Secrets Manager

Your central source of truth from local development to production for every language, stack, and infrastructure.

Powering Forward-thinking Companies

Meet Enclave

Enclave is different. Unlike other partial solutions, our Universal Secrets Manager is your team's central source of truth for secrets across every language, every stage of the development lifecycle, and every infrastructure provider.

Your secrets matter. They are the literal keys to your business. So why safe-guard your secrets with partial solutions that are cumbersome to the point of being unusable, limited in scope, and lend themselves to human error?  

When you switch to our Universal Secrets Manager you can develop locally with the confidence that comes from best in class security, guaranteed high availability, and robust versioning.

Get started for free

Develop Locally

Say goodbye to ENV files, copy/pasting, and sharing secrets over email, Slack, and git.

When developing locally our command line tool smartly fetches the right secrets for your application depending on where you are in the filesystem. Change a few secrets and all your applications will have it on their next run.

Install the Doppler CLI


It is an honor to be entrusted with your sensitive data and we take that responsibility very seriously.

We keep your data safe by using end-to-end encrypted communication channels, encrypting data at rest, and ensuring our infrastructure never has direct access to your secrets.

Our internal tools do not and will never have a "God Mode". We also strictly enforce least privilege which means our employees only have access to exactly what they need to perform their duties.

Learn how we think about security

High Availability

Worried an outage can bring you down? At every layer in the Enclave stack there is high availability built-in. Our databases run in high availability clusters. The applications serving requests run on multiple infrastructures, and the Doppler CLI automatically creates encrypted fallback files which are used if you are unable to reach the API.

Visit our live status page

Access Controls

Strictly control who can access your Enclave projects and secrets with a granular access control list (ACL).

You can also limit access to a set of trusted IP addresses per config. Read-only service tokens also help reduce exposure when retrieving secrets in staging and production environments.

Learn more about permissions 

Heroku Sync

Are your apps running on Heroku? We can sync the secrets in Enclave with the config vars in your Heroku apps.

With two-way sync Enclave knows when a Heroku addon like Redis is provisioned. Adding a secret in Enclave will automatically sync with Heroku and immediately restart your app with the new secrets.

Learn more about Heroku sync 


Every change in Enclave is captured through an audit log. These audit logs create a complete picture of history for a given config.

If you ever need to rollback a change, you can do it in a single click in the dashboard or one command in the Doppler CLI.

Learn more about versioning 


Just about everything in Enclave can be managed through the API and Doppler CLI. If your infrastructure is built with Terraform, shell scripts, or any other infra-as-code, Doppler plays nicely with your build environment.

Our Docker images come packaged with the CLI and other dependencies like Node, Python, and Ruby.

Explore the Doppler CLI

Wall of Love

Trusted by forward-thinking companies, we do all that we can to make our customers successful, and we love sharing their stories.
"Doppler is Snackpass’s trusted store of secrets. Setting up Enclave as our secrets manager across all our dev machines, CI, and production environments was a breeze."
Udit Jain
"As a small team with limited resources, we have a million things on our plate, and never enough time. Doppler has made it extremely simple to manage our secrets and onboard new employees. That's one less thing to worry about!"
Courtland Allen
Founder at Indie Hackers
"As a Fintech company, security and reliability are paramount. Doppler has been critical in maintaining the integrity of our secrets while being extremely easy to use. It’s easily the best secrets management tool I’ve ever used and integrating it into our CI/CD pipeline was a breeze."
Kenan Pulak
"Doppler was easy to adopt as a growing team. Recently, we passed through the security benefits Doppler offers to close a large enterprise customer. It has helped us build security best practice into our company and make more money."
Roger Kirkness
"Doppler is a foundational part of our dev, staging, and production infrastructure. Once you start using it, it's hard to go back. Doppler not only manages our secrets, but also various constants we want to share across our fleet. We were accustomed to using similar infrastructure while at Facebook, and we're glad to have Doppler fill that gap without having to build it ourselves."
Ivan Kanevski
"Doppler's secrets manager is not only secure but also improves the productivity of our engineers. It is a joy to work with, and it also provides robust security to our (CI/CD) pipelines."
Jermaine Watkins
"Doppler makes working on a distributed schedule super easy. Any team member can add or change keys without needing to worry about syncing up with the rest of the team."
Emil Sjölander
"Doppler helps me sleep better at night knowing our secrets are managed and safe. As we've scaled and added engineers as well as third party contractors, keeping everyone on the same page and making sure nothing leaks was crucial and with Doppler it was a breeze. Haven't had a single issue with keys since we signed on - which says a lot!"
Abhi Nayar
"Doppler is a game-changer for Kopa. We use it for securely storing our secrets as well as managing our environment variables for our client apps. The ability to add, remove and update these variables simply and safely has helped us improve our processes and security immensely."
Zach Waterfield
"Doppler was a game-changer for us... Having a secrets manager with a beautiful dashboard and an amazing command-line tool greatly increased the productivity of our engineers."
Michael McCarthy
"One of our favorite developer tools is Doppler! We love them because any member of the team can quickly switch environments to different servers to debug issues quickly."
Boateng Opoku-Yeboah
"Doppler has enabled our team to achieve more while worrying less. Onboarding engineers and projects is now a breeze and we feel safe with Doppler's attention to detail and high standards for security."
Gavin Mai

Thoughts by the Doppler team...

Build vs Manual vs Buy
Maximize value while lowering cost by picking the right secrets manager early on.
Focusing Doppler
A lesson learned building a second product too early and for the wrong reasons.
Goodbye ENV Files
What are ENV files and why as an industry should we move away from them?