From local development to production, we work on every stack, scaling with you as your team and products grow.
Enclave is Doppler's secrets manager and your team's source of truth for secrets. From local development to production, on every stack, and across all infrastructure providers.
We keep your data safe by using end-to-end encrypted communication channels, encrypting data at rest, and by ensuring our infrastructure never has direct access to your secrets.
Say goodbye to ENV files, copy/pasting, and sharing secrets over email and Slack.
When developing locally the command line tool smartly fetches the right secrets for your application depending on where you are in the filesystem. When a secret is changed, your application will have it on the next run.
Just about everything in Enclave can be managed through the API and Doppler CLI. If your infrastructure is built with Terraform, shell scripts, or any other infra-as-code, Doppler plays nicely with your build environment.
Our Docker images come packaged with the CLI and other core dependencies like Node.
Every change in Enclave is captured through an audit log. These audit logs create a complete picture of history for a given config.
If you ever need to rollback a change, you can do it in a single click in the dashboard or one command in the Doppler CLI.
Worried an outage can bring you down? At every layer in the Enclave stack there is high availability built-in. Our databases run in high availability clusters. The applications serving requests runs on multiple infrastructures, and the Doppler CLI automatically creates encrypted fallback files on which are used if you are unable to reach the API.Learn more about high availability
Strictly control who can access your Enclave projects and secrets with a granular access control list (ACL).
You can also limit access to a set of trusted IP addresses per config. Read-only service tokens also help reduce exposure when retrieving secrets in staging and production environments.