{"id":25190059,"url":"https://github.com/keyfactor/kfutil","last_synced_at":"2026-01-26T22:22:37.401Z","repository":{"id":64023576,"uuid":"543071277","full_name":"Keyfactor/kfutil","owner":"Keyfactor","description":"Keyfactor Command Utility (kfutil) is a go-lang CLI wrapper for Keyfactor Command API. It also includes other utility/helper functions around automating common Keyfactor Command operations.","archived":false,"fork":false,"pushed_at":"2025-03-31T17:04:36.000Z","size":19498,"stargazers_count":1,"open_issues_count":28,"forks_count":0,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-03-31T18:23:28.772Z","etag":null,"topics":["keyfactor-api-client"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Keyfactor.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-09-29T10:56:50.000Z","updated_at":"2025-02-07T19:57:53.000Z","dependencies_parsed_at":"2023-10-13T08:51:22.039Z","dependency_job_id":"f6189c1e-30d6-4c02-9da9-c8f839748d11","html_url":"https://github.com/Keyfactor/kfutil","commit_stats":null,"previous_names":[],"tags_count":230,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Keyfactor%2Fkfutil","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Keyfactor%2Fkfutil/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Keyfactor%2Fkfutil/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Keyfactor%2Fkfutil/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Keyfactor","download_url":"https://codeload.github.com/Keyfactor/kfutil/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247167720,"owners_count":20894991,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["keyfactor-api-client"],"created_at":"2025-02-09T21:18:48.488Z","updated_at":"2026-01-21T01:01:57.278Z","avatar_url":"https://github.com/Keyfactor.png","language":"Go","readme":"# Keyfactor Command Utility (kfutil)\n\n`kfutil` is a go-lang CLI wrapper for Keyfactor Command API. It also includes other utility/helper functions around\nautomating common Keyfactor Command operations.\n\n#### Integration status: Production - Ready for use in production environments.\n\n## About the Keyfactor API Client\n\nThis API client allows for programmatic management of Keyfactor resources.\n\n## Support for Keyfactor Command Utility (kfutil)\n\nKeyfactor Command Utility (kfutil) is open source and supported on best effort level for this tool/library/client. This\nmeans customers can report Bugs, Feature Requests, Documentation amendment or questions as well as requests for customer\ninformation required for setup that needs Keyfactor access to obtain. Such requests do not follow normal SLA commitments\nfor response or resolution. If you have a support issue, please open a support ticket via the Keyfactor Support Portal\nat https://support.keyfactor.com/\n\nTo report a problem or suggest a new feature, use the **[Issues](../../issues)** tab. If you want to contribute actual\nbug fixes or proposed enhancements, use the **[Pull requests](../../pulls)** tab.\n\n## Quickstart\n\n### Linux/MacOS\n\n#### Prerequisites:\n\n- [jq](https://stedolan.github.io/jq/download/) CLI tool, used to parse JSON output.\n- Either\n - [curl](https://curl.se/download.html) CLI tool, used to download the release files.\n - OR [wget](https://www.gnu.org/software/wget/) CLI tool, used to download the release files.\n- [unzip](https://linuxize.com/post/how-to-unzip-files-in-linux/#installing-unzip) CLI tool, used to unzip the release\n- [openssl](https://www.openssl.org/source/) CLI tool, used to validate package checksum.\n- `$HOME/.local/bin` in your `$PATH` and exists if not running as root, else `/usr/local/bin` if running as root.\n\n#### Installation:\n\n```bash\nbash \u003c(curl -s https://raw.githubusercontent.com/Keyfactor/kfutil/main/install.sh)\n````\n\n### Windows\n\n#### Prerequisites:\n\n- Powershell 5.1 or later\n\n#### Installation:\n\n```powershell\nInvoke-WebRequest -Uri \"https://raw.githubusercontent.com/Keyfactor/kfutil/main/install.ps1\" -OutFile \"install.ps1\"\n# Install kfutil to $HOME/AppData/Local/Microsoft/WindowsApps.\n# Use Get-Help .\\install.ps1 -Full for help and examples.\n.\\install.ps1\n```\n\n## Environment Variables\n\n### Global\n\n| Name | Description | Default |\n|-------------------------------|-----------------------------------------------------------------------------------------------------------------|----------------------------------------|\n| KEYFACTOR_HOSTNAME | Keyfactor Command hostname without protocol and port | |\n| KEYFACTOR_PORT | Keyfactor Command port | `443` |\n| KEYFACTOR_API_PATH | Keyfactor Command API Path | `KeyfactorAPI` |\n| KEYFACTOR_SKIP_VERIFY | Skip TLS verification when connecting to Keyfactor Command | `false` |\n| KEYFACTOR_CA_CERT | Either a file path or PEM encoded string to a CA certificate to trust when communicating with Keyfactor Command | |\n| KEYFACTOR_CLIENT_TIMEOUT | Timeout for HTTP client requests to Keyfactor Command | `60s` |\n| KEYFACTOR_AUTH_CONFIG_FILE | Path to a JSON file containing the authentication configuration | `$HOME/.keyfactor/command_config.json` |\n| KEYFACTOR_AUTH_CONFIG_PROFILE | Profile to use from the authentication configuration file | `default` |\n\n### Basic Auth\n\nCurrently `Basic Authentication` via `Active Directory` is the *ONLY* supported method of `Basic Authentication`.\n\n| Name | Description | Default |\n|--------------------|---------------------------------------------------------------------------------------------|---------|\n| KEYFACTOR_USERNAME | Active Directory username to authenticate to Keyfactor Command API | |\n| KEYFACTOR_PASSWORD | Password associated with Active Directory username to authenticate to Keyfactor Command API | |\n| KEYFACTOR_DOMAIN | Active Directory domain of user. Can be implied from username if it contains `@` or `\\\\` | |\n\n### oAuth Credentials\n\n| Name | Description | Default |\n|------------------------------|---------------------------------------------------------------------------------------------------------------------------------|----------|\n| KEYFACTOR_AUTH_CLIENT_ID | Keyfactor Auth Client ID | |\n| KEYFACTOR_AUTH_CLIENT_SECRET | Keyfactor Auth Client Secret | |\n| KEYFACTOR_AUTH_TOKEN_URL | URL to request an access token from Keyfactor Auth | |\n| KEYFACTOR_AUTH_SCOPES | Scopes to request when authenticating to Keyfactor Command API. Each scope MUST be separated by `,` | `openid` |\n| KEYFACTOR_AUTH_AUDIENCE | Audience to request when authenticating to Keyfactor Command API | |\n| KEYFACTOR_AUTH_ACCESS_TOKEN | Access token to use to authenticate to Keyfactor Command API. This can be supplied directly or generated via client credentials | |\n| KEYFACTOR_AUTH_CA_CERT | Either a file path or PEM encoded string to a CA certificate to use when connecting to Keyfactor Auth | |\n\n### kfutil specific\n\nAll the variables listed below need to be set in your environment. The `kfutil` command will look for these variables\nand use them if they are set.\n\n| Variable Name | Description |\n|---------------|-------------------------------------------------------|\n| KFUTIL_EXP | Set to `1` or `true` to enable experimental features. |\n| KFUTIL_DEBUG | Set to `1` or `true` to enable debug logging. |\n\n### Linux/MacOS:\n\nBelow are examples of setting the environment variables in Linux/MacOS to be used with `kfutil`.\n\n#### Active Directory Basic Authentication\n\nThis is the minimum required configuration to authenticate to Keyfactor Command using Active Directory username,\npassword auth.\n```bash\nexport KEYFACTOR_HOSTNAME=\"\u003cmykeyfactorhost.mydomain.com\u003e\"\nexport KEYFACTOR_USERNAME=\"\u003cmyusername\u003e\"\nexport KEYFACTOR_PASSWORD=\"\u003cmypassword\u003e\"\nexport KEYFACTOR_DOMAIN=\"\u003cmykeyfactordomain\u003e\" # Optional if username contains domain\n```\n\n#### oAuth Client Credentials\n\nThis is the minimum required configuration to authenticate to Keyfactor Command using oAuth client credentials.\n```bash\nexport KEYFACTOR_HOSTNAME=\"\u003cmykeyfactorhost.mydomain.com\u003e\"\nexport KEYFACTOR_AUTH_CLIENT_ID=\"\u003cmy-oauth2-client-id\"\nexport KEYFACTOR_AUTH_CLIENT_SECRET=\"\u003cmy-oauth2-client-secret\u003e\"\nexport KEYFACTOR_AUTH_TOKEN_URL=\"\u003cmykeyfactorhost.mydomain.com\u003e/protocol/openid-connect/token\"\n```\n\n#### oAuth Access Token\n\nThis is the minimum required configuration to authenticate to Keyfactor Command using an access token.\n\n```bash\nexport KEYFACTOR_HOSTNAME=\"\u003cmykeyfactorhost.mydomain.com\u003e\"\nexport KEYFACTOR_AUTH_ACCESS_TOKEN=\"\u003cmy-access-token\u003e\"\n```\n\n#### Additional variables\n\n```bash\nexport KEYFACTOR_API_PATH=\"/KeyfactorAPI\" # Defaults to /KeyfactorAPI if not set ex. my.domain.com/KeyfactorAPI\nexport KEYFACTOR_CA_CERT=\"/path/to/ca.crt\" # Optional\nexport KEYFACTOR_SKIP_VERIFY=0 # Set to 1 or true to skip TLS certificate verification. This is NOT recommended for production.\nexport KFUTIL_EXP=0 # Set to 1 or true to enable experimental features. This is NOT recommended for production.\nexport KFUTIL_DEBUG=0 # Set to 1 or true to enable debug logging. This is NOT recommended for production.\n```\n\n### Windows Powershell:\n\nBelow are examples of setting the environment variables in Windows Powershell to be used with `kfutil`.\n\n#### Active Directory Basic Authentication\n\nThis is the minimum required configuration to authenticate to Keyfactor Command using Active Directory username,\npassword auth.\n\n```powershell\n$env:KEYFACTOR_HOSTNAME = \"\u003cmykeyfactorhost.mydomain.com\u003e\"\n$env:KEYFACTOR_USERNAME = \"\u003cmyusername\u003e\" # Do not include domain\n$env:KEYFACTOR_PASSWORD = \"\u003cmypassword\u003e\"\n$env:KEYFACTOR_DOMAIN = \"\u003cmykeyfactordomain\u003e\"\n```\n\n#### oAuth Client Credentials\n\nThis is the minimum required configuration to authenticate to Keyfactor Command using client credentials.\n\n```powershell\n$env:KEYFACTOR_HOSTNAME = \"\u003cmykeyfactorhost.mydomain.com\u003e\"\n$env:KEYFACTOR_AUTH_CLIENT_ID = \"\u003cmy-oauth2-client\u003e\"\n$env:KEYFACTOR_AUTH_CLIENT_SECRET = \"\u003cmy-oauth2-client-secret\u003e\"\n$env:KEYFACTOR_AUTH_TOKEN_URL = \"\u003cmykeyfactorhost.mydomain.com\u003e/protocol/openid-connect/token\"\n```\n\n#### oAuth Access Token\n\nThis is the minimum required configuration to authenticate to Keyfactor Command using an access token.\n\n```powershell\n$env:KEYFACTOR_HOSTNAME = \"\u003cmykeyfactorhost.mydomain.com\u003e\"\n$env:KEYFACTOR_AUTH_ACCESS_TOKEN = \"\u003cmy-access-token\u003e\"\n```\n\n#### Additional variables:\n\n```bash\n$env:KEYFACTOR_API_PATH=\"/KeyfactorAPI\" # Defaults to /KeyfactorAPI if not set ex. my.domain.com/KeyfactorAPI\n$env:KFUTIL_EXP=0 # Set to 1 or true to enable experimental features\n$env:KFUTIL_DEBUG=0 # Set to 1 or true to enable debug logging\n```\n\n## Authentication Providers\n\n`kfutil` supports the following authentication providers in order of precedence:\n\n| Provider Type | Description |\n|------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| Azure Key Vault via Azure ID | This provider will read the Keyfactor Command credentials from Azure Key Vault. For more info review the [auth providers](docs/auth_providers.md#azure-key-vault) docs. |\n| Environment | This provider will read the Keyfactor Command credentials from the environment variables listed above. |\n| File | This is the default provider. It will read the credentials from a file on disk at `$HOME/.keyfactor/command_config.json` |\n| User Interactive | This provider will prompt the user for their credentials. |\n\n## Commands\n\n### Login\n\nFor full documentation on the `login` command, see the [login](docs/kfutil_login.md) documentation.\n\n*WARNING* - The `login` command will store your Keyfactor credentials in a file on your local machine. This file is not\nencrypted and is not secure. It is recommended that you use the `login` command only on your local machine and not on a\nshared machine. Instead of using the `login` command, you can set the environmental variables listed above.\n\n```bash\nkfutil login\n```\n\n### Logout\n\nFor full documentation on the `logout` command, see the [logout](docs/kfutil_logout.md) documentation.\n\n*WARNING* - This will delete the file containing your Keyfactor credentials at `$HOME/.keyfactor/command_config.json`.\n\n```bash\nkfutil logout\n```\n\n### Bulk operations\n\n#### Bulk create cert stores\n\nFor full documentation, see [stores import](docs/kfutil_stores_import.md).\n\nThis will attempt to process a CSV input file of certificate stores to create. The template can be generated by\nrunning: `kfutil stores import generate-template` command.\n\n```bash\nkfutil stores import create --file \u003cfile name to import\u003e --store-type-id \u003cstore type id\u003e --store-type-name \u003cstore type name\u003e --results-path \u003cfilepath for results\u003e --dry-run \u003ccheck fields only\u003e [flags]\n```\n\n```bash\nkfutil stores import --help\nTool for generating import templates and importing certificate stores\n\nUsage:\n kfutil stores import [command]\n\nAvailable Commands:\n create Create certificate stores\n generate-template For generating a CSV template with headers for bulk store creation.\n\nFlags:\n -h, --help help for import\n\nUse \"kfutil stores import [command] --help\" for more information about a command.\n```\n\n#### Bulk create cert store types\n\nFor full documentation, see [store-types](docs/kfutil_store-types.md).\n\nThis will attempt to process a CSV input file of certificate store types to create. The template can be generated by\nrunning: `kfutil generate-template --type bulk-certstore-types` command.\n\n```bash\nkfutil store-types create --name $STORE_TYPE_NAME\n```\n\n```bash\nkfutil store-types --help \nA collections of APIs and utilities for interacting with Keyfactor Command certificate store types.\n\nUsage:\n kfutil store-types [command]\n\nAvailable Commands:\n create Create a new certificate store type in Keyfactor Command.\n delete Delete a specific store type by ID.\n get Get a specific store type by either name or ID.\n list List certificate store types.\n templates-fetch Fetches store type templates from Keyfactor's Github.\n update Update a certificate store type in Keyfactor.\n\nFlags:\n -h, --help help for store-types\n\nUse \"kfutil store-types [command] --help\" for more information about a command.\n```\n\n### Root of Trust\n\nFor full documentation, see [stores rot](docs/kfutil_stores_rot.md).\n\nThe root of trust (rot) utility is a tool that allows you to bulk manage Keyfactor certificate stores and ensure that a\nset of defined certificates are present in each store that meets a certain set of criteria or no criteria at all.\n\n#### Root of Trust Quickstart\n\n```bash\necho \"Generating cert template file certs_template.csv\"\nkfutil stores rot generate-template --type certs\n# edit the certs_template.csv file\necho \"Generating stores template file stores_template.csv\"\nkfutil stores rot generate-template --type stores\n# edit the stores_template.csv file\nkfutil stores rot audit --add-certs certs_template.csv --stores stores_template.csv #This will audit the stores and generate a report file\n# review/edit the report file generated `rot_audit.csv`\nkfutil stores rot reconcile --import-csv\n# Alternatively this can be done in one step\nkfutil stores rot reconcile --add-certs certs_template.csv --stores stores_template.csv\n```\n\n#### Generate Certificate List Template\n\nFor full documentation, see [stores rot generate template](docs/kfutil_stores_rot_generate-template.md).\n\nThis will write the file `certs_template.csv` to the current directory.\n\n```bash\nkfutil stores rot generate-template --type certs\n```\n\n#### Generate Certificate Store List Template\n\nFor full documentation, see [stores rot generate template](docs/kfutil_stores_rot_generate-template.md).\n\nThis will write the file `stores_template.csv` to the current directory. For full documentation\n\n```bash\nkfutil stores rot generate-template --type stores\n```\n\n#### Run Root of Trust Audit\n\nFor full documentation, see [stores rot audit](docs/kfutil_stores_rot_audit.md).\n\nAudit will take in a list of certificates and a list of certificate stores and check that the certificate store's\ninventory either contains the certificate or does not contain the certificate based on the `--add-certs` and\n`--remove-certs` flags. These flags can be used together or separately. The aforementioned flags take in a path to CSV\nfiles containing a list of certificate thumbprints. To generate a template for these files, run the following command:\n\n```bash\nkfutil stores rot generate-template --type certs\n```\n\nTo prepopulate the template file you can provide `--cn` multiple times.\n\n```bash\nkfutil stores rot generate-template --type certs \\\n --cn \u003ccert subject name\u003e \\\n --cn \u003cadditional cert subject name\u003e\n```\n\nIn addition, you must provide a list of stores you wish to audit. To generate a template for this file, run the\nfollowing\ncommand:\n\n```bash\nkfutil stores rot generate-template --type stores\n```\n\nTo prepopulate the template file you can provide `--store-type` and `--container-type` multiple times.\n\n```bash\nkfutil stores rot generate-template --type stores \\\n --store-type \u003cstore type name\u003e \\\n --store-type \u003cadditional store type name\u003e \\\n --container-type \u003ccontainer type name\u003e \\\n --container-type \u003cadditional container type name\u003e\n```\n\nWith all the files generated and populated, you can now run the audit command:\n\n```bash\nkfutil stores rot audit \\\n --stores stores_template.csv \\\n --add-certs certs_template.csv \\\n --remove-certs certs_template2.csv\n```\n\nThis will generate an audit file that contains the results of the audit and actions that will be taken if `reconcile` is\nexecuted. By default, the audit file will be named `rot_audit.csv` and will be written to the current directory. To\noutput\nthe audit file to a different location, use the `--output` flag:\n\n```bash\nkfutil stores rot audit \\\n --stores stores.csv \\\n --add-certs addCerts.csv \\\n --remove-certs removeCerts.csv \\\n --output /path/to/output/autdit_file.csv\n```\n\n#### Run Root of Trust Reconcile\n\nFor full documentation, see [stores rot](docs/kfutil_stores_rot_reconcile.md).\n\nReconcile will take in a list of certificates and a list of certificate stores and check that the certificate store's\ninventory either contains the certificate or does not contain the certificate based on the `--add-certs` and\n`--remove-certs` flags. These flags can be used together or separately. The aforementioned flags take in a path to CSV\nfiles containing a list of certificate thumbprints. To generate a template for these files, run the following command:\n\n```bash\nkfutil stores rot generate-template --type certs\n```\n\nTo pre-populate the template file you can provide `--cn` multiple times.\n\n```bash\nkfutil stores rot generate-template --type certs \\\n --cn \u003ccert subject name\u003e \\\n --cn \u003cadditional cert subject name\u003e\n```\n\nIn addition, you must provide a list of stores you wish to reconcile. To generate a template for this file, run the\nfollowing\ncommand:\n\n```bash\nkfutil stores rot generate-template --type stores\n```\n\nTo pre-populate the stores template file you can provide multiple values in any combination of the following flags:\n\n```bash\nkfutil stores rot generate-template --type stores \\\n --store-type \u003cstore type name\u003e \\\n --store-type \u003cadditional store type name\u003e \\\n --container-type \u003ccontainer type name\u003e \\\n --container-type \u003cadditional container type name\u003e\n```\n\nWith all the files generated and populated, you can now run the reconcile command:\n\n```bash\nkfutil stores rot reconcile \\\n --stores stores_template.csv \\\n --add-certs certs_template.csv \\\n --remove-certs certs_template2.csv\n```\n\nThis will generate an audit file that contains the results of the audit and actions will immediately execute those\nactions.\nBy default, the reconcile file will be named `rot_audit.csv` and will be written to the current directory. To output\nthe reconcile file to a different location, use the `--output` flag:\n\n```bash\nkfutil stores rot reconcile \\\n --stores stores.csv \\\n --add-certs addCerts.csv \\\n --remove-certs removeCerts.csv \\\n --output /path/to/output/audit_file.csv\n```\n\nAlternatively you can provide an audit CSV file as an input to the reconcile command using the `--import-csv` flag:\n\n```bash\nkfutil stores rot reconcile \\\n --import-csv /path/to/audit_file.csv\n```\n\n### Certificate Store Inventory\n\nFor full documentation, see [stores inventory](docs/kfutil_stores_inventory.md).\n\n#### Show the inventory of a certificate store\n\nFor full documentation, see [stores inventory show](docs/kfutil_stores_inventory_show.md).\n\n```bash\n# Show by store ID:\n```bash\nkfutil stores inventory show --sid \u003cstore id\u003e\n\n# Nested command lookup: shows inventory of first cert store found\nkfutil stores inventory show \\\n --sid $(kfutil stores list | jq -r \".[0].Id\")\n```\n\nShow by client machine name:\n\n```bash\nkfutil stores inventory show --client \u003cmachine name\u003e\n\n# Nested command lookup: shows inventory of first cert store found\nkfutil stores inventory show \\\n --client $(kfutil orchs list | jq -r \".[0].ClientMachine\")\n```\n\n#### Add certificates to certificate stores\n\nFor full documentation, see [stores inventory add](docs/kfutil_stores_inventory_add.md).\n\n```bash\n# Add 2 certs to 2 certificate stores\nkfutil stores inventory add \\\n --sid \u003cstore id\u003e \\\n --sid \u003cadditional store id\u003e \\\n --cn \u003ccert subject name\u003e \\\n --cn \u003cadditional cert subject name\u003e\n```\n\n#### Remove certificates from certificate stores\n\nFor full documentation, see [stores inventory remove](docs/kfutil_stores_inventory_remove.md).\n\n```bash\n# Remove 2 certs from all stores associated with a client machine\nkfutil stores inventory remove \\\n --client \u003cmachine name\u003e \\\n --cn \u003ccert subject name\u003e \\\n --cn \u003cadditional cert subject name\u003e\n```\n\n## Development\n\nThis CLI developed using [cobra](https://umarcor.github.io/cobra/)\n\n### Adding a new command\n\n```bash\ncobra-cli add \u003cmy-new-command\u003e\n```\n\nalternatively you can specify the parent command\n\n```bash\ncobra-cli add \u003cmy-new-command\u003e -p '\u003cparent\u003eCmd'\n```\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkeyfactor%2Fkfutil","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkeyfactor%2Fkfutil","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkeyfactor%2Fkfutil/lists"}