKey`, `privateKey`, and `serviceToken` and can be used to initialize the Node SDK client instead of the regular service token.\n\nYou can use this beta feature like so:\n\n```js\nconst InfisicalClient = require(\"infisical-node\");\n\nconst client = new InfisicalClient({\n    tokenJson: \"your_infisical_token_v3_json\"\n});\n```\n\n### Options\n\n| Parameter   | Type      | Description                                                                 |\n| ----------- | --------- | --------------------------------------------------------------------------- |\n| `token`     | `string`  | An Infisical Token scoped to a project and environment(s).                  |\n| `tokenJson` | `string`  | An Infisical Token V3 JSON scoped to a project and environment(s) - in beta |\n| `siteURL`   | `string`  | Your self-hosted Infisical site URL. Default: `https://app.infisical.com`.  |\n| `cacheTTL`  | `number`  | Time-to-live (in seconds) for refreshing cached secrets. Default: `300`.    |\n| `debug`     | `boolean` | Turns debug mode on or off. Default: `false`.                               |\n\n### Caching\n\nThe SDK caches every secret and updates it periodically based on the provided `cacheTTL`. For example, if `cacheTTL` of `300` is provided, then a secret will be refetched 5 minutes after the first fetch; if the fetch fails, the cached secret is returned.\n\n# Secrets\n\n## Get Secrets\n\n```js\nconst secrets = await client.getAllSecrets({\n    environment: \"dev\",\n    path: \"/foo/bar/\",\n    attachToProcessEnv: false,\n    includeImports: false\n});\n```\n\nRetrieve all secrets within a given environment and folder path. The service token used must have access to the given path and environment.\n\n### Parameters\n\n-   `options` (object)\n    -   `environment` The slug name (dev, prod, etc) of the environment from where secrets should be fetched from\n    -   `path` The path from where secrets should be fetched from\n    -   `attachToProcessEnv` (boolean, optional): Whether or not to attach fetched secrets to `process.env`. If not specified, the default value is `false`.\n    -   `includeImports` (boolean, optional): Whether or not to include imported secrets from the current path. Read about [secret import](https://infisical.com/docs/documentation/platform/secret-reference#import-entire-folders).\n\n## Get Secret\n\nRetrieve a secret from Infisical:\n\n```js\nconst secret = await client.getSecret(\"API_KEY\", {\n    environment: \"dev\",\n    path: \"/\",\n    type: \"shared\"\n});\nconst value = secret.secretValue; // get its value\n```\n\nBy default, `getSecret()` fetches and returns a personal secret. If not found, it returns a shared secret, or tries to retrieve the value from `process.env`. If a secret is fetched, `getSecret()` caches it to reduce excessive calls and re-fetches periodically based on the `cacheTTL` option (default is `300` seconds) when initializing the client — for more information, see the caching section.\n\nTo explicitly retrieve a shared secret:\n\n```js\nconst secret = await client.getSecret(\"API_KEY\", {\n    environment: \"dev\",\n    path: \"/\",\n    type: \"shared\"\n});\nconst value = secret.secretValue; // get its value\n```\n\n### Parameters\n\n-   `secretName` (string): The key of the secret to retrieve.\n-   `options` (object, optional): An options object to speify the type of secret.\n    -   `environment` The slug name (dev, prod, etc) of the environment from where secrets should be fetched from\n    -   `path` The path from where secrets should be fetched from\n    -   `type` (string, optional): The type of the secret. Valid options are \"shared\" or \"personal\". If not specified, the default value is \"personal\".\n\n## Create Secret\n\nCreate a new secret in Infisical:\n\n```js\nconst newApiKey = await client.createSecret(\"API_KEY\", \"FOO\", {\n    environment: \"dev\",\n    path: \"/\",\n    type: \"shared\"\n});\n```\n\n### Parameters\n\n-   `secretName` (string): The key of the secret to create.\n-   `secretValue` (string): The value of the secret.\n-   `options` (object, optional): An options object to specify the type of secret.\n    -   `environment` The slug name (dev, prod, etc) of the environment where secret should be created\n    -   `path` The path from where secret should be created.\n    -   `type` (string, optional): The type of the secret. Valid options are \"shared\" or \"personal\". If not specified, the default value is \"shared\". A personal secret can only be created if a shared secret with the same name exists.\n\n## Update Secret\n\nUpdate an existing secret in Infisical:\n\n```js\nconst updatedApiKey = await client.updateSecret(\"API_KEY\", \"BAR\", {\n    environment: \"dev\",\n    path: \"/\",\n    type: \"shared\"\n});\n```\n\n### Parameters\n\n-   `secretName` (string): The key of the secret to update.\n-   `secretValue` (string): The new value of the secret.\n-   `options` (object, optional): An options object to specify the type of secret.\n    -   `environment` The slug name (dev, prod, etc) of the environment where secret should be updated.\n    -   `path` The path from where secret should be updated.\n    -   `type` (string, optional): The type of the secret. Valid options are \"shared\" or \"personal\". If not specified, the default value is \"shared\".\n\n## Delete Secret\n\nDelete a secret in Infisical:\n\n```js\nconst deletedSecret = await client.deleteSecret(\"API_KEY\", {\n    environment: \"dev\",\n    path: \"/\",\n    type: \"shared\"\n});\n```\n\n### Parameters\n\n-   `secretName` (string): The key of the secret to delete.\n-   `options` (object, optional): An options object to specify the type of secret to delete.\n    -   `environment` The slug name (dev, prod, etc) of the environment where secret should be deleted.\n    -   `path` The path from where secret should be deleted.\n    -   `type` (string, optional): The type of the secret. Valid options are \"shared\" or \"personal\". If not specified, the default value is \"shared\". Note that deleting a shared secret also deletes all associated personal secrets.\n\n# Cryptography\n\n## Create Symmetric Key\n\nCreate a base64-encoded, 256-bit symmetric key to be used for encryption/decryption.\n\n```js\nconst key = client.createSymmetricKey();\n```\n\n### Returns\n\n`key` (string): A base64-encoded, 256-bit symmetric key.\n\n## Encrypt Symmetric\n\nEncrypt plaintext -\u003e ciphertext.\n\n```js\nconst { ciphertext, iv, tag } = client.encryptSymmetric(plaintext, key);\n```\n\n### Parameters\n\n-   `plaintext` (string): The plaintext to encrypt.\n-   `key` (string): The base64-encoded, 256-bit symmetric key to use to encrypt the `plaintext`.\n\n### Returns\n\nAn object containing the following properties:\n\n-   `ciphertext` (string): The base64-encoded, encrypted `plaintext`.\n-   `iv` (string): The base64-encoded, 96-bit initialization vector generated for the encryption.\n-   `tag` (string): The base64-encoded authentication tag generated during the encryption.\n\n## Decrypt Symmetric\n\nDecrypt ciphertext -\u003e plaintext/cleartext.\n\n```js\nconst cleartext = client.decryptSymmetric(ciphertext, key, iv, tag);\n```\n\n## Parameters\n\n-   `ciphertext` (string): The ciphertext to decrypt.\n-   `key` (string): The base64-encoded, 256-bit symmetric key to use to decrypt the `ciphertext`.\n-   `iv` (string): The base64-encoded, 96-bit initiatlization vector generated for the encryption.\n-   `tag` (string): The base64-encoded authentication tag generated during encryption.\n\n### Returns\n\n`cleartext` (string): The decrypted encryption that is the cleartext/plaintext.\n\n# Contributing\n\nBug fixes, docs, and library improvements are always welcome. Please refer to our [Contributing Guide](https://infisical.com/docs/contributing/overview) for detailed information on how you can contribute.\n\n[//]: contributor-faces\n\n\u003c!-- ALL-CONTRIBUTORS-LIST:START - Do not remove or modify this section --\u003e\n\u003c!-- prettier-ignore-start --\u003e\n\u003c!-- markdownlint-disable --\u003e\n\n\u003ca href=\"https://github.com/dangtony98\"\u003e\u003cimg src=\"https://avatars.githubusercontent.com/u/25857006?v=4\" width=\"50\" height=\"50\" alt=\"\"/\u003e\u003c/a\u003e \u003ca href=\"https://github.com/Aashish-Upadhyay-101\"\u003e\u003cimg src=\"https://avatars.githubusercontent.com/u/81024263?v=4\" width=\"50\" height=\"50\" alt=\"\"/\u003e\u003c/a\u003e \u003ca href=\"https://github.com/NicoZweifel\"\u003e\u003cimg src=\"https://avatars.githubusercontent.com/u/34443492?v=4\" width=\"50\" height=\"50\" alt=\"\"/\u003e\u003c/a\u003e\u003ca href=\"https://github.com/gitSambhal\"\u003e\u003cimg src=\"https://avatars.githubusercontent.com/u/15196655?v=4\" width=\"50\" height=\"50\" alt=\"\"/\u003e\u003c/a\u003e\u003ca href=\"https://github.com/microtronics-jast\"\u003e\u003cimg src=\"https://avatars.githubusercontent.com/u/132543081?v=4\" width=\"50\" height=\"50\" alt=\"\"/\u003e\u003c/a\u003e\n\n## Getting Started\n\nIf you want to familiarize yourself with the SDK, you can start by [forking the repository](https://docs.github.com/en/get-started/quickstart/fork-a-repo) and [cloning it in your local development environment](https://docs.github.com/en/repositories/creating-and-managing-repositories/cloning-a-repository). The project requires [Node.js](https://nodejs.org/en) to be installed on your machine.\n\nAfter cloning the repository, install the depenencies by running the following command in the directory of your cloned repository:\n\n```console\n$ npm install\n```\n\nTo run existing tests, you need to make a `.env` at the root of this project containing a `INFISICAL_TOKEN` and `SITE_URL`. This will execute the tests against a project and environment scoped to the `INFISICAL_TOKEN` on a running instance of Infisical at the `SITE_URL` (this could be [Infisical Cloud](https://app.infisical.com)).\n\nTo run all the tests you can use the following command:\n\n```console\n$ npm test\n```\n\n# License\n\n`infisical-node` is distributed under the terms of the [MIT](https://spdx.org/licenses/MIT.html) license.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Finfisical%2Finfisical-node","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Finfisical%2Finfisical-node","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Finfisical%2Finfisical-node/lists"}