Works on every stack both locally and in production. Effortlessly scales with you as your team and products grow.
Say goodbye to ENV files, copy/pasting, and sharing secrets over email and Slack.
When developing locally the command line tool smartly fetches the right secrets for your application depending on where you are in the filesystem. When a secret is changed, your application will have it on the next run.
Just about everything in Doppler can be managed through the API and Doppler CLI. If your infrastructure is built with Terraform, shell scripts, or any other infra-as-code, Doppler plays nicely with your build environment.
Our Docker images come packaged with the CLI and other core dependencies like Node.
We keep your data safe by using end-to-end encrypted communication channels, encrypting data at rest, and by ensuring our infrastructure never has direct access to your secrets.
With high availability mode enabled by default, the Doppler CLI will also automatically create encrypted fallback files.
Every change in Enclave is captured through an audit log. These audit logs create a complete picture of history for a given config.
If you ever need to rollback a change, you can do it in a single click in the dashboard or one command in the Doppler CLI.
Worried an outage can bring you down? At every layer in the Enclave stack there is high availability built-in. Our databases run in high availability clusters. The applications serving requests runs on multiple infrastructures, and the Doppler CLI automatically creates encrypted fallback files on every run which are used if you are unable to reach the API.Learn more about high availability
Strictly control who can access your Enclave projects and secrets with a granular access control list (ACL).
You can also limit access to a set of trusted IP addresses per config. Read-only service tokens also help reduce exposure when retrieving secrets in staging and production environments.