<!DOCTYPE html><html lang="en" class="dark"><head><meta charSet="utf-8"/><meta name="viewport" content="width=device-width"/><link rel="apple-touch-icon" type="image/png" sizes="180x180" href="https://mintlify.s3-us-west-1.amazonaws.com/infisical/_generated/favicon/apple-touch-icon.png?v=3"/><link rel="icon" type="image/png" sizes="32x32" href="https://mintlify.s3-us-west-1.amazonaws.com/infisical/_generated/favicon/favicon-32x32.png?v=3"/><link rel="icon" type="image/png" sizes="16x16" href="https://mintlify.s3-us-west-1.amazonaws.com/infisical/_generated/favicon/favicon-16x16.png?v=3"/><link rel="shortcut icon" type="image/x-icon" href="https://mintlify.s3-us-west-1.amazonaws.com/infisical/_generated/favicon/favicon.ico?v=3"/><meta name="msapplication-config" content="https://mintlify.s3-us-west-1.amazonaws.com/infisical/_generated/favicon/browserconfig.xml?v=3"/><meta name="apple-mobile-web-app-title" content="Infisical"/><meta name="application-name" content="Infisical"/><meta name="msapplication-TileColor" content="#26272b"/><meta name="theme-color" content="#ffffff"/><link rel="sitemap" type="application/xml" href="/docs/sitemap.xml"/><meta name="charset" content="utf-8"/><meta name="og:type" content="website"/><meta name="og:site_name" content="Infisical"/><meta name="twitter:card" content="summary_large_image"/><meta name="og:title" content="AWS Auth - Infisical"/><meta name="twitter:title" content="AWS Auth - Infisical"/><meta name="og:description" content="Learn how to authenticate with Infisical for EC2 instances, Lambda functions, and other IAM principals."/><meta name="description" content="Learn how to authenticate with Infisical for EC2 instances, Lambda functions, and other IAM principals."/><meta name="image" property="og:image" content="https://mintlify.com/docs/api/og?division=Documentation&amp;mode=light&amp;title=AWS+Auth&amp;description=Learn+how+to+authenticate+with+Infisical+for+EC2+instances%2C+Lambda+functions%2C+and+other+IAM+principals.&amp;logoLight=https%3A%2F%2Fmintlify.s3.us-west-1.amazonaws.com%2Finfisical%2Flogo%2Flight.svg&amp;logoDark=https%3A%2F%2Fmintlify.s3.us-west-1.amazonaws.com%2Finfisical%2Flogo%2Fdark.svg&amp;primaryColor=%2326272b&amp;lightColor=%2397b31d&amp;darkColor=%23A1B659"/><meta property="og:image:width" content="1200"/><meta property="og:image:height" content="630"/><meta name="twitter:image" property="twitter:image" content="https://mintlify.com/docs/api/og?division=Documentation&amp;mode=light&amp;title=AWS+Auth&amp;description=Learn+how+to+authenticate+with+Infisical+for+EC2+instances%2C+Lambda+functions%2C+and+other+IAM+principals.&amp;logoLight=https%3A%2F%2Fmintlify.s3.us-west-1.amazonaws.com%2Finfisical%2Flogo%2Flight.svg&amp;logoDark=https%3A%2F%2Fmintlify.s3.us-west-1.amazonaws.com%2Finfisical%2Flogo%2Fdark.svg&amp;primaryColor=%2326272b&amp;lightColor=%2397b31d&amp;darkColor=%23A1B659"/><meta name="twitter:card" property="twitter:card" content="summary_large_image"/><meta property="twitter:image:width" content="1200"/><meta property="twitter:image:height" content="630"/><title>AWS Auth - Infisical</title><meta name="og:url" content="/docs/documentation/platform/identities/aws-auth"/><link rel="canonical" href="/docs/documentation/platform/identities/aws-auth"/><meta name="next-head-count" content="30"/><link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/katex@0.16.0/dist/katex.min.css" integrity="sha384-Xi8rHCmBmhbuyyhbI88391ZKP2dmfnOl4rT9ZfRI7mLTdk1wblIUnrIq35nqwEvC" crossorigin="anonymous"/><link rel="preload" href="/docs/_next/static/media/a34f9d1faa5f3315-s.p.woff2" as="font" type="font/woff2" crossorigin="anonymous" data-next-font="size-adjust"/><link rel="preload" href="/docs/_next/static/media/bb3ef058b751a6ad-s.p.woff2" as="font" type="font/woff2" crossorigin="anonymous" data-next-font="size-adjust"/><script id="mode-toggle" data-nscript="beforeInteractive"> try { if (localStorage.isDarkMode === 'true') { document.documentElement.classList.add('dark'); } else if (localStorage.isDarkMode === 'false') { document.documentElement.classList.remove('dark'); } else if ((false && !('isDarkMode' in localStorage) && window.matchMedia('(prefers-color-scheme: dark)').matches) || false) { document.documentElement.classList.add('dark'); } else { document.documentElement.classList.remove('dark'); } } catch (_) {}</script><link rel="preload" href="/docs/_next/static/css/bd725d9acf3a0d26.css" as="style"/><link rel="stylesheet" href="/docs/_next/static/css/bd725d9acf3a0d26.css" data-n-g=""/><noscript data-n-css=""></noscript><script defer="" nomodule="" src="/docs/_next/static/chunks/polyfills-42372ed130431b0a.js"></script><script src="/docs/_next/static/chunks/webpack-2930143a581b7923.js" defer=""></script><script src="/docs/_next/static/chunks/framework-9ae01a5f4ade81f5.js" defer=""></script><script src="/docs/_next/static/chunks/main-8a1046ec06751e09.js" defer=""></script><script src="/docs/_next/static/chunks/pages/_app-9a586e618e7e4641.js" defer=""></script><script src="/docs/_next/static/chunks/2edb282b-a83f7ffd007bccf0.js" defer=""></script><script src="/docs/_next/static/chunks/e893f787-f6a1094a35763a0d.js" defer=""></script><script src="/docs/_next/static/chunks/086d643d-6f7196a364073d16.js" defer=""></script><script src="/docs/_next/static/chunks/9097-597bce25a41f76db.js" defer=""></script><script src="/docs/_next/static/chunks/7669-b7b6e74eb838f0fc.js" defer=""></script><script src="/docs/_next/static/chunks/7610-e463a3dc6ba2cbb8.js" defer=""></script><script src="/docs/_next/static/chunks/4207-30ba6f75f741a33d.js" defer=""></script><script src="/docs/_next/static/chunks/pages/_sites/%5Bsubdomain%5D/%5B%5B...slug%5D%5D-6d672b807a524689.js" defer=""></script><script src="/docs/_next/static/975QXHH-delYr8Bi2SqIf/_buildManifest.js" defer=""></script><script src="/docs/_next/static/975QXHH-delYr8Bi2SqIf/_ssgManifest.js" defer=""></script><style id="__jsx-3178852779">:root{--font-inter:'__Inter_c8d9fa', '__Inter_Fallback_c8d9fa';--font-jetbrains-mono:'__JetBrains_Mono_ea4744', '__JetBrains_Mono_Fallback_ea4744'}</style></head><div id="__next"><main class="jsx-3178852779"><style>:root { --primary: 38 39 43; --primary-light: 151 179 29; --primary-dark: 161 182 89; --background-light: 255 255 255; --background-dark: 13 17 23; --gray-50: 244 244 244; --gray-100: 239 239 239; --gray-200: 223 223 223; --gray-300: 207 207 207; --gray-400: 159 159 159; --gray-500: 113 113 113; --gray-600: 81 81 81; --gray-700: 63 63 63; --gray-800: 38 38 38; --gray-900: 23 23 24; --gray-950: 11 11 11; }</style><style>#navbar .max-w-8xl { max-width: 100%; border-bottom: 1px solid #ebebeb; background-color: #F4F3EF; } .max-w-8xl { /* background-color: #f5f5f5; */ } #sidebar { left: 0; padding-right: 30px; border-right: 1px; border-color: #cdd64b; background-color: #F4F3EF; border-right: 1px solid #ebebeb; } #sidebar-content { padding-left: 2rem; } #sidebar .relative .sticky { opacity: 0; } #sidebar li > div.mt-2 { border-radius: 0; padding: 5px; } #sidebar li > a.text-primary { border-radius: 0; background-color: #FBFFCC; border-left: 4px solid #EFFF33; padding: 5px; } #sidebar li > a.mt-2 { border-radius: 0; padding: 5px; } #sidebar li > a.leading-6 { border-radius: 0; padding: 0px; } /* #sidebar ul > div.mt-12 { padding-top: 30px; position: relative; } #sidebar ul > div.mt-12 h5 { position: absolute; left: -12px; top: -0px; } */ #header { border-left: 4px solid #EFFF33; padding-left: 16px; padding-right: 16px; background-color: #FDFFE5; padding-bottom: 10px; padding-top: 10px; } #content-area .mt-8 .block{ border-radius: 0; border-width: 1px; background-color: #FCFBFA; border-color: #ebebeb; } /* #content-area:hover .mt-8 .block:hover{ border-radius: 0; border-width: 1px; background-color: #FDFFE5; border-color: #EFFF33; } */ #content-area .mt-8 .rounded-xl{ border-radius: 0; } #content-area .mt-8 .rounded-lg{ border-radius: 0; } #content-area .mt-6 .rounded-xl{ border-radius: 0; } #content-area .mt-6 .rounded-lg{ border-radius: 0; } #content-area .mt-6 .rounded-md{ border-radius: 0; } #content-area .mt-8 .rounded-md{ border-radius: 0; } #content-area div.my-4{ border-radius: 0; border-width: 1px; } #content-area div.flex-1 { /* text-transform: uppercase; */ opacity: 0.8; font-weight: 400; } #content-area button { border-radius: 0; } #content-area a { border-radius: 0; } #content-area .not-prose { border-radius: 0; } /* .eyebrow { text-transform: uppercase; font-weight: 400; color: red; } */ #content-container { /* background-color: #f5f5f5; */ margin-top: 2rem; } #topbar-cta-button .group .absolute { background-color: black; border-radius: 0px; } /* #topbar-cta-button .group .absolute:hover { background-color: white; border-radius: 0px; } */ #topbar-cta-button .group .flex { margin-top: 5px; margin-bottom: 5px; font-size: medium; } .flex-1 .flex .items-center { /* background-color: #f5f5f5; */ } </style><span class="fixed inset-0 bg-background-light dark:bg-background-dark -z-10"></span><span class="block absolute dark:hidden inset-0 overflow-hidden"></span><span class="hidden absolute dark:block inset-0 overflow-hidden"></span><div class="relative antialiased text-gray-500 dark:text-gray-400"><div id="navbar" class="z-30 fixed lg:sticky top-0 w-full"><div id="navbar-transition" class="absolute w-full h-full backdrop-blur flex-none transition-colors duration-500 border-b border-gray-500/5 dark:border-gray-300/[0.06] supports-backdrop-blur:bg-background-light/60 dark:bg-transparent"></div><div class="max-w-8xl mx-auto relative"><div class=""><div class="relative"><div class="flex items-center lg:px-12 h-16 min-w-0 mx-4 lg:mx-0"><div class="h-full relative flex-1 flex items-center gap-x-4 min-w-0 border-b border-gray-500/5 dark:border-gray-300/[0.06]"><div class="flex-1 flex items-center gap-x-4"><a href="https://infisical.com"><span class="sr-only">Infisical<!-- --> home page</span><img class="w-auto h-7 relative object-contain block dark:hidden" src="https://mintlify.s3.us-west-1.amazonaws.com/infisical/logo/light.svg" alt="light logo"/><img class="w-auto h-7 relative object-contain hidden dark:block" src="https://mintlify.s3.us-west-1.amazonaws.com/infisical/logo/dark.svg" alt="dark logo"/></a><div class="flex items-center gap-x-2"></div></div><button type="button" class="hidden lg:flex relative flex-1 pointer-events-auto rounded-xl w-full items-center text-sm leading-6 py-1.5 pl-3.5 pr-3 text-gray-400 dark:text-white/50 bg-background-light dark:bg-background-dark dark:brightness-[1.1] dark:ring-1 dark:hover:brightness-[1.25] ring-1 ring-gray-400/20 hover:ring-gray-600/25 dark:ring-gray-600/30 dark:hover:ring-gray-500/30 focus:outline-primary justify-between truncate gap-2 min-w-[43px] mx-px" id="search-bar-entry"><div class="flex items-center gap-3 min-w-[42px]"><svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-search min-w-4 flex-none text-gray-700 hover:text-gray-800 dark:text-gray-300 hover:dark:text-gray-200"><circle cx="11" cy="11" r="8"></circle><path d="m21 21-4.3-4.3"></path></svg><div class="truncate min-w-0">Search or ask...</div></div></button><div class="flex-1 relative hidden lg:flex items-center ml-auto justify-end space-x-4"><nav class="text-sm"><ul class="flex space-x-6 items-center"><li><a href="https://app.infisical.com/login" class="whitespace-nowrap font-medium text-gray-600 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" target="_blank">Log In</a></li><li class="block lg:hidden"><a class="whitespace-nowrap font-medium text-gray-600 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" href="https://app.infisical.com/signup">Start for Free</a></li><li class="whitespace-nowrap hidden lg:flex" id="topbar-cta-button"><a target="_blank" class="group px-4 py-1.5 relative inline-flex items-center text-sm font-medium" href="https://app.infisical.com/signup"><span class="absolute inset-0 bg-primary-dark rounded-full group-hover:opacity-[0.9]"></span><div class="mr-0.5 space-x-2.5 flex items-center"><span class="z-10 text-white">Start for Free</span><svg width="3" height="24" viewBox="0 -9 3 24" class="h-5 rotate-0 overflow-visible text-white/90"><path d="M0 0L3 3L0 6" fill="none" stroke="currentColor" stroke-width="1.5" stroke-linecap="round"></path></svg></div></a></li></ul></nav><div class="flex items-center"></div></div><div class="flex lg:hidden items-center gap-2"><button type="button" class="text-gray-500 w-8 h-8 flex items-center justify-center hover:text-gray-600 dark:text-gray-400 dark:hover:text-gray-300" id="search-bar-entry-mobile"><span class="sr-only">Search...</span><svg class="h-4 w-4 bg-gray-500 dark:bg-gray-400 hover:bg-gray-600 dark:hover:bg-gray-300" style="-webkit-mask-image:url(https://mintlify.b-cdn.net/v6.6.0/solid/magnifying-glass.svg);-webkit-mask-repeat:no-repeat;-webkit-mask-position:center;mask-image:url(https://mintlify.b-cdn.net/v6.6.0/solid/magnifying-glass.svg);mask-repeat:no-repeat;mask-position:center"></svg></button><button aria-label="More actions" class="h-7 w-5 flex items-center justify-end"><svg class="h-4 w-4 bg-gray-500 dark:bg-gray-400 hover:bg-gray-600 dark:hover:bg-gray-300" style="-webkit-mask-image:url(https://mintlify.b-cdn.net/v6.6.0/solid/ellipsis-vertical.svg);-webkit-mask-repeat:no-repeat;-webkit-mask-position:center;mask-image:url(https://mintlify.b-cdn.net/v6.6.0/solid/ellipsis-vertical.svg);mask-repeat:no-repeat;mask-position:center"></svg></button></div></div></div><div class="flex items-center h-14 py-4 px-5 lg:hidden"><button type="button" class="text-gray-500 hover:text-gray-600 dark:text-gray-400 dark:hover:text-gray-300"><span class="sr-only">Navigation</span><svg class="h-4" fill="currentColor" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><path d="M0 96C0 78.3 14.3 64 32 64H416c17.7 0 32 14.3 32 32s-14.3 32-32 32H32C14.3 128 0 113.7 0 96zM0 256c0-17.7 14.3-32 32-32H416c17.7 0 32 14.3 32 32s-14.3 32-32 32H32c-17.7 0-32-14.3-32-32zM448 416c0 17.7-14.3 32-32 32H32c-17.7 0-32-14.3-32-32s14.3-32 32-32H416c17.7 0 32 14.3 32 32z"></path></svg></button><div class="ml-4 flex text-sm leading-6 whitespace-nowrap min-w-0 space-x-3"><div class="flex items-center space-x-3"><span>Authentication Methods</span><svg width="3" height="24" viewBox="0 -9 3 24" class="h-5 rotate-0 overflow-visible fill-gray-400"><path d="M0 0L3 3L0 6" fill="none" stroke="currentColor" stroke-width="1.5" stroke-linecap="round"></path></svg></div><div class="font-semibold text-gray-900 truncate dark:text-gray-200">AWS Auth</div></div></div></div><div class="hidden lg:flex px-12 h-12"><div class="h-full flex text-sm space-x-6"><a class="group relative h-full flex items-center text-gray-800 dark:text-gray-200 font-semibold" href="/docs/documentation/getting-started/introduction">Documentation<div class="absolute bottom-0 h-[1.5px] w-full bg-primary dark:bg-primary-light"></div></a><a class="group relative h-full flex items-center font-medium text-gray-600 dark:text-gray-400 group-hover:text-gray-800 dark:group-hover:text-gray-300" href="/docs/integrations/platforms/kubernetes/overview">Integrations<div class="absolute bottom-0 h-[1.5px] w-full group-hover:bg-gray-200 dark:group-hover:bg-gray-700"></div></a><a class="group relative h-full flex items-center font-medium text-gray-600 dark:text-gray-400 group-hover:text-gray-800 dark:group-hover:text-gray-300" href="/docs/cli/overview">CLI<div class="absolute bottom-0 h-[1.5px] w-full group-hover:bg-gray-200 dark:group-hover:bg-gray-700"></div></a><a class="group relative h-full flex items-center font-medium text-gray-600 dark:text-gray-400 group-hover:text-gray-800 dark:group-hover:text-gray-300" href="/docs/api-reference/overview/introduction">API Reference<div class="absolute bottom-0 h-[1.5px] w-full group-hover:bg-gray-200 dark:group-hover:bg-gray-700"></div></a><a class="group relative h-full flex items-center font-medium text-gray-600 dark:text-gray-400 group-hover:text-gray-800 dark:group-hover:text-gray-300" href="/docs/sdks/overview">SDKs<div class="absolute bottom-0 h-[1.5px] w-full group-hover:bg-gray-200 dark:group-hover:bg-gray-700"></div></a><a class="group relative h-full flex items-center font-medium text-gray-600 dark:text-gray-400 group-hover:text-gray-800 dark:group-hover:text-gray-300" href="/docs/changelog/overview">Changelog<div class="absolute bottom-0 h-[1.5px] w-full group-hover:bg-gray-200 dark:group-hover:bg-gray-700"></div></a></div></div></div></div></div><div class="max-w-8xl px-4 mx-auto lg:px-8"><div class="z-20 hidden lg:block fixed bottom-0 right-auto w-[18rem] top-[7.1rem]" id="sidebar"><div class="absolute inset-0 z-10 stable-scrollbar-gutter overflow-auto pr-8 pb-10" id="sidebar-content"><div class="relative lg:text-sm lg:leading-6"><div class="sticky top-0 h-8 bg-gradient-to-b from-background-light dark:from-background-dark"></div><div id="navigation-items"><div class=""><h5 class="pl-4 mb-3.5 lg:mb-2.5 font-semibold text-gray-900 dark:text-gray-200">Getting Started</h5><ul><li id="/documentation/getting-started/introduction" class="scroll-m-4 first:scroll-m-20"><a class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem" href="/docs/documentation/getting-started/introduction"><div class="flex-1 flex items-center space-x-2.5"><div>What is Infisical?</div></div></a></li><li><div class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem"><div class="">Quickstart</div><svg width="8" height="24" viewBox="0 -9 3 24" class="transition-transform text-gray-400 overflow-visible group-hover:text-gray-600 dark:text-gray-600 dark:group-hover:text-gray-400 -mr-0.5"><path d="M0 0L3 3L0 6" fill="none" stroke="currentColor" stroke-width="1.5" stroke-linecap="round"></path></svg></div></li><li><div class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem"><div class="">Guides</div><svg width="8" height="24" viewBox="0 -9 3 24" class="transition-transform text-gray-400 overflow-visible group-hover:text-gray-600 dark:text-gray-600 dark:group-hover:text-gray-400 -mr-0.5"><path d="M0 0L3 3L0 6" fill="none" stroke="currentColor" stroke-width="1.5" stroke-linecap="round"></path></svg></div></li></ul></div><div class="mt-12 lg:mt-8"><h5 class="pl-4 mb-3.5 lg:mb-2.5 font-semibold text-gray-900 dark:text-gray-200">Platform</h5><ul><li id="/documentation/platform/organization" class="scroll-m-4 first:scroll-m-20"><a class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem" href="/docs/documentation/platform/organization"><div class="flex-1 flex items-center space-x-2.5"><div>Organizations</div></div></a></li><li id="/documentation/platform/project" class="scroll-m-4 first:scroll-m-20"><a class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem" href="/docs/documentation/platform/project"><div class="flex-1 flex items-center space-x-2.5"><div>Projects</div></div></a></li><li id="/documentation/platform/folder" class="scroll-m-4 first:scroll-m-20"><a class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem" href="/docs/documentation/platform/folder"><div class="flex-1 flex items-center space-x-2.5"><div>Folders</div></div></a></li><li><div class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem"><div class="">Secrets</div><svg width="8" height="24" viewBox="0 -9 3 24" class="transition-transform text-gray-400 overflow-visible group-hover:text-gray-600 dark:text-gray-600 dark:group-hover:text-gray-400 -mr-0.5"><path d="M0 0L3 3L0 6" fill="none" stroke="currentColor" stroke-width="1.5" stroke-linecap="round"></path></svg></div></li><li><div class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem"><div class="">Internal PKI</div><svg width="8" height="24" viewBox="0 -9 3 24" class="transition-transform text-gray-400 overflow-visible group-hover:text-gray-600 dark:text-gray-600 dark:group-hover:text-gray-400 -mr-0.5"><path d="M0 0L3 3L0 6" fill="none" stroke="currentColor" stroke-width="1.5" stroke-linecap="round"></path></svg></div></li><li id="/documentation/platform/ssh" class="scroll-m-4 first:scroll-m-20"><a class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem" href="/docs/documentation/platform/ssh"><div class="flex-1 flex items-center space-x-2.5"><div>Infisical SSH</div></div></a></li><li><div class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem"><div class="">Key Management (KMS)</div><svg width="8" height="24" viewBox="0 -9 3 24" class="transition-transform text-gray-400 overflow-visible group-hover:text-gray-600 dark:text-gray-600 dark:group-hover:text-gray-400 -mr-0.5"><path d="M0 0L3 3L0 6" fill="none" stroke="currentColor" stroke-width="1.5" stroke-linecap="round"></path></svg></div></li><li><div class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem"><div class="">KMS Configuration</div><svg width="8" height="24" viewBox="0 -9 3 24" class="transition-transform text-gray-400 overflow-visible group-hover:text-gray-600 dark:text-gray-600 dark:group-hover:text-gray-400 -mr-0.5"><path d="M0 0L3 3L0 6" fill="none" stroke="currentColor" stroke-width="1.5" stroke-linecap="round"></path></svg></div></li><li><div class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem"><div class="">Identities</div><svg width="8" height="24" viewBox="0 -9 3 24" class="transition-transform text-gray-400 overflow-visible group-hover:text-gray-600 dark:text-gray-600 dark:group-hover:text-gray-400 -mr-0.5"><path d="M0 0L3 3L0 6" fill="none" stroke="currentColor" stroke-width="1.5" stroke-linecap="round"></path></svg></div></li><li><div class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem"><div class="">Access Control</div><svg width="8" height="24" viewBox="0 -9 3 24" class="transition-transform text-gray-400 overflow-visible group-hover:text-gray-600 dark:text-gray-600 dark:group-hover:text-gray-400 -mr-0.5"><path d="M0 0L3 3L0 6" fill="none" stroke="currentColor" stroke-width="1.5" stroke-linecap="round"></path></svg></div></li><li><div class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem"><div class="">Audit Logs</div><svg width="8" height="24" viewBox="0 -9 3 24" class="transition-transform text-gray-400 overflow-visible group-hover:text-gray-600 dark:text-gray-600 dark:group-hover:text-gray-400 -mr-0.5"><path d="M0 0L3 3L0 6" fill="none" stroke="currentColor" stroke-width="1.5" stroke-linecap="round"></path></svg></div></li><li><div class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem"><div class="">Secret Rotation</div><svg width="8" height="24" viewBox="0 -9 3 24" class="transition-transform text-gray-400 overflow-visible group-hover:text-gray-600 dark:text-gray-600 dark:group-hover:text-gray-400 -mr-0.5"><path d="M0 0L3 3L0 6" fill="none" stroke="currentColor" stroke-width="1.5" stroke-linecap="round"></path></svg></div></li><li><div class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem"><div class="">Dynamic Secrets</div><svg width="8" height="24" viewBox="0 -9 3 24" class="transition-transform text-gray-400 overflow-visible group-hover:text-gray-600 dark:text-gray-600 dark:group-hover:text-gray-400 -mr-0.5"><path d="M0 0L3 3L0 6" fill="none" stroke="currentColor" stroke-width="1.5" stroke-linecap="round"></path></svg></div></li><li id="/documentation/platform/project-templates" class="scroll-m-4 first:scroll-m-20"><a class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem" href="/docs/documentation/platform/project-templates"><div class="flex-1 flex items-center space-x-2.5"><div>Project Templates</div></div></a></li><li><div class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem"><div class="">Workflow Integrations</div><svg width="8" height="24" viewBox="0 -9 3 24" class="transition-transform text-gray-400 overflow-visible group-hover:text-gray-600 dark:text-gray-600 dark:group-hover:text-gray-400 -mr-0.5"><path d="M0 0L3 3L0 6" fill="none" stroke="currentColor" stroke-width="1.5" stroke-linecap="round"></path></svg></div></li><li><div class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem"><div class="">Admin Consoles</div><svg width="8" height="24" viewBox="0 -9 3 24" class="transition-transform text-gray-400 overflow-visible group-hover:text-gray-600 dark:text-gray-600 dark:group-hover:text-gray-400 -mr-0.5"><path d="M0 0L3 3L0 6" fill="none" stroke="currentColor" stroke-width="1.5" stroke-linecap="round"></path></svg></div></li><li id="/documentation/platform/secret-sharing" class="scroll-m-4 first:scroll-m-20"><a class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem" href="/docs/documentation/platform/secret-sharing"><div class="flex-1 flex items-center space-x-2.5"><div>Secret Sharing</div></div></a></li></ul></div><div class="mt-12 lg:mt-8"><h5 class="pl-4 mb-3.5 lg:mb-2.5 font-semibold text-gray-900 dark:text-gray-200">Authentication Methods</h5><ul><li id="/documentation/platform/auth-methods/email-password" class="scroll-m-4 first:scroll-m-20"><a class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem" href="/docs/documentation/platform/auth-methods/email-password"><div class="flex-1 flex items-center space-x-2.5"><div>Email and Password</div></div></a></li><li id="/documentation/platform/token" class="scroll-m-4 first:scroll-m-20"><a class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem" href="/docs/documentation/platform/token"><div class="flex-1 flex items-center space-x-2.5"><div>Service Token</div></div></a></li><li id="/documentation/platform/identities/token-auth" class="scroll-m-4 first:scroll-m-20"><a class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem" href="/docs/documentation/platform/identities/token-auth"><div class="flex-1 flex items-center space-x-2.5"><div>Token Auth</div></div></a></li><li id="/documentation/platform/identities/universal-auth" class="scroll-m-4 first:scroll-m-20"><a class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem" href="/docs/documentation/platform/identities/universal-auth"><div class="flex-1 flex items-center space-x-2.5"><div>Universal Auth</div></div></a></li><li id="/documentation/platform/identities/kubernetes-auth" class="scroll-m-4 first:scroll-m-20"><a class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem" href="/docs/documentation/platform/identities/kubernetes-auth"><div class="flex-1 flex items-center space-x-2.5"><div>Kubernetes Auth</div></div></a></li><li id="/documentation/platform/identities/gcp-auth" class="scroll-m-4 first:scroll-m-20"><a class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem" href="/docs/documentation/platform/identities/gcp-auth"><div class="flex-1 flex items-center space-x-2.5"><div>GCP Auth</div></div></a></li><li id="/documentation/platform/identities/azure-auth" class="scroll-m-4 first:scroll-m-20"><a class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem" href="/docs/documentation/platform/identities/azure-auth"><div class="flex-1 flex items-center space-x-2.5"><div>Azure Auth</div></div></a></li><li id="/documentation/platform/identities/aws-auth" class="scroll-m-4 first:scroll-m-20"><a class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl bg-primary/10 text-primary font-semibold dark:text-primary-light dark:bg-primary-light/10" style="padding-left:1rem" href="/docs/documentation/platform/identities/aws-auth"><div class="flex-1 flex items-center space-x-2.5"><div>AWS Auth</div></div></a></li><li id="/documentation/platform/identities/jwt-auth" class="scroll-m-4 first:scroll-m-20"><a class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem" href="/docs/documentation/platform/identities/jwt-auth"><div class="flex-1 flex items-center space-x-2.5"><div>JWT Auth</div></div></a></li><li><div class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem"><div class="">OIDC Auth</div><svg width="8" height="24" viewBox="0 -9 3 24" class="transition-transform text-gray-400 overflow-visible group-hover:text-gray-600 dark:text-gray-600 dark:group-hover:text-gray-400 -mr-0.5"><path d="M0 0L3 3L0 6" fill="none" stroke="currentColor" stroke-width="1.5" stroke-linecap="round"></path></svg></div></li><li id="/documentation/platform/mfa" class="scroll-m-4 first:scroll-m-20"><a class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem" href="/docs/documentation/platform/mfa"><div class="flex-1 flex items-center space-x-2.5"><div>MFA</div></div></a></li><li><div class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem"><div class="">SSO</div><svg width="8" height="24" viewBox="0 -9 3 24" class="transition-transform text-gray-400 overflow-visible group-hover:text-gray-600 dark:text-gray-600 dark:group-hover:text-gray-400 -mr-0.5"><path d="M0 0L3 3L0 6" fill="none" stroke="currentColor" stroke-width="1.5" stroke-linecap="round"></path></svg></div></li><li><div class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem"><div class="">LDAP</div><svg width="8" height="24" viewBox="0 -9 3 24" class="transition-transform text-gray-400 overflow-visible group-hover:text-gray-600 dark:text-gray-600 dark:group-hover:text-gray-400 -mr-0.5"><path d="M0 0L3 3L0 6" fill="none" stroke="currentColor" stroke-width="1.5" stroke-linecap="round"></path></svg></div></li><li><div class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem"><div class="">SCIM</div><svg width="8" height="24" viewBox="0 -9 3 24" class="transition-transform text-gray-400 overflow-visible group-hover:text-gray-600 dark:text-gray-600 dark:group-hover:text-gray-400 -mr-0.5"><path d="M0 0L3 3L0 6" fill="none" stroke="currentColor" stroke-width="1.5" stroke-linecap="round"></path></svg></div></li></ul></div><div class="mt-12 lg:mt-8"><h5 class="pl-4 mb-3.5 lg:mb-2.5 font-semibold text-gray-900 dark:text-gray-200">Self-host Infisical</h5><ul><li id="/self-hosting/overview" class="scroll-m-4 first:scroll-m-20"><a class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem" href="/docs/self-hosting/overview"><div class="flex-1 flex items-center space-x-2.5"><div>Introduction</div></div></a></li><li><div class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem"><div class="">Installation methods</div><svg width="8" height="24" viewBox="0 -9 3 24" class="transition-transform text-gray-400 overflow-visible group-hover:text-gray-600 dark:text-gray-600 dark:group-hover:text-gray-400 -mr-0.5"><path d="M0 0L3 3L0 6" fill="none" stroke="currentColor" stroke-width="1.5" stroke-linecap="round"></path></svg></div></li><li id="/self-hosting/guides/upgrading-infisical" class="scroll-m-4 first:scroll-m-20"><a class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem" href="/docs/self-hosting/guides/upgrading-infisical"><div class="flex-1 flex items-center space-x-2.5"><div>Upgrade Infisical Instance</div></div></a></li><li id="/self-hosting/configuration/envars" class="scroll-m-4 first:scroll-m-20"><a class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem" href="/docs/self-hosting/configuration/envars"><div class="flex-1 flex items-center space-x-2.5"><div>Configurations</div></div></a></li><li id="/self-hosting/configuration/requirements" class="scroll-m-4 first:scroll-m-20"><a class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem" href="/docs/self-hosting/configuration/requirements"><div class="flex-1 flex items-center space-x-2.5"><div>Hardware requirements</div></div></a></li><li><div class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem"><div class="">Guides</div><svg width="8" height="24" viewBox="0 -9 3 24" class="transition-transform text-gray-400 overflow-visible group-hover:text-gray-600 dark:text-gray-600 dark:group-hover:text-gray-400 -mr-0.5"><path d="M0 0L3 3L0 6" fill="none" stroke="currentColor" stroke-width="1.5" stroke-linecap="round"></path></svg></div></li><li><div class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem"><div class="">Reference architectures</div><svg width="8" height="24" viewBox="0 -9 3 24" class="transition-transform text-gray-400 overflow-visible group-hover:text-gray-600 dark:text-gray-600 dark:group-hover:text-gray-400 -mr-0.5"><path d="M0 0L3 3L0 6" fill="none" stroke="currentColor" stroke-width="1.5" stroke-linecap="round"></path></svg></div></li><li id="/self-hosting/ee" class="scroll-m-4 first:scroll-m-20"><a class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem" href="/docs/self-hosting/ee"><div class="flex-1 flex items-center space-x-2.5"><div>Infisical Enterprise</div></div></a></li><li id="/self-hosting/faq" class="scroll-m-4 first:scroll-m-20"><a class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem" href="/docs/self-hosting/faq"><div class="flex-1 flex items-center space-x-2.5"><div>FAQ</div></div></a></li></ul></div><div class="mt-12 lg:mt-8"><h5 class="pl-4 mb-3.5 lg:mb-2.5 font-semibold text-gray-900 dark:text-gray-200">Internals</h5><ul><li id="/internals/overview" class="scroll-m-4 first:scroll-m-20"><a class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem" href="/docs/internals/overview"><div class="flex-1 flex items-center space-x-2.5"><div>Overview</div></div></a></li><li id="/internals/permissions" class="scroll-m-4 first:scroll-m-20"><a class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem" href="/docs/internals/permissions"><div class="flex-1 flex items-center space-x-2.5"><div>Permissions</div></div></a></li><li id="/internals/components" class="scroll-m-4 first:scroll-m-20"><a class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem" href="/docs/internals/components"><div class="flex-1 flex items-center space-x-2.5"><div>Components</div></div></a></li><li id="/internals/security" class="scroll-m-4 first:scroll-m-20"><a class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem" href="/docs/internals/security"><div class="flex-1 flex items-center space-x-2.5"><div>Security</div></div></a></li><li id="/internals/service-tokens" class="scroll-m-4 first:scroll-m-20"><a class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem" href="/docs/internals/service-tokens"><div class="flex-1 flex items-center space-x-2.5"><div>Service tokens</div></div></a></li></ul></div><div class="mt-12 lg:mt-8"><h5 class="pl-4 mb-3.5 lg:mb-2.5 font-semibold text-gray-900 dark:text-gray-200">Contributing</h5><ul><li><div class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem"><div class="">Getting Started</div><svg width="8" height="24" viewBox="0 -9 3 24" class="transition-transform text-gray-400 overflow-visible group-hover:text-gray-600 dark:text-gray-600 dark:group-hover:text-gray-400 -mr-0.5"><path d="M0 0L3 3L0 6" fill="none" stroke="currentColor" stroke-width="1.5" stroke-linecap="round"></path></svg></div></li><li><div class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem"><div class="">Contributing to platform</div><svg width="8" height="24" viewBox="0 -9 3 24" class="transition-transform text-gray-400 overflow-visible group-hover:text-gray-600 dark:text-gray-600 dark:group-hover:text-gray-400 -mr-0.5"><path d="M0 0L3 3L0 6" fill="none" stroke="currentColor" stroke-width="1.5" stroke-linecap="round"></path></svg></div></li><li><div class="group mt-2 lg:mt-0 flex items-center pr-3 py-1.5 cursor-pointer focus:outline-primary dark:focus:outline-primary-light gap-x-3 rounded-xl hover:bg-gray-600/5 dark:hover:bg-gray-200/5 text-gray-700 hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300" style="padding-left:1rem"><div class="">Contributing to SDK</div><svg width="8" height="24" viewBox="0 -9 3 24" class="transition-transform text-gray-400 overflow-visible group-hover:text-gray-600 dark:text-gray-600 dark:group-hover:text-gray-400 -mr-0.5"><path d="M0 0L3 3L0 6" fill="none" stroke="currentColor" stroke-width="1.5" stroke-linecap="round"></path></svg></div></li></ul></div></div></div></div></div><div class="" id="content-container"><div class="flex flex-row gap-12 box-border w-full pt-40 lg:pt-10"><div class="relative grow box-border flex-col w-full mx-auto px-1 lg:pl-[23.7rem] lg:-ml-12 xl:w-[calc(100%-28rem)]" id="content-area"><header id="header" class="relative"><div class="mt-0.5 space-y-2.5"><div class="eyebrow h-5 text-primary dark:text-primary-light text-sm font-semibold">Authentication Methods</div><div class="flex items-center"><h1 class="inline-block text-2xl sm:text-3xl font-bold text-gray-900 tracking-tight dark:text-gray-200">AWS Auth</h1></div></div><div class="mt-2 text-lg prose prose-gray dark:prose-invert"><p>Learn how to authenticate with Infisical for EC2 instances, Lambda functions, and other IAM principals.</p></div></header><div class="flex flex-col gap-8"><div class="flex flex-col gap-6 xl:hidden"><div class="w-full xl:w-[28rem] gap-6 grid grid-rows-[repeat(auto-fit,minmax(0,min-content))] grid-rows relative"></div></div></div><div class="relative mt-8 prose prose-gray dark:prose-invert"><p><strong>AWS Auth</strong> is an AWS-native authentication method for IAM principals like EC2 instances or Lambda functions to access Infisical.</p> <h2 class="flex whitespace-pre-wrap group font-semibold" id="diagram"><div class="absolute"><a href="#diagram" class="-ml-10 flex items-center opacity-0 border-0 group-hover:opacity-100" aria-label="Navigate to header">​<div class="w-6 h-6 text-gray-400 rounded-md flex items-center justify-center zinc-box bg-white ring-1 ring-gray-400/30 dark:ring-gray-700/25 hover:ring-gray-400/60 dark:hover:ring-white/20"><svg xmlns="http://www.w3.org/2000/svg" fill="gray" height="12px" viewBox="0 0 576 512"><path d="M0 256C0 167.6 71.6 96 160 96h72c13.3 0 24 10.7 24 24s-10.7 24-24 24H160C98.1 144 48 194.1 48 256s50.1 112 112 112h72c13.3 0 24 10.7 24 24s-10.7 24-24 24H160C71.6 416 0 344.4 0 256zm576 0c0 88.4-71.6 160-160 160H344c-13.3 0-24-10.7-24-24s10.7-24 24-24h72c61.9 0 112-50.1 112-112s-50.1-112-112-112H344c-13.3 0-24-10.7-24-24s10.7-24 24-24h72c88.4 0 160 71.6 160 160zM184 232H392c13.3 0 24 10.7 24 24s-10.7 24-24 24H184c-13.3 0-24-10.7-24-24s10.7-24 24-24z"></path></svg></div></a></div><span class="cursor-pointer">Diagram</span></h2> <p>The following sequence diagram illustrates the AWS Auth workflow for authenticating AWS IAM principals with Infisical.</p> <!-- --> <h2 class="flex whitespace-pre-wrap group font-semibold" id="concept"><div class="absolute"><a href="#concept" class="-ml-10 flex items-center opacity-0 border-0 group-hover:opacity-100" aria-label="Navigate to header">​<div class="w-6 h-6 text-gray-400 rounded-md flex items-center justify-center zinc-box bg-white ring-1 ring-gray-400/30 dark:ring-gray-700/25 hover:ring-gray-400/60 dark:hover:ring-white/20"><svg xmlns="http://www.w3.org/2000/svg" fill="gray" height="12px" viewBox="0 0 576 512"><path d="M0 256C0 167.6 71.6 96 160 96h72c13.3 0 24 10.7 24 24s-10.7 24-24 24H160C98.1 144 48 194.1 48 256s50.1 112 112 112h72c13.3 0 24 10.7 24 24s-10.7 24-24 24H160C71.6 416 0 344.4 0 256zm576 0c0 88.4-71.6 160-160 160H344c-13.3 0-24-10.7-24-24s10.7-24 24-24h72c61.9 0 112-50.1 112-112s-50.1-112-112-112H344c-13.3 0-24-10.7-24-24s10.7-24 24-24h72c88.4 0 160 71.6 160 160zM184 232H392c13.3 0 24 10.7 24 24s-10.7 24-24 24H184c-13.3 0-24-10.7-24-24s10.7-24 24-24z"></path></svg></div></a></div><span class="cursor-pointer">Concept</span></h2> <p>At a high-level, Infisical authenticates an IAM principal by verifying its identity and checking that it meets specific requirements (e.g. it is an allowed IAM principal ARN) at the <code>/api/v1/auth/aws-auth/login</code> endpoint. If successful, then Infisical returns a short-lived access token that can be used to make authenticated requests to the Infisical API.</p> <p>To be more specific:</p> <ol> <li>The client IAM principal signs a <code>GetCallerIdentity</code> query using the <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/create-signed-request.html" target="_blank" rel="noreferrer">AWS Signature v4 algorithm</a>; this is done using the credentials from the AWS environment where the IAM principal is running.</li> <li>The client sends the signed query data to Infisical including the request method, request body, and request headers at the <code>/api/v1/auth/aws-auth/login</code> endpoint.</li> <li>Infisical reconstructs the query and sends it to AWS STS API via the <a href="https://docs.aws.amazon.com/STS/latest/APIReference/API_GetCallerIdentity.html" target="_blank" rel="noreferrer">sts:GetCallerIdentity</a> method for verification and obtains the identity associated with the IAM principal.</li> <li>Infisical checks the identity’s properties against set criteria such <strong>Allowed Principal ARNs</strong>.</li> <li>If all is well, Infisical returns a short-lived access token that the IAM principal can use to make authenticated requests to the Infisical API.</li> </ol> <div class="my-4 px-5 py-4 overflow-hidden rounded-2xl flex gap-3 border border-sky-500/20 bg-sky-50/50 dark:border-sky-500/30 dark:bg-sky-500/10"><div class="mt-0.5 w-4"><svg width="14" height="14" viewBox="0 0 14 14" fill="currentColor" xmlns="http://www.w3.org/2000/svg" class="w-4 h-4 text-sky-500" aria-label="Note"><path fill-rule="evenodd" clip-rule="evenodd" d="M7 1.3C10.14 1.3 12.7 3.86 12.7 7C12.7 10.14 10.14 12.7 7 12.7C5.48908 12.6974 4.0408 12.096 2.97241 11.0276C1.90403 9.9592 1.30264 8.51092 1.3 7C1.3 3.86 3.86 1.3 7 1.3ZM7 0C3.14 0 0 3.14 0 7C0 10.86 3.14 14 7 14C10.86 14 14 10.86 14 7C14 3.14 10.86 0 7 0ZM8 3H6V8H8V3ZM8 9H6V11H8V9Z"></path></svg></div><div class="text-sm prose min-w-0 text-sky-900 dark:text-sky-200"><p>We recommend using one of Infisical’s clients like SDKs or the Infisical Agent to authenticate with Infisical using AWS Auth as they handle the authentication process including the signed <code>GetCallerIdentity</code> query construction for you.</p><p>Also, note that Infisical needs network-level access to send requests to the AWS STS API as part of the AWS Auth workflow.</p></div></div> <h2 class="flex whitespace-pre-wrap group font-semibold" id="guide"><div class="absolute"><a href="#guide" class="-ml-10 flex items-center opacity-0 border-0 group-hover:opacity-100" aria-label="Navigate to header">​<div class="w-6 h-6 text-gray-400 rounded-md flex items-center justify-center zinc-box bg-white ring-1 ring-gray-400/30 dark:ring-gray-700/25 hover:ring-gray-400/60 dark:hover:ring-white/20"><svg xmlns="http://www.w3.org/2000/svg" fill="gray" height="12px" viewBox="0 0 576 512"><path d="M0 256C0 167.6 71.6 96 160 96h72c13.3 0 24 10.7 24 24s-10.7 24-24 24H160C98.1 144 48 194.1 48 256s50.1 112 112 112h72c13.3 0 24 10.7 24 24s-10.7 24-24 24H160C71.6 416 0 344.4 0 256zm576 0c0 88.4-71.6 160-160 160H344c-13.3 0-24-10.7-24-24s10.7-24 24-24h72c61.9 0 112-50.1 112-112s-50.1-112-112-112H344c-13.3 0-24-10.7-24-24s10.7-24 24-24h72c88.4 0 160 71.6 160 160zM184 232H392c13.3 0 24 10.7 24 24s-10.7 24-24 24H184c-13.3 0-24-10.7-24-24s10.7-24 24-24z"></path></svg></div></a></div><span class="cursor-pointer">Guide</span></h2> <p>In the following steps, we explore how to create and use identities for your workloads and applications on AWS to access the Infisical API using the AWS Auth authentication method.</p> <div role="list" class="ml-3.5 mt-10 mb-6"><div role="listitem" class="relative flex items-start pb-2"><div class="absolute w-px h-[calc(100%-2.75rem)] top-[2.75rem] bg-gray-200/70 dark:bg-white/10"></div><div class="absolute ml-[-14px] py-2"><div class="w-7 h-7 shrink-0 rounded-lg bg-gray-100 dark:text-white dark:bg-[#26292E] text-sm text-gray-800 font-semibold flex items-center justify-center">1</div></div><div class="w-full overflow-hidden pl-12 pr-px"><p class="mt-2 font-semibold prose dark:prose-invert text-gray-900 dark:text-gray-200">Creating an identity</p><div><p>To create an identity, head to your Organization Settings &gt; Access Control &gt; Machine Identities and press <strong>Create identity</strong>.</p><p></p><p>When creating an identity, you specify an organization level <a href="/docs/documentation/platform/role-based-access-controls">role</a> for it to assume; you can configure roles in Organization Settings &gt; Access Control &gt; Organization Roles.</p><p></p><p>Now input a few details for your new identity. Here’s some guidance for each field:</p><ul> <li>Name (required): A friendly name for the identity.</li> <li>Role (required): A role from the <strong>Organization Roles</strong> tab for the identity to assume. The organization role assigned will determine what organization level resources this identity can have access to.</li> </ul><p>Once you’ve created an identity, you’ll be redirected to a page where you can manage the identity.</p><p></p><p>Since the identity has been configured with Universal Auth by default, you should re-configure it to use AWS Auth instead. To do this, press to edit the <strong>Authentication</strong> section, remove the existing Universal Auth configuration, and add a new AWS Auth configuration onto the identity.</p><p></p><p></p><p>Here’s some more guidance on each field:</p><ul> <li>Allowed Principal ARNs: A comma-separated list of trusted IAM principal ARNs that are allowed to authenticate with Infisical. The values should take one of three forms: <code>arn:aws:iam::123456789012:user/MyUserName</code>, <code>arn:aws:iam::123456789012:role/MyRoleName</code>, or <code>arn:aws:iam::123456789012:*</code>. Using a wildcard in this case allows any IAM principal in the account <code>123456789012</code> to authenticate with Infisical under the identity.</li> <li>Allowed Account IDs: A comma-separated list of trusted AWS account IDs that are allowed to authenticate with Infisical.</li> <li>STS Endpoint (default is <code>https://sts.amazonaws.com/</code>): The endpoint URL for the AWS STS API. This value should be adjusted based on the AWS region you are operating in (e.g. <code>https://sts.us-east-1.amazonaws.com/</code>); refer to the list of regional STS endpoints <a href="https://docs.aws.amazon.com/general/latest/gr/sts.html" target="_blank" rel="noreferrer">here</a>.</li> <li>Access Token TTL (default is <code>2592000</code> equivalent to 30 days): The lifetime for an acccess token in seconds. This value will be referenced at renewal time.</li> <li>Access Token Max TTL (default is <code>2592000</code> equivalent to 30 days): The maximum lifetime for an acccess token in seconds. This value will be referenced at renewal time.</li> <li>Access Token Max Number of Uses (default is <code>0</code>): The maximum number of times that an access token can be used; a value of <code>0</code> implies infinite number of uses.</li> <li>Access Token Trusted IPs: The IPs or CIDR ranges that access tokens can be used from. By default, each token is given the <code>0.0.0.0/0</code>, allowing usage from any network address.</li> </ul></div></div></div><div role="listitem" class="relative flex items-start pb-2"><div class="absolute w-px h-[calc(100%-2.75rem)] top-[2.75rem] bg-gray-200/70 dark:bg-white/10"></div><div class="absolute ml-[-14px] py-2"><div class="w-7 h-7 shrink-0 rounded-lg bg-gray-100 dark:text-white dark:bg-[#26292E] text-sm text-gray-800 font-semibold flex items-center justify-center">2</div></div><div class="w-full overflow-hidden pl-12 pr-px"><p class="mt-2 font-semibold prose dark:prose-invert text-gray-900 dark:text-gray-200">Adding an identity to a project</p><div><p>To enable the identity to access project-level resources such as secrets within a specific project, you should add it to that project.</p><p>To do this, head over to the project you want to add the identity to and go to Project Settings &gt; Access Control &gt; Machine Identities and press <strong>Add identity</strong>.</p><p>Next, select the identity you want to add to the project and the project level role you want to allow it to assume. The project role assigned will determine what project level resources this identity can have access to.</p><p></p><p></p></div></div></div><div role="listitem" class="relative flex items-start pb-2"><div class="absolute w-px h-[calc(100%-2.75rem)] top-[2.75rem] bg-transparent bg-gradient-to-b from-gray-200 dark:from-white/10 via-80% to-transparent"></div><div class="absolute ml-[-14px] py-2"><div class="w-7 h-7 shrink-0 rounded-lg bg-gray-100 dark:text-white dark:bg-[#26292E] text-sm text-gray-800 font-semibold flex items-center justify-center">3</div></div><div class="w-full overflow-hidden pl-12 pr-px"><p class="mt-2 font-semibold prose dark:prose-invert text-gray-900 dark:text-gray-200">Accessing the Infisical API with the identity</p><div><p>To access the Infisical API as the identity, you need to construct a signed <code>GetCallerIdentity</code> query using the <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/create-signed-request.html" target="_blank" rel="noreferrer">AWS Signature v4 algorithm</a> and make a request to the <code>/api/v1/auth/aws-auth/login</code> endpoint containing the query data in exchange for an access token.</p><p>We provide a few code examples below of how you can authenticate with Infisical from inside a Lambda function, EC2 instance, etc. and obtain an access token to access the <a href="/docs/api-reference/overview/introduction">Infisical API</a>.</p><div class="[&amp;&gt;div]:border-0 [&amp;&gt;div]:rounded-none [&amp;&gt;div&gt;button]:rounded-none [&amp;&gt;div]:mb-0 overflow-hidden mt-0 mb-3 rounded-xl prose prose-gray dark:prose-invert divide-y divide-inherit border dark:border-gray-800/50"><div role="button" class="border-standard rounded-2xl mb-3 overflow-hidden bg-background-light dark:bg-codeblock"><button class="relative not-prose flex flex-row items-center content-center w-full py-4 px-5 space-x-2 hover:bg-gray-100 hover:dark:bg-gray-800 rounded-t-xl" aria-controls="sample-code-for-inside-a-lambda-function accordion children" aria-expanded="false"><div id="sample-code-for-inside-a-lambda-function" class="absolute -top-[8rem]"></div><div class="mr-0.5"><svg class="h-3 w-3 transition bg-gray-700 dark:bg-gray-400 duration-75" style="-webkit-mask-image:url(https://mintlify.b-cdn.net/v6.6.0/solid/caret-right.svg);-webkit-mask-repeat:no-repeat;-webkit-mask-position:center;mask-image:url(https://mintlify.b-cdn.net/v6.6.0/solid/caret-right.svg);mask-repeat:no-repeat;mask-position:center"></svg></div><div class="leading-tight text-left"><p class="m-0 font-medium text-gray-900 dark:text-gray-200">Sample code for inside a Lambda function</p></div></button><div id="sample-code-for-inside-a-lambda-function accordion children" class="mt-2 mb-4 mx-6 hidden"><p>The following query construction is an example of how you can authenticate with Infisical from inside a Lambda function.</p><p>The shown example uses Node.js but you can use other languages supported by AWS Lambda.</p><div class="mt-5 mb-8 not-prose rounded-2xl relative text-gray-50 bg-[#0F1117] dark:bg-codeblock border border-transparent dark:border-gray-800/50 codeblock-dark"><div class="min-w-full relative text-sm leading-6 children:!my-0 children:!shadow-none children:!bg-transparent transition-[height] duration-300 ease-in-out" style="font-variant-ligatures:none;height:auto"><div class="overflow-x-auto h-full p-5 overflow-y-hidden scrollbar-thin scrollbar-thumb-rounded scrollbar-thumb-white/20 dark:scrollbar-thumb-white/20 hover:scrollbar-thumb-white/25 dark:hover:scrollbar-thumb-white/25 active:scrollbar-thumb-white/25 dark:active:scrollbar-thumb-white/25"><pre class="language-javascript"><code class="language-javascript"><span class=""><span class="token keyword module">import</span> <span class="token constant">AWS</span> <span class="token keyword module">from</span> <span class="token string">&quot;aws-sdk&quot;</span><span class="token punctuation">;</span></span> <span class=""><span class="token keyword module">import</span> <span class="token imports">axios</span> <span class="token keyword module">from</span> <span class="token string">&quot;axios&quot;</span><span class="token punctuation">;</span></span> <!-- --> <span class=""><span class="token keyword module">export</span> <span class="token keyword">const</span> <span class="token function-variable function">handler</span> <span class="token operator">=</span> <span class="token keyword">async</span> <span class="token punctuation">(</span><span class="token parameter">event<span class="token punctuation">,</span> context</span><span class="token punctuation">)</span> <span class="token arrow operator">=&gt;</span> <span class="token punctuation">{</span></span> <span class=""> <span class="token keyword control-flow">try</span> <span class="token punctuation">{</span></span> <span class=""> <span class="token keyword">const</span> region <span class="token operator">=</span> process<span class="token punctuation">.</span><span class="token property-access">env</span><span class="token punctuation">.</span><span class="token constant">AWS_REGION</span><span class="token punctuation">;</span></span> <span class=""> <span class="token constant">AWS</span><span class="token punctuation">.</span><span class="token property-access">config</span><span class="token punctuation">.</span><span class="token method function property-access">update</span><span class="token punctuation">(</span><span class="token punctuation">{</span> region <span class="token punctuation">}</span><span class="token punctuation">)</span><span class="token punctuation">;</span></span> <!-- --> <span class=""> <span class="token keyword">const</span> iamRequestURL <span class="token operator">=</span> <span class="token template-string"><span class="token template-punctuation string">`</span><span class="token string">https://sts.</span><span class="token interpolation"><span class="token interpolation-punctuation punctuation">${</span>region<span class="token interpolation-punctuation punctuation">}</span></span><span class="token string">.amazonaws.com/</span><span class="token template-punctuation string">`</span></span><span class="token punctuation">;</span></span> <span class=""> <span class="token keyword">const</span> iamRequestBody <span class="token operator">=</span> <span class="token string">&quot;Action=GetCallerIdentity&amp;Version=2011-06-15&quot;</span><span class="token punctuation">;</span></span> <span class=""> <span class="token keyword">const</span> iamRequestHeaders <span class="token operator">=</span> <span class="token punctuation">{</span></span> <span class=""> <span class="token string-property property">&quot;Content-Type&quot;</span><span class="token operator">:</span> <span class="token string">&quot;application/x-www-form-urlencoded; charset=utf-8&quot;</span><span class="token punctuation">,</span></span> <span class=""> <span class="token literal-property property">Host</span><span class="token operator">:</span> <span class="token template-string"><span class="token template-punctuation string">`</span><span class="token string">sts.</span><span class="token interpolation"><span class="token interpolation-punctuation punctuation">${</span>region<span class="token interpolation-punctuation punctuation">}</span></span><span class="token string">.amazonaws.com</span><span class="token template-punctuation string">`</span></span><span class="token punctuation">,</span></span> <span class=""> <span class="token punctuation">}</span><span class="token punctuation">;</span></span> <!-- --> <span class=""> <span class="token comment">// Create the request</span></span> <span class=""> <span class="token keyword">const</span> request <span class="token operator">=</span> <span class="token keyword">new</span> <span class="token class-name">AWS<span class="token punctuation">.</span>HttpRequest</span><span class="token punctuation">(</span>iamRequestURL<span class="token punctuation">,</span> region<span class="token punctuation">)</span><span class="token punctuation">;</span></span> <span class=""> request<span class="token punctuation">.</span><span class="token property-access">method</span> <span class="token operator">=</span> <span class="token string">&quot;POST&quot;</span><span class="token punctuation">;</span></span> <span class=""> request<span class="token punctuation">.</span><span class="token property-access">headers</span> <span class="token operator">=</span> iamRequestHeaders<span class="token punctuation">;</span></span> <span class=""> request<span class="token punctuation">.</span><span class="token property-access">headers</span><span class="token punctuation">[</span><span class="token string">&quot;X-Amz-Date&quot;</span><span class="token punctuation">]</span> <span class="token operator">=</span> <span class="token constant">AWS</span><span class="token punctuation">.</span><span class="token property-access">util</span><span class="token punctuation">.</span><span class="token property-access">date</span></span> <span class=""> <span class="token punctuation">.</span><span class="token method function property-access">iso8601</span><span class="token punctuation">(</span><span class="token keyword">new</span> <span class="token class-name">Date</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">)</span></span> <span class=""> <span class="token punctuation">.</span><span class="token method function property-access">replace</span><span class="token punctuation">(</span><span class="token regex"><span class="token regex-delimiter">/</span><span class="token regex-source language-regex"><span class="token char-class"><span class="token char-class-punctuation punctuation">[</span>:-<span class="token char-class-punctuation punctuation">]</span></span><span class="token alternation keyword">|</span><span class="token special-escape escape">\.</span><span class="token char-set class-name">\d</span><span class="token quantifier number">{3}</span></span><span class="token regex-delimiter">/</span><span class="token regex-flags">g</span></span><span class="token punctuation">,</span> <span class="token string">&quot;&quot;</span><span class="token punctuation">)</span><span class="token punctuation">;</span></span> <span class=""> request<span class="token punctuation">.</span><span class="token property-access">body</span> <span class="token operator">=</span> iamRequestBody<span class="token punctuation">;</span></span> <span class=""> request<span class="token punctuation">.</span><span class="token property-access">headers</span><span class="token punctuation">[</span><span class="token string">&quot;Content-Length&quot;</span><span class="token punctuation">]</span> <span class="token operator">=</span></span> <span class=""> <span class="token maybe-class-name">Buffer</span><span class="token punctuation">.</span><span class="token method function property-access">byteLength</span><span class="token punctuation">(</span>iamRequestBody<span class="token punctuation">)</span><span class="token punctuation">.</span><span class="token method function property-access">toString</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">;</span></span> <!-- --> <span class=""> <span class="token comment">// Sign the request</span></span> <span class=""> <span class="token keyword">const</span> signer <span class="token operator">=</span> <span class="token keyword">new</span> <span class="token class-name">AWS<span class="token punctuation">.</span>Signers<span class="token punctuation">.</span>V4</span><span class="token punctuation">(</span>request<span class="token punctuation">,</span> <span class="token string">&quot;sts&quot;</span><span class="token punctuation">)</span><span class="token punctuation">;</span></span> <span class=""> signer<span class="token punctuation">.</span><span class="token method function property-access">addAuthorization</span><span class="token punctuation">(</span><span class="token constant">AWS</span><span class="token punctuation">.</span><span class="token property-access">config</span><span class="token punctuation">.</span><span class="token property-access">credentials</span><span class="token punctuation">,</span> <span class="token keyword">new</span> <span class="token class-name">Date</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">)</span><span class="token punctuation">;</span></span> <!-- --> <span class=""> <span class="token keyword">const</span> infisicalUrl <span class="token operator">=</span> <span class="token string">&quot;https://app.infisical.com&quot;</span><span class="token punctuation">;</span> <span class="token comment">// or your self-hosted Infisical URL</span></span> <span class=""> <span class="token keyword">const</span> identityId <span class="token operator">=</span> <span class="token string">&quot;&lt;your-identity-id&gt;&quot;</span><span class="token punctuation">;</span></span> <!-- --> <span class=""> <span class="token keyword">const</span> <span class="token punctuation">{</span> data <span class="token punctuation">}</span> <span class="token operator">=</span> <span class="token keyword control-flow">await</span> axios<span class="token punctuation">.</span><span class="token method function property-access">post</span><span class="token punctuation">(</span></span> <span class=""> <span class="token template-string"><span class="token template-punctuation string">`</span><span class="token interpolation"><span class="token interpolation-punctuation punctuation">${</span>infisicalUrl<span class="token interpolation-punctuation punctuation">}</span></span><span class="token string">/api/v1/auth/aws-auth/login</span><span class="token template-punctuation string">`</span></span><span class="token punctuation">,</span></span> <span class=""> <span class="token punctuation">{</span></span> <span class=""> identityId<span class="token punctuation">,</span></span> <span class=""> <span class="token literal-property property">iamHttpRequestMethod</span><span class="token operator">:</span> <span class="token string">&quot;POST&quot;</span><span class="token punctuation">,</span></span> <span class=""> <span class="token literal-property property">iamRequestUrl</span><span class="token operator">:</span> <span class="token maybe-class-name">Buffer</span><span class="token punctuation">.</span><span class="token keyword module">from</span><span class="token punctuation">(</span>iamRequestURL<span class="token punctuation">)</span><span class="token punctuation">.</span><span class="token method function property-access">toString</span><span class="token punctuation">(</span><span class="token string">&quot;base64&quot;</span><span class="token punctuation">)</span><span class="token punctuation">,</span></span> <span class=""> <span class="token literal-property property">iamRequestBody</span><span class="token operator">:</span> <span class="token maybe-class-name">Buffer</span><span class="token punctuation">.</span><span class="token keyword module">from</span><span class="token punctuation">(</span>iamRequestBody<span class="token punctuation">)</span><span class="token punctuation">.</span><span class="token method function property-access">toString</span><span class="token punctuation">(</span><span class="token string">&quot;base64&quot;</span><span class="token punctuation">)</span><span class="token punctuation">,</span></span> <span class=""> <span class="token literal-property property">iamRequestHeaders</span><span class="token operator">:</span> <span class="token maybe-class-name">Buffer</span><span class="token punctuation">.</span><span class="token keyword module">from</span><span class="token punctuation">(</span></span> <span class=""> <span class="token known-class-name class-name">JSON</span><span class="token punctuation">.</span><span class="token method function property-access">stringify</span><span class="token punctuation">(</span>iamRequestHeaders<span class="token punctuation">)</span></span> <span class=""> <span class="token punctuation">)</span><span class="token punctuation">.</span><span class="token method function property-access">toString</span><span class="token punctuation">(</span><span class="token string">&quot;base64&quot;</span><span class="token punctuation">)</span><span class="token punctuation">,</span></span> <span class=""> <span class="token punctuation">}</span></span> <span class=""> <span class="token punctuation">)</span><span class="token punctuation">;</span></span> <!-- --> <span class=""> <span class="token console class-name">console</span><span class="token punctuation">.</span><span class="token method function property-access">log</span><span class="token punctuation">(</span><span class="token string">&quot;result data: &quot;</span><span class="token punctuation">,</span> data<span class="token punctuation">)</span><span class="token punctuation">;</span> <span class="token comment">// access token here</span></span> <span class=""> <span class="token punctuation">}</span> <span class="token keyword control-flow">catch</span> <span class="token punctuation">(</span>err<span class="token punctuation">)</span> <span class="token punctuation">{</span></span> <span class=""> <span class="token console class-name">console</span><span class="token punctuation">.</span><span class="token method function property-access">error</span><span class="token punctuation">(</span>err<span class="token punctuation">)</span><span class="token punctuation">;</span></span> <span class=""> <span class="token punctuation">}</span></span> <span class=""><span class="token punctuation">}</span><span class="token punctuation">;</span></span> </code></pre></div></div></div></div></div><div role="button" class="border-standard rounded-2xl mb-3 overflow-hidden bg-background-light dark:bg-codeblock"><button class="relative not-prose flex flex-row items-center content-center w-full py-4 px-5 space-x-2 hover:bg-gray-100 hover:dark:bg-gray-800 rounded-t-xl" aria-controls="sample-code-for-inside-an-ec2-instance accordion children" aria-expanded="false"><div id="sample-code-for-inside-an-ec2-instance" class="absolute -top-[8rem]"></div><div class="mr-0.5"><svg class="h-3 w-3 transition bg-gray-700 dark:bg-gray-400 duration-75" style="-webkit-mask-image:url(https://mintlify.b-cdn.net/v6.6.0/solid/caret-right.svg);-webkit-mask-repeat:no-repeat;-webkit-mask-position:center;mask-image:url(https://mintlify.b-cdn.net/v6.6.0/solid/caret-right.svg);mask-repeat:no-repeat;mask-position:center"></svg></div><div class="leading-tight text-left"><p class="m-0 font-medium text-gray-900 dark:text-gray-200">Sample code for inside an EC2 instance</p></div></button><div id="sample-code-for-inside-an-ec2-instance accordion children" class="mt-2 mb-4 mx-6 hidden"><p>The following query construction is an example of how you can authenticate with Infisical from inside a EC2 instance.</p><p>The shown example uses Node.js but you can use other language you wish.</p><div class="mt-5 mb-8 not-prose rounded-2xl relative text-gray-50 bg-[#0F1117] dark:bg-codeblock border border-transparent dark:border-gray-800/50 codeblock-dark"><div class="min-w-full relative text-sm leading-6 children:!my-0 children:!shadow-none children:!bg-transparent transition-[height] duration-300 ease-in-out" style="font-variant-ligatures:none;height:auto"><div class="overflow-x-auto h-full p-5 overflow-y-hidden scrollbar-thin scrollbar-thumb-rounded scrollbar-thumb-white/20 dark:scrollbar-thumb-white/20 hover:scrollbar-thumb-white/25 dark:hover:scrollbar-thumb-white/25 active:scrollbar-thumb-white/25 dark:active:scrollbar-thumb-white/25"><pre class="language-javascript"><code class="language-javascript"><span class=""><span class="token keyword module">import</span> <span class="token constant">AWS</span> <span class="token keyword module">from</span> <span class="token string">&quot;aws-sdk&quot;</span><span class="token punctuation">;</span></span> <span class=""><span class="token keyword module">import</span> <span class="token imports">axios</span> <span class="token keyword module">from</span> <span class="token string">&quot;axios&quot;</span><span class="token punctuation">;</span></span> <!-- --> <span class=""><span class="token keyword">const</span> <span class="token function-variable function">main</span> <span class="token operator">=</span> <span class="token keyword">async</span> <span class="token punctuation">(</span><span class="token punctuation">)</span> <span class="token arrow operator">=&gt;</span> <span class="token punctuation">{</span></span> <span class=""> <span class="token keyword control-flow">try</span> <span class="token punctuation">{</span></span> <span class=""> <span class="token comment">// obtain region from EC2 instance metadata</span></span> <span class=""> <span class="token keyword">const</span> tokenResponse <span class="token operator">=</span> <span class="token keyword control-flow">await</span> axios<span class="token punctuation">.</span><span class="token method function property-access">put</span><span class="token punctuation">(</span><span class="token string">&quot;http://169.254.169.254/latest/api/token&quot;</span><span class="token punctuation">,</span> <span class="token keyword null nil">null</span><span class="token punctuation">,</span> <span class="token punctuation">{</span></span> <span class=""> <span class="token literal-property property">headers</span><span class="token operator">:</span> <span class="token punctuation">{</span></span> <span class=""> <span class="token string-property property">&quot;X-aws-ec2-metadata-token-ttl-seconds&quot;</span><span class="token operator">:</span> <span class="token string">&quot;21600&quot;</span></span> <span class=""> <span class="token punctuation">}</span></span> <span class=""> <span class="token punctuation">}</span><span class="token punctuation">)</span><span class="token punctuation">;</span></span> <!-- --> <span class=""> <span class="token keyword">const</span> url <span class="token operator">=</span> <span class="token string">&quot;http://169.254.169.254/latest/dynamic/instance-identity/document&quot;</span><span class="token punctuation">;</span></span> <span class=""> <span class="token keyword">const</span> response <span class="token operator">=</span> <span class="token keyword control-flow">await</span> axios<span class="token punctuation">.</span><span class="token method function property-access">get</span><span class="token punctuation">(</span>url<span class="token punctuation">,</span> <span class="token punctuation">{</span></span> <span class=""> <span class="token literal-property property">headers</span><span class="token operator">:</span> <span class="token punctuation">{</span></span> <span class=""> <span class="token string-property property">&quot;X-aws-ec2-metadata-token&quot;</span><span class="token operator">:</span> tokenResponse<span class="token punctuation">.</span><span class="token property-access">data</span></span> <span class=""> <span class="token punctuation">}</span></span> <span class=""> <span class="token punctuation">}</span><span class="token punctuation">)</span><span class="token punctuation">;</span></span> <!-- --> <span class=""> <span class="token keyword">const</span> region <span class="token operator">=</span> response<span class="token punctuation">.</span><span class="token property-access">data</span><span class="token punctuation">.</span><span class="token property-access">region</span><span class="token punctuation">;</span></span> <!-- --> <span class=""> <span class="token constant">AWS</span><span class="token punctuation">.</span><span class="token property-access">config</span><span class="token punctuation">.</span><span class="token method function property-access">update</span><span class="token punctuation">(</span><span class="token punctuation">{</span></span> <span class=""> region</span> <span class=""> <span class="token punctuation">}</span><span class="token punctuation">)</span><span class="token punctuation">;</span></span> <!-- --> <span class=""> <span class="token keyword">const</span> iamRequestURL <span class="token operator">=</span> <span class="token template-string"><span class="token template-punctuation string">`</span><span class="token string">https://sts.</span><span class="token interpolation"><span class="token interpolation-punctuation punctuation">${</span>region<span class="token interpolation-punctuation punctuation">}</span></span><span class="token string">.amazonaws.com/</span><span class="token template-punctuation string">`</span></span><span class="token punctuation">;</span></span> <span class=""> <span class="token keyword">const</span> iamRequestBody <span class="token operator">=</span> <span class="token string">&quot;Action=GetCallerIdentity&amp;Version=2011-06-15&quot;</span><span class="token punctuation">;</span></span> <span class=""> <span class="token keyword">const</span> iamRequestHeaders <span class="token operator">=</span> <span class="token punctuation">{</span></span> <span class=""> <span class="token string-property property">&quot;Content-Type&quot;</span><span class="token operator">:</span> <span class="token string">&quot;application/x-www-form-urlencoded; charset=utf-8&quot;</span><span class="token punctuation">,</span></span> <span class=""> <span class="token literal-property property">Host</span><span class="token operator">:</span> <span class="token template-string"><span class="token template-punctuation string">`</span><span class="token string">sts.</span><span class="token interpolation"><span class="token interpolation-punctuation punctuation">${</span>region<span class="token interpolation-punctuation punctuation">}</span></span><span class="token string">.amazonaws.com</span><span class="token template-punctuation string">`</span></span></span> <span class=""> <span class="token punctuation">}</span><span class="token punctuation">;</span></span> <!-- --> <span class=""> <span class="token keyword">const</span> request <span class="token operator">=</span> <span class="token keyword">new</span> <span class="token class-name">AWS<span class="token punctuation">.</span>HttpRequest</span><span class="token punctuation">(</span><span class="token keyword">new</span> <span class="token class-name">AWS<span class="token punctuation">.</span>Endpoint</span><span class="token punctuation">(</span>iamRequestURL<span class="token punctuation">)</span><span class="token punctuation">,</span> <span class="token constant">AWS</span><span class="token punctuation">.</span><span class="token property-access">config</span><span class="token punctuation">.</span><span class="token property-access">region</span><span class="token punctuation">)</span><span class="token punctuation">;</span></span> <span class=""> request<span class="token punctuation">.</span><span class="token property-access">method</span> <span class="token operator">=</span> <span class="token string">&quot;POST&quot;</span><span class="token punctuation">;</span></span> <span class=""> request<span class="token punctuation">.</span><span class="token property-access">headers</span> <span class="token operator">=</span> iamRequestHeaders<span class="token punctuation">;</span></span> <span class=""> request<span class="token punctuation">.</span><span class="token property-access">headers</span><span class="token punctuation">[</span><span class="token string">&quot;X-Amz-Date&quot;</span><span class="token punctuation">]</span> <span class="token operator">=</span> <span class="token constant">AWS</span><span class="token punctuation">.</span><span class="token property-access">util</span><span class="token punctuation">.</span><span class="token property-access">date</span><span class="token punctuation">.</span><span class="token method function property-access">iso8601</span><span class="token punctuation">(</span><span class="token keyword">new</span> <span class="token class-name">Date</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">)</span><span class="token punctuation">.</span><span class="token method function property-access">replace</span><span class="token punctuation">(</span><span class="token regex"><span class="token regex-delimiter">/</span><span class="token regex-source language-regex"><span class="token char-class"><span class="token char-class-punctuation punctuation">[</span>:-<span class="token char-class-punctuation punctuation">]</span></span><span class="token alternation keyword">|</span><span class="token special-escape escape">\.</span><span class="token char-set class-name">\d</span><span class="token quantifier number">{3}</span></span><span class="token regex-delimiter">/</span><span class="token regex-flags">g</span></span><span class="token punctuation">,</span> <span class="token string">&quot;&quot;</span><span class="token punctuation">)</span><span class="token punctuation">;</span></span> <span class=""> request<span class="token punctuation">.</span><span class="token property-access">body</span> <span class="token operator">=</span> iamRequestBody<span class="token punctuation">;</span></span> <span class=""> request<span class="token punctuation">.</span><span class="token property-access">headers</span><span class="token punctuation">[</span><span class="token string">&quot;Content-Length&quot;</span><span class="token punctuation">]</span> <span class="token operator">=</span> <span class="token maybe-class-name">Buffer</span><span class="token punctuation">.</span><span class="token method function property-access">byteLength</span><span class="token punctuation">(</span>iamRequestBody<span class="token punctuation">)</span><span class="token punctuation">;</span></span> <!-- --> <span class=""> <span class="token keyword">const</span> signer <span class="token operator">=</span> <span class="token keyword">new</span> <span class="token class-name">AWS<span class="token punctuation">.</span>Signers<span class="token punctuation">.</span>V4</span><span class="token punctuation">(</span>request<span class="token punctuation">,</span> <span class="token string">&quot;sts&quot;</span><span class="token punctuation">)</span><span class="token punctuation">;</span></span> <span class=""> signer<span class="token punctuation">.</span><span class="token method function property-access">addAuthorization</span><span class="token punctuation">(</span><span class="token constant">AWS</span><span class="token punctuation">.</span><span class="token property-access">config</span><span class="token punctuation">.</span><span class="token property-access">credentials</span><span class="token punctuation">,</span> <span class="token keyword">new</span> <span class="token class-name">Date</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">)</span><span class="token punctuation">;</span></span> <!-- --> <span class=""> <span class="token keyword">const</span> infisicalUrl <span class="token operator">=</span> <span class="token string">&quot;https://app.infisical.com&quot;</span><span class="token punctuation">;</span> <span class="token comment">// or your self-hosted Infisical URL</span></span> <span class=""> <span class="token keyword">const</span> identityId <span class="token operator">=</span> <span class="token string">&quot;&lt;your-identity-id&gt;&quot;</span><span class="token punctuation">;</span></span> <!-- --> <span class=""> <span class="token keyword">const</span> <span class="token punctuation">{</span> data <span class="token punctuation">}</span> <span class="token operator">=</span> <span class="token keyword control-flow">await</span> axios<span class="token punctuation">.</span><span class="token method function property-access">post</span><span class="token punctuation">(</span><span class="token template-string"><span class="token template-punctuation string">`</span><span class="token interpolation"><span class="token interpolation-punctuation punctuation">${</span>infisicalUrl<span class="token interpolation-punctuation punctuation">}</span></span><span class="token string">/api/v1/auth/aws-auth/login</span><span class="token template-punctuation string">`</span></span><span class="token punctuation">,</span> <span class="token punctuation">{</span></span> <span class=""> identityId<span class="token punctuation">,</span></span> <span class=""> <span class="token literal-property property">iamHttpRequestMethod</span><span class="token operator">:</span> <span class="token string">&quot;POST&quot;</span><span class="token punctuation">,</span></span> <span class=""> <span class="token literal-property property">iamRequestUrl</span><span class="token operator">:</span> <span class="token maybe-class-name">Buffer</span><span class="token punctuation">.</span><span class="token keyword module">from</span><span class="token punctuation">(</span>iamRequestURL<span class="token punctuation">)</span><span class="token punctuation">.</span><span class="token method function property-access">toString</span><span class="token punctuation">(</span><span class="token string">&quot;base64&quot;</span><span class="token punctuation">)</span><span class="token punctuation">,</span></span> <span class=""> <span class="token literal-property property">iamRequestBody</span><span class="token operator">:</span> <span class="token maybe-class-name">Buffer</span><span class="token punctuation">.</span><span class="token keyword module">from</span><span class="token punctuation">(</span>iamRequestBody<span class="token punctuation">)</span><span class="token punctuation">.</span><span class="token method function property-access">toString</span><span class="token punctuation">(</span><span class="token string">&quot;base64&quot;</span><span class="token punctuation">)</span><span class="token punctuation">,</span></span> <span class=""> <span class="token literal-property property">iamRequestHeaders</span><span class="token operator">:</span> <span class="token maybe-class-name">Buffer</span><span class="token punctuation">.</span><span class="token keyword module">from</span><span class="token punctuation">(</span><span class="token known-class-name class-name">JSON</span><span class="token punctuation">.</span><span class="token method function property-access">stringify</span><span class="token punctuation">(</span>iamRequestHeaders<span class="token punctuation">)</span><span class="token punctuation">)</span><span class="token punctuation">.</span><span class="token method function property-access">toString</span><span class="token punctuation">(</span><span class="token string">&quot;base64&quot;</span><span class="token punctuation">)</span></span> <span class=""> <span class="token punctuation">}</span><span class="token punctuation">)</span><span class="token punctuation">;</span></span> <!-- --> <span class=""> <span class="token console class-name">console</span><span class="token punctuation">.</span><span class="token method function property-access">log</span><span class="token punctuation">(</span><span class="token string">&quot;result data: &quot;</span><span class="token punctuation">,</span> data<span class="token punctuation">)</span><span class="token punctuation">;</span> <span class="token comment">// access token here</span></span> <span class=""> <span class="token punctuation">}</span> <span class="token keyword control-flow">catch</span> <span class="token punctuation">(</span>err<span class="token punctuation">)</span> <span class="token punctuation">{</span></span> <span class=""> <span class="token console class-name">console</span><span class="token punctuation">.</span><span class="token method function property-access">error</span><span class="token punctuation">(</span>err<span class="token punctuation">)</span><span class="token punctuation">;</span></span> <span class=""> <span class="token punctuation">}</span></span> <span class=""><span class="token punctuation">}</span></span> <!-- --> <span class=""><span class="token function">main</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">;</span></span> </code></pre></div></div></div></div></div><div role="button" class="border-standard rounded-2xl mb-3 overflow-hidden bg-background-light dark:bg-codeblock"><button class="relative not-prose flex flex-row items-center content-center w-full py-4 px-5 space-x-2 hover:bg-gray-100 hover:dark:bg-gray-800 rounded-t-xl" aria-controls="sample-code-for-general-query-construction accordion children" aria-expanded="false"><div id="sample-code-for-general-query-construction" class="absolute -top-[8rem]"></div><div class="mr-0.5"><svg class="h-3 w-3 transition bg-gray-700 dark:bg-gray-400 duration-75" style="-webkit-mask-image:url(https://mintlify.b-cdn.net/v6.6.0/solid/caret-right.svg);-webkit-mask-repeat:no-repeat;-webkit-mask-position:center;mask-image:url(https://mintlify.b-cdn.net/v6.6.0/solid/caret-right.svg);mask-repeat:no-repeat;mask-position:center"></svg></div><div class="leading-tight text-left"><p class="m-0 font-medium text-gray-900 dark:text-gray-200">Sample code for general query construction</p></div></button><div id="sample-code-for-general-query-construction accordion children" class="mt-2 mb-4 mx-6 hidden"><p>The following query construction provides a generic example of how you can construct a signed <code>GetCallerIdentity</code> query and obtain the required payload components.</p><p>The shown example uses Node.js but you can use any language you wish.</p><div class="mt-5 mb-8 not-prose rounded-2xl relative text-gray-50 bg-[#0F1117] dark:bg-codeblock border border-transparent dark:border-gray-800/50 codeblock-dark"><div class="min-w-full relative text-sm leading-6 children:!my-0 children:!shadow-none children:!bg-transparent transition-[height] duration-300 ease-in-out" style="font-variant-ligatures:none;height:auto"><div class="overflow-x-auto h-full p-5 overflow-y-hidden scrollbar-thin scrollbar-thumb-rounded scrollbar-thumb-white/20 dark:scrollbar-thumb-white/20 hover:scrollbar-thumb-white/25 dark:hover:scrollbar-thumb-white/25 active:scrollbar-thumb-white/25 dark:active:scrollbar-thumb-white/25"><pre class="language-javascript"><code class="language-javascript"><span class=""><span class="token keyword">const</span> <span class="token constant">AWS</span> <span class="token operator">=</span> <span class="token function">require</span><span class="token punctuation">(</span><span class="token string">&quot;aws-sdk&quot;</span><span class="token punctuation">)</span><span class="token punctuation">;</span></span> <!-- --> <span class=""><span class="token keyword">const</span> region <span class="token operator">=</span> <span class="token string">&quot;&lt;your-aws-region&gt;&quot;</span><span class="token punctuation">;</span></span> <span class=""><span class="token keyword">const</span> infisicalUrl <span class="token operator">=</span> <span class="token string">&quot;https://app.infisical.com&quot;</span><span class="token punctuation">;</span> <span class="token comment">// or your self-hosted Infisical URL</span></span> <!-- --> <span class=""><span class="token keyword">const</span> iamRequestURL <span class="token operator">=</span> <span class="token template-string"><span class="token template-punctuation string">`</span><span class="token string">https://sts.</span><span class="token interpolation"><span class="token interpolation-punctuation punctuation">${</span>region<span class="token interpolation-punctuation punctuation">}</span></span><span class="token string">.amazonaws.com/</span><span class="token template-punctuation string">`</span></span><span class="token punctuation">;</span></span> <span class=""><span class="token keyword">const</span> iamRequestBody <span class="token operator">=</span> <span class="token string">&quot;Action=GetCallerIdentity&amp;Version=2011-06-15&quot;</span><span class="token punctuation">;</span></span> <span class=""><span class="token keyword">const</span> iamRequestHeaders <span class="token operator">=</span> <span class="token punctuation">{</span></span> <span class=""> <span class="token string-property property">&quot;Content-Type&quot;</span><span class="token operator">:</span> <span class="token string">&quot;application/x-www-form-urlencoded; charset=utf-8&quot;</span><span class="token punctuation">,</span></span> <span class=""> <span class="token literal-property property">Host</span><span class="token operator">:</span> <span class="token template-string"><span class="token template-punctuation string">`</span><span class="token string">sts.</span><span class="token interpolation"><span class="token interpolation-punctuation punctuation">${</span>region<span class="token interpolation-punctuation punctuation">}</span></span><span class="token string">.amazonaws.com</span><span class="token template-punctuation string">`</span></span></span> <span class=""><span class="token punctuation">}</span><span class="token punctuation">;</span></span> <!-- --> <span class=""><span class="token keyword">const</span> request <span class="token operator">=</span> <span class="token keyword">new</span> <span class="token class-name">AWS<span class="token punctuation">.</span>HttpRequest</span><span class="token punctuation">(</span><span class="token keyword">new</span> <span class="token class-name">AWS<span class="token punctuation">.</span>Endpoint</span><span class="token punctuation">(</span>iamRequestURL<span class="token punctuation">)</span><span class="token punctuation">,</span> region<span class="token punctuation">)</span><span class="token punctuation">;</span></span> <span class="">request<span class="token punctuation">.</span><span class="token property-access">method</span> <span class="token operator">=</span> <span class="token string">&quot;POST&quot;</span><span class="token punctuation">;</span></span> <span class="">request<span class="token punctuation">.</span><span class="token property-access">headers</span> <span class="token operator">=</span> iamRequestHeaders<span class="token punctuation">;</span></span> <span class="">request<span class="token punctuation">.</span><span class="token property-access">headers</span><span class="token punctuation">[</span><span class="token string">&quot;X-Amz-Date&quot;</span><span class="token punctuation">]</span> <span class="token operator">=</span> <span class="token constant">AWS</span><span class="token punctuation">.</span><span class="token property-access">util</span><span class="token punctuation">.</span><span class="token property-access">date</span><span class="token punctuation">.</span><span class="token method function property-access">iso8601</span><span class="token punctuation">(</span><span class="token keyword">new</span> <span class="token class-name">Date</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">)</span><span class="token punctuation">.</span><span class="token method function property-access">replace</span><span class="token punctuation">(</span><span class="token regex"><span class="token regex-delimiter">/</span><span class="token regex-source language-regex"><span class="token char-class"><span class="token char-class-punctuation punctuation">[</span>:-<span class="token char-class-punctuation punctuation">]</span></span><span class="token alternation keyword">|</span><span class="token special-escape escape">\.</span><span class="token char-set class-name">\d</span><span class="token quantifier number">{3}</span></span><span class="token regex-delimiter">/</span><span class="token regex-flags">g</span></span><span class="token punctuation">,</span> <span class="token string">&quot;&quot;</span><span class="token punctuation">)</span><span class="token punctuation">;</span></span> <span class="">request<span class="token punctuation">.</span><span class="token property-access">body</span> <span class="token operator">=</span> iamRequestBody<span class="token punctuation">;</span></span> <span class="">request<span class="token punctuation">.</span><span class="token property-access">headers</span><span class="token punctuation">[</span><span class="token string">&quot;Content-Length&quot;</span><span class="token punctuation">]</span> <span class="token operator">=</span> <span class="token maybe-class-name">Buffer</span><span class="token punctuation">.</span><span class="token method function property-access">byteLength</span><span class="token punctuation">(</span>iamRequestBody<span class="token punctuation">)</span><span class="token punctuation">;</span></span> <!-- --> <span class=""><span class="token keyword">const</span> signer <span class="token operator">=</span> <span class="token keyword">new</span> <span class="token class-name">AWS<span class="token punctuation">.</span>Signers<span class="token punctuation">.</span>V4</span><span class="token punctuation">(</span>request<span class="token punctuation">,</span> <span class="token string">&quot;sts&quot;</span><span class="token punctuation">)</span><span class="token punctuation">;</span></span> <span class="">signer<span class="token punctuation">.</span><span class="token method function property-access">addAuthorization</span><span class="token punctuation">(</span><span class="token constant">AWS</span><span class="token punctuation">.</span><span class="token property-access">config</span><span class="token punctuation">.</span><span class="token property-access">credentials</span><span class="token punctuation">,</span> <span class="token keyword">new</span> <span class="token class-name">Date</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">)</span><span class="token punctuation">;</span></span> </code></pre></div></div></div><h4>Sample request</h4><div class="mt-5 mb-8 not-prose rounded-2xl relative text-gray-50 bg-[#0F1117] dark:bg-codeblock border border-transparent dark:border-gray-800/50 codeblock-dark"><div class="flex rounded-t-2xl text-gray-400 text-xs leading-6 border-b font-medium bg-black/40 border-gray-900/80"><div class="flex-none border-b px-4 pt-2.5 pb-2 flex items-center text-primary-light border-primary-light">Request</div><div class="flex-1 mr-4 flex items-center justify-end"></div></div><div class="min-w-full relative text-sm leading-6 children:!my-0 children:!shadow-none children:!bg-transparent transition-[height] duration-300 ease-in-out" style="font-variant-ligatures:none;height:auto"><div class="overflow-x-auto h-full p-5 overflow-y-hidden scrollbar-thin scrollbar-thumb-rounded scrollbar-thumb-white/20 dark:scrollbar-thumb-white/20 hover:scrollbar-thumb-white/25 dark:hover:scrollbar-thumb-white/25 active:scrollbar-thumb-white/25 dark:active:scrollbar-thumb-white/25"><pre class="language-bash"><code class="language-bash"><span class=""><span class="token function">curl</span> <span class="token parameter variable">--location</span> <span class="token parameter variable">--request</span> POST <span class="token string">&#x27;https://app.infisical.com/api/v1/auth/aws-auth/login&#x27;</span> <span class="token punctuation">\</span></span> <span class=""> <span class="token parameter variable">--header</span> <span class="token string">&#x27;Content-Type: application/x-www-form-urlencoded&#x27;</span> <span class="token punctuation">\</span></span> <span class=""> --data-urlencode <span class="token string">&#x27;identityId=...&#x27;</span> <span class="token punctuation">\</span></span> <span class=""> --data-urlencode <span class="token string">&#x27;iamHttpRequestMethod=...&#x27;</span> <span class="token punctuation">\</span></span> <span class=""> --data-urlencode <span class="token string">&#x27;iamRequestBody=...&#x27;</span> <span class="token punctuation">\</span></span> <span class=""> --data-urlencode <span class="token string">&#x27;iamRequestHeaders=...&#x27;</span></span> </code></pre></div></div></div><div class="my-4 px-5 py-4 overflow-hidden rounded-2xl flex gap-3 border border-sky-500/20 bg-sky-50/50 dark:border-sky-500/30 dark:bg-sky-500/10"><div class="mt-0.5 w-4"><svg width="14" height="14" viewBox="0 0 14 14" fill="currentColor" xmlns="http://www.w3.org/2000/svg" class="w-4 h-4 text-sky-500" aria-label="Note"><path fill-rule="evenodd" clip-rule="evenodd" d="M7 1.3C10.14 1.3 12.7 3.86 12.7 7C12.7 10.14 10.14 12.7 7 12.7C5.48908 12.6974 4.0408 12.096 2.97241 11.0276C1.90403 9.9592 1.30264 8.51092 1.3 7C1.3 3.86 3.86 1.3 7 1.3ZM7 0C3.14 0 0 3.14 0 7C0 10.86 3.14 14 7 14C10.86 14 14 10.86 14 7C14 3.14 10.86 0 7 0ZM8 3H6V8H8V3ZM8 9H6V11H8V9Z"></path></svg></div><div class="text-sm prose min-w-0 text-sky-900 dark:text-sky-200"><p>Note that you should replace <code>&lt;identityId&gt;</code> with the ID of the identity you created in step 1.</p></div></div><h4>Sample response</h4><div class="mt-5 mb-8 not-prose rounded-2xl relative text-gray-50 bg-[#0F1117] dark:bg-codeblock border border-transparent dark:border-gray-800/50 codeblock-dark"><div class="flex rounded-t-2xl text-gray-400 text-xs leading-6 border-b font-medium bg-black/40 border-gray-900/80"><div class="flex-none border-b px-4 pt-2.5 pb-2 flex items-center text-primary-light border-primary-light">Response</div><div class="flex-1 mr-4 flex items-center justify-end"></div></div><div class="min-w-full relative text-sm leading-6 children:!my-0 children:!shadow-none children:!bg-transparent transition-[height] duration-300 ease-in-out" style="font-variant-ligatures:none;height:auto"><div class="overflow-x-auto h-full p-5 overflow-y-hidden scrollbar-thin scrollbar-thumb-rounded scrollbar-thumb-white/20 dark:scrollbar-thumb-white/20 hover:scrollbar-thumb-white/25 dark:hover:scrollbar-thumb-white/25 active:scrollbar-thumb-white/25 dark:active:scrollbar-thumb-white/25"><pre class="language-bash"><code class="language-bash"><span class=""><span class="token punctuation">{</span></span> <span class=""> <span class="token string">&quot;accessToken&quot;</span><span class="token builtin class-name">:</span> <span class="token string">&quot;...&quot;</span>,</span> <span class=""> <span class="token string">&quot;expiresIn&quot;</span><span class="token builtin class-name">:</span> <span class="token number">7200</span>,</span> <span class=""> <span class="token string">&quot;accessTokenMaxTTL&quot;</span><span class="token builtin class-name">:</span> <span class="token number">43244</span></span> <span class=""> <span class="token string">&quot;tokenType&quot;</span><span class="token builtin class-name">:</span> <span class="token string">&quot;Bearer&quot;</span></span> <span class=""><span class="token punctuation">}</span></span> </code></pre></div></div></div><p>Next, you can use the access token to access the <a href="/docs/api-reference/overview/introduction">Infisical API</a></p></div></div></div><div class="my-4 px-5 py-4 overflow-hidden rounded-2xl flex gap-3 border border-emerald-500/20 bg-emerald-50/50 dark:border-emerald-500/30 dark:bg-emerald-500/10"><div class="mt-0.5 w-4"><svg width="11" height="14" viewBox="0 0 11 14" fill="currentColor" xmlns="http://www.w3.org/2000/svg" class="text-emerald-600 dark:text-emerald-400/80 w-3.5 h-auto" aria-label="Tip"><path d="M3.12794 12.4232C3.12794 12.5954 3.1776 12.7634 3.27244 12.907L3.74114 13.6095C3.88471 13.8248 4.21067 14 4.46964 14H6.15606C6.41415 14 6.74017 13.825 6.88373 13.6095L7.3508 12.9073C7.43114 12.7859 7.49705 12.569 7.49705 12.4232L7.50055 11.3513H3.12521L3.12794 12.4232ZM5.31288 0C2.52414 0.00875889 0.5 2.26889 0.5 4.78826C0.5 6.00188 0.949566 7.10829 1.69119 7.95492C2.14321 8.47011 2.84901 9.54727 3.11919 10.4557C3.12005 10.4625 3.12175 10.4698 3.12261 10.4771H7.50342C7.50427 10.4698 7.50598 10.463 7.50684 10.4557C7.77688 9.54727 8.48281 8.47011 8.93484 7.95492C9.67728 7.13181 10.1258 6.02703 10.1258 4.78826C10.1258 2.15486 7.9709 0.000106649 5.31288 0ZM7.94902 7.11267C7.52078 7.60079 6.99082 8.37878 6.6077 9.18794H4.02051C3.63739 8.37878 3.10743 7.60079 2.67947 7.11294C2.11997 6.47551 1.8126 5.63599 1.8126 4.78826C1.8126 3.09829 3.12794 1.31944 5.28827 1.3126C7.2435 1.3126 8.81315 2.88226 8.81315 4.78826C8.81315 5.63599 8.50688 6.47551 7.94902 7.11267ZM4.87534 2.18767C3.66939 2.18767 2.68767 3.16939 2.68767 4.37534C2.68767 4.61719 2.88336 4.81288 3.12521 4.81288C3.36705 4.81288 3.56274 4.61599 3.56274 4.37534C3.56274 3.6515 4.1515 3.06274 4.87534 3.06274C5.11719 3.06274 5.31288 2.86727 5.31288 2.62548C5.31288 2.38369 5.11599 2.18767 4.87534 2.18767Z"></path></svg></div><div class="text-sm prose min-w-0 text-emerald-900 dark:text-emerald-200"><p>We recommend using one of Infisical’s clients like SDKs or the Infisical Agent to authenticate with Infisical using AWS Auth as they handle the authentication process including the signed <code>GetCallerIdentity</code> query construction for you.</p></div></div><div class="my-4 px-5 py-4 overflow-hidden rounded-2xl flex gap-3 border border-sky-500/20 bg-sky-50/50 dark:border-sky-500/30 dark:bg-sky-500/10"><div class="mt-0.5 w-4"><svg width="14" height="14" viewBox="0 0 14 14" fill="currentColor" xmlns="http://www.w3.org/2000/svg" class="w-4 h-4 text-sky-500" aria-label="Note"><path fill-rule="evenodd" clip-rule="evenodd" d="M7 1.3C10.14 1.3 12.7 3.86 12.7 7C12.7 10.14 10.14 12.7 7 12.7C5.48908 12.6974 4.0408 12.096 2.97241 11.0276C1.90403 9.9592 1.30264 8.51092 1.3 7C1.3 3.86 3.86 1.3 7 1.3ZM7 0C3.14 0 0 3.14 0 7C0 10.86 3.14 14 7 14C10.86 14 14 10.86 14 7C14 3.14 10.86 0 7 0ZM8 3H6V8H8V3ZM8 9H6V11H8V9Z"></path></svg></div><div class="text-sm prose min-w-0 text-sky-900 dark:text-sky-200"><p>Each identity access token has a time-to-live (TLL) which you can infer from the response of the login operation; the default TTL is <code>7200</code> seconds which can be adjusted.</p><p>If an identity access token expires, it can no longer authenticate with the Infisical API. In this case, a new access token should be obtained by performing another login operation.</p></div></div></div></div></div></div></div><div class="leading-6 mt-14"><div class="pb-16 w-full"><div class="flex flex-col gap-y-4 xl:flex-col xl:gap-6 min-[1400px]:flex-row md:flex-row md:justify-end"><div class="flex flex-row gap-5 items-center grow justify-between md:justify-start xl:justify-between min-[1400px]:justify-start"><p class="text-sm text-gray-600 dark:text-gray-400">Was this page helpful?</p><div class="flex flex-row gap-3 items-center"><button class="px-3.5 py-2 flex flex-row gap-3 items-center border-standard rounded-xl text-gray-600 dark:text-gray-400 hover:text-gray-700 dark:hover:text-gray-300 bg-white/50 dark:bg-codeblock/50 hover:border-gray-500 hover:dark:border-gray-500"><svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 16 16" class="fill-current"><path d="M10.1187 1.08741C8.925 0.746789 7.67813 1.43741 7.3375 2.63116L7.15938 3.25616C7.04375 3.66241 6.83438 4.03741 6.55 4.34991L4.94688 6.11241C4.66875 6.41866 4.69062 6.89366 4.99687 7.17179C5.30312 7.44991 5.77813 7.42804 6.05625 7.12179L7.65938 5.35929C8.1 4.87491 8.42188 4.29679 8.6 3.66866L8.77812 3.04366C8.89062 2.64679 9.30625 2.41554 9.70625 2.52804C10.1063 2.64054 10.3344 3.05616 10.2219 3.45616L10.0437 4.08116C9.86562 4.70304 9.58437 5.29054 9.2125 5.81554C9.05 6.04366 9.03125 6.34366 9.15938 6.59366C9.2875 6.84366 9.54375 6.99991 9.825 6.99991H14C14.275 6.99991 14.5 7.22491 14.5 7.49991C14.5 7.71241 14.3656 7.89679 14.175 7.96866C13.9438 8.05616 13.7688 8.24992 13.7094 8.49054C13.65 8.73117 13.7125 8.98429 13.875 9.16866C13.9531 9.25616 14 9.37179 14 9.49991C14 9.74366 13.825 9.94679 13.5938 9.99054C13.3375 10.0405 13.1219 10.2187 13.0312 10.4624C12.9406 10.7062 12.9813 10.9843 13.1438 11.1905C13.2094 11.2749 13.25 11.3812 13.25 11.4999C13.25 11.7093 13.1187 11.8937 12.9312 11.9655C12.5719 12.1062 12.3781 12.4937 12.4812 12.8655C12.4937 12.9062 12.5 12.953 12.5 12.9999C12.5 13.2749 12.275 13.4999 12 13.4999H8.95312C8.55937 13.4999 8.17188 13.3843 7.84375 13.1655L5.91563 11.8812C5.57188 11.6499 5.10625 11.7437 4.875 12.0905C4.64375 12.4374 4.7375 12.8999 5.08437 13.1312L7.0125 14.4155C7.5875 14.7999 8.2625 15.003 8.95312 15.003H12C13.0844 15.003 13.9656 14.1405 14 13.0655C14.4563 12.6999 14.75 12.1374 14.75 11.503C14.75 11.3624 14.7344 11.228 14.7094 11.0968C15.1906 10.7312 15.5 10.153 15.5 9.50304C15.5 9.29991 15.4688 9.10304 15.4125 8.91866C15.775 8.55304 16 8.05304 16 7.49991C16 6.39679 15.1063 5.49991 14 5.49991H11.1156C11.2625 5.17491 11.3875 4.83741 11.4844 4.49366L11.6625 3.86866C12.0031 2.67491 11.3125 1.42804 10.1187 1.08741ZM1 5.99991C0.446875 5.99991 0 6.44679 0 6.99991V13.9999C0 14.553 0.446875 14.9999 1 14.9999H3C3.55313 14.9999 4 14.553 4 13.9999V6.99991C4 6.44679 3.55313 5.99991 3 5.99991H1Z"></path></svg><small class="text-sm font-normal leading-4 ">Yes</small></button><button class="px-3.5 py-2 flex flex-row gap-3 items-center border-standard rounded-xl text-gray-600 dark:text-gray-400 hover:text-gray-700 dark:hover:text-gray-300 bg-white/50 dark:bg-codeblock/50 hover:border-gray-500 hover:dark:border-gray-500"><svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 16 16" class="fill-current"><path d="M10.1187 14.9124C8.925 15.253 7.67813 14.5624 7.3375 13.3687L7.15938 12.7437C7.04375 12.3374 6.83438 11.9624 6.55 11.6499L4.94688 9.8874C4.66875 9.58115 4.69062 9.10615 4.99687 8.82803C5.30312 8.5499 5.77813 8.57178 6.05625 8.87803L7.65938 10.6405C8.1 11.1249 8.42188 11.703 8.6 12.3312L8.77812 12.9562C8.89062 13.353 9.30625 13.5843 9.70625 13.4718C10.1063 13.3593 10.3344 12.9437 10.2219 12.5437L10.0437 11.9187C9.86562 11.2968 9.58437 10.7093 9.2125 10.1843C9.05 9.95615 9.03125 9.65615 9.15938 9.40615C9.2875 9.15615 9.54375 8.9999 9.825 8.9999H14C14.275 8.9999 14.5 8.7749 14.5 8.4999C14.5 8.2874 14.3656 8.10303 14.175 8.03115C13.9438 7.94365 13.7688 7.7499 13.7094 7.50928C13.65 7.26865 13.7125 7.01553 13.875 6.83115C13.9531 6.74365 14 6.62803 14 6.4999C14 6.25615 13.825 6.05303 13.5938 6.00928C13.3375 5.95928 13.1219 5.78115 13.0312 5.53428C12.9406 5.2874 12.9813 5.0124 13.1438 4.80615C13.2094 4.72178 13.25 4.61553 13.25 4.49678C13.25 4.2874 13.1187 4.10303 12.9312 4.03115C12.5719 3.89053 12.3781 3.50303 12.4812 3.13115C12.4937 3.09053 12.5 3.04365 12.5 2.99678C12.5 2.72178 12.275 2.49678 12 2.49678H8.95312C8.55937 2.49678 8.17188 2.6124 7.84375 2.83115L5.91563 4.11553C5.57188 4.34678 5.10625 4.25303 4.875 3.90615C4.64375 3.55928 4.7375 3.09678 5.08437 2.86553L7.0125 1.58115C7.5875 1.19678 8.2625 0.993652 8.95312 0.993652H12C13.0844 0.993652 13.9656 1.85615 14 2.93115C14.4563 3.29678 14.75 3.85928 14.75 4.49365C14.75 4.63428 14.7344 4.76865 14.7094 4.8999C15.1906 5.26553 15.5 5.84365 15.5 6.49365C15.5 6.69678 15.4688 6.89365 15.4125 7.07803C15.775 7.44678 16 7.94678 16 8.4999C16 9.60303 15.1063 10.4999 14 10.4999H11.1156C11.2625 10.8249 11.3875 11.1624 11.4844 11.5062L11.6625 12.1312C12.0031 13.3249 11.3125 14.5718 10.1187 14.9124ZM1 11.9999C0.446875 11.9999 0 11.553 0 10.9999V3.9999C0 3.44678 0.446875 2.9999 1 2.9999H3C3.55313 2.9999 4 3.44678 4 3.9999V10.9999C4 11.553 3.55313 11.9999 3 11.9999H1Z"></path></svg><small class="text-sm font-normal leading-4 ">No</small></button></div></div><div class="flex flex-row gap-3 justify-end"><a class="px-3.5 py-2 flex flex-row gap-3 items-center border-standard rounded-xl text-gray-600 dark:text-gray-400 hover:text-gray-700 dark:hover:text-gray-300 bg-white/50 dark:bg-codeblock/50 hover:border-gray-500 hover:dark:border-gray-500" target="_blank" rel="noopener noreferrer" href="https://github.com/infisical/infisical/edit/main/docs/documentation/platform/identities/aws-auth.mdx"><svg class="h-3.5 w-3.5 block fill-current" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M58.57 323.5L362.7 19.32C387.7-5.678 428.3-5.678 453.3 19.32L492.7 58.75C495.8 61.87 498.5 65.24 500.9 68.79C517.3 93.63 514.6 127.4 492.7 149.3L188.5 453.4C187.2 454.7 185.9 455.1 184.5 457.2C174.9 465.7 163.5 471.1 151.1 475.6L30.77 511C22.35 513.5 13.24 511.2 7.03 504.1C.8198 498.8-1.502 489.7 .976 481.2L36.37 360.9C40.53 346.8 48.16 333.9 58.57 323.5L58.57 323.5zM82.42 374.4L59.44 452.6L137.6 429.6C143.1 427.7 149.8 424.2 154.6 419.5L383 191L320.1 128.1L92.51 357.4C91.92 358 91.35 358.6 90.8 359.3C86.94 363.6 84.07 368.8 82.42 374.4L82.42 374.4z"></path></svg><svg class="h-3.5 w-3.5 hidden group-hover:block fill-gray-500 dark:fill-gray-400 group-hover:fill-gray-700 dark:group-hover:fill-gray-200" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M362.7 19.3L314.3 67.7 444.3 197.7l48.4-48.4c25-25 25-65.5 0-90.5L453.3 19.3c-25-25-65.5-25-90.5 0zm-71 71L58.6 323.5c-10.4 10.4-18 23.3-22.2 37.4L1 481.2C-1.5 489.7 .8 498.8 7 505s15.3 8.5 23.7 6.1l120.3-35.4c14.1-4.2 27-11.8 37.4-22.2L421.7 220.3 291.7 90.3z"></path></svg><small class="text-sm leading-4">Suggest edits</small></a><a class="px-3.5 py-2 flex flex-row gap-3 items-center border-standard rounded-xl text-gray-600 dark:text-gray-400 hover:text-gray-700 dark:hover:text-gray-300 bg-white/50 dark:bg-codeblock/50 hover:border-gray-500 hover:dark:border-gray-500" target="_blank" rel="noopener noreferrer" href="https://github.com/infisical/infisical/issues/new?title=Issue on docs&amp;body=Path: /documentation/platform/identities/aws-auth"><svg class="h-3.5 w-3.5 block fill-current" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M506.3 417l-213.3-364C284.8 39 270.4 32 256 32C241.6 32 227.2 39 218.1 53l-213.2 364C-10.59 444.9 9.851 480 42.74 480h426.6C502.1 480 522.6 445 506.3 417zM52.58 432L255.1 84.8L459.4 432H52.58zM256 337.1c-17.36 0-31.44 14.08-31.44 31.44c0 17.36 14.11 31.44 31.48 31.44s31.4-14.08 31.4-31.44C287.4 351.2 273.4 337.1 256 337.1zM232 184v96C232 293.3 242.8 304 256 304s24-10.75 24-24v-96C280 170.8 269.3 160 256 160S232 170.8 232 184z"></path></svg><svg class="h-3.5 w-3.5 hidden group-hover:block fill-gray-500 dark:fill-gray-400 group-hover:fill-gray-700 dark:group-hover:fill-gray-200" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M256 32c14.2 0 27.3 7.5 34.5 19.8l216 368c7.3 12.4 7.3 27.7 .2 40.1S486.3 480 472 480H40c-14.3 0-27.6-7.7-34.7-20.1s-7-27.8 .2-40.1l216-368C228.7 39.5 241.8 32 256 32zm0 128c-13.3 0-24 10.7-24 24V296c0 13.3 10.7 24 24 24s24-10.7 24-24V184c0-13.3-10.7-24-24-24zm32 224c0-17.7-14.3-32-32-32s-32 14.3-32 32s14.3 32 32 32s32-14.3 32-32z"></path></svg><small class="text-sm leading-4">Raise issue</small></a></div></div></div><div class="mb-12 px-0.5 flex items-center text-sm font-semibold text-gray-700 dark:text-gray-200"><a class="flex items-center space-x-3 group" href="/docs/documentation/platform/identities/azure-auth"><svg viewBox="0 0 3 6" class="h-1.5 stroke-gray-400 overflow-visible group-hover:stroke-gray-600 dark:group-hover:stroke-gray-300"><path d="M3 0L0 3L3 6" fill="none" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"></path></svg><span class="group-hover:text-gray-900 dark:group-hover:text-white">Azure Auth</span></a><a class="flex items-center ml-auto space-x-3 group" href="/docs/documentation/platform/identities/jwt-auth"><span class="group-hover:text-gray-900 dark:group-hover:text-white">JWT Auth</span><svg viewBox="0 0 3 6" class="rotate-180 h-1.5 stroke-gray-400 overflow-visible group-hover:stroke-gray-600 dark:group-hover:stroke-gray-300"><path d="M3 0L0 3L3 6" fill="none" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"></path></svg></a></div></div></div><div class="hidden xl:flex self-start sticky h-[calc(100vh-8rem-1.5rem-1.5rem)] top-[calc(8rem+1.5rem)]" id="content-side-layout"><div class="z-10 hidden xl:flex pl-10 box-border w-[19rem]" id="table-of-contents"><div id="table-of-contents-content" class="text-gray-600 text-sm leading-6 w-[16.5rem] overflow-y-auto space-y-2"><div class="text-gray-700 dark:text-gray-300 font-medium flex items-center space-x-2"><svg width="16" height="16" viewBox="0 0 16 16" fill="none" stroke="currentColor" stroke-width="2" xmlns="http://www.w3.org/2000/svg" class="h-3 w-3"><path d="M2.44434 12.6665H13.5554" stroke-linecap="round" stroke-linejoin="round"></path><path d="M2.44434 3.3335H13.5554" stroke-linecap="round" stroke-linejoin="round"></path><path d="M2.44434 8H7.33323" stroke-linecap="round" stroke-linejoin="round"></path></svg><span>On this page</span></div><ul><li><a href="#diagram" class="py-1 block hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300">Diagram</a></li><li><a href="#concept" class="py-1 block hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300">Concept</a></li><li><a href="#guide" class="py-1 block hover:text-gray-900 dark:text-gray-400 dark:hover:text-gray-300">Guide</a></li></ul></div></div></div></div></div></div><footer id="footer" class="flex flex-col items-center mx-auto border-t border-gray-100 dark:border-gray-800/50"><div class="flex w-full flex-col gap-12 justify-between px-8 py-16 md:py-20 lg:py-28 max-w-[984px] z-0"><div class="flex flex-col md:flex-row gap-8 justify-between min-h-[76px]"><div class="flex md:flex-col justify-between items-center md:items-start min-w-16 md:min-w-20 lg:min-w-48 md:gap-y-24"><a href="https://infisical.com"><span class="sr-only">Infisical<!-- --> home page</span><img class="w-auto relative object-contain block dark:hidden max-w-48 h-[26px]" src="https://mintlify.s3.us-west-1.amazonaws.com/infisical/logo/light.svg" alt="light logo"/><img class="w-auto relative object-contain hidden dark:block max-w-48 h-[26px]" src="https://mintlify.s3.us-west-1.amazonaws.com/infisical/logo/dark.svg" alt="dark logo"/></a><div class="gap-3 min-w-[140px] max-w-[492px] flex-wrap h-fit flex justify-end md:justify-start"><a href="https://www.twitter.com/infisical/" target="_blank"><span class="sr-only">x</span><svg class="w-5 h-5 bg-gray-500 dark:bg-gray-600 hover:bg-gray-600 dark:hover:bg-gray-500" style="-webkit-mask-image:url(https://mintlify.b-cdn.net/v6.6.0/brands/x-twitter.svg);-webkit-mask-repeat:no-repeat;-webkit-mask-position:center;mask-image:url(https://mintlify.b-cdn.net/v6.6.0/brands/x-twitter.svg);mask-repeat:no-repeat;mask-position:center"></svg></a><a href="https://www.linkedin.com/company/infisical/" target="_blank"><span class="sr-only">linkedin</span><svg class="w-5 h-5 bg-gray-500 dark:bg-gray-600 hover:bg-gray-600 dark:hover:bg-gray-500" style="-webkit-mask-image:url(https://mintlify.b-cdn.net/v6.6.0/brands/linkedin.svg);-webkit-mask-repeat:no-repeat;-webkit-mask-position:center;mask-image:url(https://mintlify.b-cdn.net/v6.6.0/brands/linkedin.svg);mask-repeat:no-repeat;mask-position:center"></svg></a><a href="https://github.com/Infisical/infisical-cli" target="_blank"><span class="sr-only">github</span><svg class="w-5 h-5 bg-gray-500 dark:bg-gray-600 hover:bg-gray-600 dark:hover:bg-gray-500" style="-webkit-mask-image:url(https://mintlify.b-cdn.net/v6.6.0/brands/github.svg);-webkit-mask-repeat:no-repeat;-webkit-mask-position:center;mask-image:url(https://mintlify.b-cdn.net/v6.6.0/brands/github.svg);mask-repeat:no-repeat;mask-position:center"></svg></a><a href="https://infisical.com/slack" target="_blank"><span class="sr-only">slack</span><svg class="w-5 h-5 bg-gray-500 dark:bg-gray-600 hover:bg-gray-600 dark:hover:bg-gray-500" style="-webkit-mask-image:url(https://mintlify.b-cdn.net/v6.6.0/brands/slack.svg);-webkit-mask-repeat:no-repeat;-webkit-mask-position:center;mask-image:url(https://mintlify.b-cdn.net/v6.6.0/brands/slack.svg);mask-repeat:no-repeat;mask-position:center"></svg></a></div></div><div class="flex flex-col sm:grid max-md:!grid-cols-2 gap-8 flex-1" style="grid-template-columns:repeat(4, minmax(0, 1fr))"><div class="flex flex-col gap-4 flex-1 whitespace-nowrap w-full md:items-center"><div class="flex gap-4 flex-col"><p class="text-sm font-semibold text-gray-950 dark:text-white mb-1">PRODUCT</p><a class="text-sm max-w-36 whitespace-normal md:truncate text-gray-950/50 dark:text-white/50 hover:text-gray-950/70 dark:hover:text-white/70" href="https://infisical.com/" target="_blank" rel="noreferrer">Secret Management</a><a class="text-sm max-w-36 whitespace-normal md:truncate text-gray-950/50 dark:text-white/50 hover:text-gray-950/70 dark:hover:text-white/70" href="https://infisical.com/radar" target="_blank" rel="noreferrer">Secret Scanning</a><a class="text-sm max-w-36 whitespace-normal md:truncate text-gray-950/50 dark:text-white/50 hover:text-gray-950/70 dark:hover:text-white/70" href="https://app.infisical.com/share-secret" target="_blank" rel="noreferrer">Share Secrets</a><a class="text-sm max-w-36 whitespace-normal md:truncate text-gray-950/50 dark:text-white/50 hover:text-gray-950/70 dark:hover:text-white/70" href="https://infisical.com/pricing" target="_blank" rel="noreferrer">Pricing</a><a class="text-sm max-w-36 whitespace-normal md:truncate text-gray-950/50 dark:text-white/50 hover:text-gray-950/70 dark:hover:text-white/70" href="https://infisical.com/docs/internals/security" target="_blank" rel="noreferrer">Security</a><a class="text-sm max-w-36 whitespace-normal md:truncate text-gray-950/50 dark:text-white/50 hover:text-gray-950/70 dark:hover:text-white/70" href="https://infisical.com/blog" target="_blank" rel="noreferrer">Blog</a><a class="text-sm max-w-36 whitespace-normal md:truncate text-gray-950/50 dark:text-white/50 hover:text-gray-950/70 dark:hover:text-white/70" href="https://infisical.com/infisical-vs-hashicorp-vault" target="_blank" rel="noreferrer">Infisical vs Vault</a><a class="text-sm max-w-36 whitespace-normal md:truncate text-gray-950/50 dark:text-white/50 hover:text-gray-950/70 dark:hover:text-white/70" href="https://questions.infisical.com/" target="_blank" rel="noreferrer">Forum</a></div></div><div class="flex flex-col gap-4 flex-1 whitespace-nowrap w-full md:items-center"><div class="flex gap-4 flex-col"><p class="text-sm font-semibold text-gray-950 dark:text-white mb-1">USE CASES</p><a class="text-sm max-w-36 whitespace-normal md:truncate text-gray-950/50 dark:text-white/50 hover:text-gray-950/70 dark:hover:text-white/70" href="https://infisical.com/docs/documentation/getting-started/introduction" target="_blank" rel="noreferrer">Infisical Agent</a><a class="text-sm max-w-36 whitespace-normal md:truncate text-gray-950/50 dark:text-white/50 hover:text-gray-950/70 dark:hover:text-white/70" href="https://infisical.com/docs/integrations/platforms/kubernetes" target="_blank" rel="noreferrer">Kubernetes</a><a class="text-sm max-w-36 whitespace-normal md:truncate text-gray-950/50 dark:text-white/50 hover:text-gray-950/70 dark:hover:text-white/70" href="https://infisical.com/docs/documentation/platform/dynamic-secrets/overview" target="_blank" rel="noreferrer">Dynamic Secrets</a><a class="text-sm max-w-36 whitespace-normal md:truncate text-gray-950/50 dark:text-white/50 hover:text-gray-950/70 dark:hover:text-white/70" href="https://infisical.com/docs/integrations/frameworks/terraform" target="_blank" rel="noreferrer">Terraform</a><a class="text-sm max-w-36 whitespace-normal md:truncate text-gray-950/50 dark:text-white/50 hover:text-gray-950/70 dark:hover:text-white/70" href="https://infisical.com/docs/integrations/platforms/ansible" target="_blank" rel="noreferrer">Ansible</a><a class="text-sm max-w-36 whitespace-normal md:truncate text-gray-950/50 dark:text-white/50 hover:text-gray-950/70 dark:hover:text-white/70" href="https://infisical.com/docs/integrations/cicd/jenkins" target="_blank" rel="noreferrer">Jenkins</a><a class="text-sm max-w-36 whitespace-normal md:truncate text-gray-950/50 dark:text-white/50 hover:text-gray-950/70 dark:hover:text-white/70" href="https://infisical.com/docs/integrations/platforms/docker-intro" target="_blank" rel="noreferrer">Docker</a><a class="text-sm max-w-36 whitespace-normal md:truncate text-gray-950/50 dark:text-white/50 hover:text-gray-950/70 dark:hover:text-white/70" href="https://infisical.com/docs/integrations/platforms/ecs-with-agent" target="_blank" rel="noreferrer">AWS ECS</a><a class="text-sm max-w-36 whitespace-normal md:truncate text-gray-950/50 dark:text-white/50 hover:text-gray-950/70 dark:hover:text-white/70" href="https://infisical.com/docs/integrations/cicd/gitlab" target="_blank" rel="noreferrer">GitLab</a><a class="text-sm max-w-36 whitespace-normal md:truncate text-gray-950/50 dark:text-white/50 hover:text-gray-950/70 dark:hover:text-white/70" href="https://infisical.com/docs/integrations/cicd/githubactions" target="_blank" rel="noreferrer">GitHub</a><a class="text-sm max-w-36 whitespace-normal md:truncate text-gray-950/50 dark:text-white/50 hover:text-gray-950/70 dark:hover:text-white/70" href="https://infisical.com/docs/sdks/overview" target="_blank" rel="noreferrer">SDK</a></div></div><div class="flex flex-col gap-4 flex-1 whitespace-nowrap w-full md:items-center"><div class="flex gap-4 flex-col"><p class="text-sm font-semibold text-gray-950 dark:text-white mb-1">DEVELOPERS</p><a class="text-sm max-w-36 whitespace-normal md:truncate text-gray-950/50 dark:text-white/50 hover:text-gray-950/70 dark:hover:text-white/70" href="https://www.infisical.com/docs/changelog" target="_blank" rel="noreferrer">Changelog</a><a class="text-sm max-w-36 whitespace-normal md:truncate text-gray-950/50 dark:text-white/50 hover:text-gray-950/70 dark:hover:text-white/70" href="https://status.infisical.com/" target="_blank" rel="noreferrer">Status</a><a class="text-sm max-w-36 whitespace-normal md:truncate text-gray-950/50 dark:text-white/50 hover:text-gray-950/70 dark:hover:text-white/70" href="https://github.com/Infisical/infisical/issues" target="_blank" rel="noreferrer">Feedback &amp; Requests</a><a class="text-sm max-w-36 whitespace-normal md:truncate text-gray-950/50 dark:text-white/50 hover:text-gray-950/70 dark:hover:text-white/70" href="https://app.vanta.com/infisical.com/trust/hoop8cr78cuarxo9sztvs" target="_blank" rel="noreferrer">Trust of Center</a><a class="text-sm max-w-36 whitespace-normal md:truncate text-gray-950/50 dark:text-white/50 hover:text-gray-950/70 dark:hover:text-white/70" href="https://infisical.com/infisical-friends" target="_blank" rel="noreferrer">Open Source Friends</a><a class="text-sm max-w-36 whitespace-normal md:truncate text-gray-950/50 dark:text-white/50 hover:text-gray-950/70 dark:hover:text-white/70" href="https://www.infisical.com/infisical-heroes" target="_blank" rel="noreferrer">How to contribute</a></div></div><div class="flex flex-col gap-4 flex-1 whitespace-nowrap w-full md:items-center"><div class="flex gap-4 flex-col"><p class="text-sm font-semibold text-gray-950 dark:text-white mb-1">OTHERS</p><a class="text-sm max-w-36 whitespace-normal md:truncate text-gray-950/50 dark:text-white/50 hover:text-gray-950/70 dark:hover:text-white/70" href="https://infisical.com/customers/traba" target="_blank" rel="noreferrer">Customers</a><a class="text-sm max-w-36 whitespace-normal md:truncate text-gray-950/50 dark:text-white/50 hover:text-gray-950/70 dark:hover:text-white/70" href="https://infisical.com/wiki/handbook/overview" target="_blank" rel="noreferrer">Company Handbook</a><a class="text-sm max-w-36 whitespace-normal md:truncate text-gray-950/50 dark:text-white/50 hover:text-gray-950/70 dark:hover:text-white/70" href="https://infisical.com/careers" target="_blank" rel="noreferrer">Careers</a><a class="text-sm max-w-36 whitespace-normal md:truncate text-gray-950/50 dark:text-white/50 hover:text-gray-950/70 dark:hover:text-white/70" href="https://infisical.com/terms" target="_blank" rel="noreferrer">Terms of Service</a><a class="text-sm max-w-36 whitespace-normal md:truncate text-gray-950/50 dark:text-white/50 hover:text-gray-950/70 dark:hover:text-white/70" href="https://infisical.com/privacy" target="_blank" rel="noreferrer">Privacy Policy</a><a class="text-sm max-w-36 whitespace-normal md:truncate text-gray-950/50 dark:text-white/50 hover:text-gray-950/70 dark:hover:text-white/70" href="https://infisical.com/subprocessors" target="_blank" rel="noreferrer">Subprocessors</a><a class="text-sm max-w-36 whitespace-normal md:truncate text-gray-950/50 dark:text-white/50 hover:text-gray-950/70 dark:hover:text-white/70" href="https://infisical.com/sla" target="_blank" rel="noreferrer">SLA</a><a class="text-sm max-w-36 whitespace-normal md:truncate text-gray-950/50 dark:text-white/50 hover:text-gray-950/70 dark:hover:text-white/70" href="/cdn-cgi/l/email-protection#215544404c61484f4748524842404d0f424e4c" target="_self" rel="noreferrer">Team Email</a><a class="text-sm max-w-36 whitespace-normal md:truncate text-gray-950/50 dark:text-white/50 hover:text-gray-950/70 dark:hover:text-white/70" href="/cdn-cgi/l/email-protection#8cffede0e9ffcce5e2eae5ffe5efede0a2efe3e1" target="_self" rel="noreferrer">Sales</a><a class="text-sm max-w-36 whitespace-normal md:truncate text-gray-950/50 dark:text-white/50 hover:text-gray-950/70 dark:hover:text-white/70" href="https://infisical.com/slack" target="_blank" rel="noreferrer">Support</a></div></div></div></div><div class="h-[1px] w-full bg-gray-100 dark:bg-white/5"></div><div class="flex items-center justify-between"><div class="sm:flex"><a href="https://mintlify.com/preview-request?utm_campaign=poweredBy&amp;utm_medium=docs&amp;utm_source=infisical" target="_blank" rel="noreferrer" class="text-sm text-gray-500 dark:text-gray-400 hover:text-gray-700 dark:hover:text-gray-300">Powered by Mintlify</a></div></div></div></footer></div></main></div><script data-cfasync="false" src="/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js"></script><script id="__NEXT_DATA__" type="application/json">{"props":{"pageProps":{"mdxSource":{"compiledSource":"\"use strict\";\nconst {Fragment: _Fragment, jsx: _jsx, jsxs: _jsxs} = arguments[0];\nconst {useMDXComponents: _provideComponents} = arguments[0];\nfunction _createMdxContent(props) {\n const _components = {\n a: \"a\",\n code: \"code\",\n h4: \"h4\",\n img: \"img\",\n li: \"li\",\n ol: \"ol\",\n p: \"p\",\n pre: \"pre\",\n span: \"span\",\n strong: \"strong\",\n ul: \"ul\",\n ..._provideComponents(),\n ...props.components\n }, {Accordion, AccordionGroup, CodeBlock, Heading, Mermaid, Note, Step, Steps, Tip} = _components;\n if (!Accordion) _missingMdxReference(\"Accordion\", true);\n if (!AccordionGroup) _missingMdxReference(\"AccordionGroup\", true);\n if (!CodeBlock) _missingMdxReference(\"CodeBlock\", true);\n if (!Heading) _missingMdxReference(\"Heading\", true);\n if (!Mermaid) _missingMdxReference(\"Mermaid\", true);\n if (!Note) _missingMdxReference(\"Note\", true);\n if (!Step) _missingMdxReference(\"Step\", true);\n if (!Steps) _missingMdxReference(\"Steps\", true);\n if (!Tip) _missingMdxReference(\"Tip\", true);\n return _jsxs(_Fragment, {\n children: [_jsxs(_components.p, {\n children: [_jsx(_components.strong, {\n children: \"AWS Auth\"\n }), \" is an AWS-native authentication method for IAM principals like EC2 instances or Lambda functions to access Infisical.\"]\n }), \"\\n\", _jsx(Heading, {\n level: \"2\",\n id: \"diagram\",\n children: \"Diagram\"\n }), \"\\n\", _jsx(_components.p, {\n children: \"The following sequence diagram illustrates the AWS Auth workflow for authenticating AWS IAM principals with Infisical.\"\n }), \"\\n\", _jsx(Mermaid, {\n chart: `sequenceDiagram\n participant Client as Client\n participant Infis as Infisical\n participant AWS as AWS STS\n\n Note over Client,Client: Step 1: Sign GetCallerIdentityQuery\n\n Note over Client,Infis: Step 2: Login Operation\n Client-\u003e\u003eInfis: Send signed query details /api/v1/auth/aws-auth/login\n\n Note over Infis,AWS: Step 3: Query verification\n Infis-\u003e\u003eAWS: Forward signed GetCallerIdentity query\n AWS--\u003e\u003eInfis: Return IAM user/role details\n\n Note over Infis: Step 4: Identity Property Validation\n Infis-\u003e\u003eClient: Return short-lived access token\n\n Note over Client,Infis: Step 5: Access Infisical API with Token\n Client-\u003e\u003eInfis: Make authenticated requests using the short-lived access token`\n }), \"\\n\", _jsx(Heading, {\n level: \"2\",\n id: \"concept\",\n children: \"Concept\"\n }), \"\\n\", _jsxs(_components.p, {\n children: [\"At a high-level, Infisical authenticates an IAM principal by verifying its identity and checking that it meets specific requirements (e.g. it is an allowed IAM principal ARN) at the \", _jsx(_components.code, {\n children: \"/api/v1/auth/aws-auth/login\"\n }), \" endpoint. If successful,\\nthen Infisical returns a short-lived access token that can be used to make authenticated requests to the Infisical API.\"]\n }), \"\\n\", _jsx(_components.p, {\n children: \"To be more specific:\"\n }), \"\\n\", _jsxs(_components.ol, {\n children: [\"\\n\", _jsxs(_components.li, {\n children: [\"The client IAM principal signs a \", _jsx(_components.code, {\n children: \"GetCallerIdentity\"\n }), \" query using the \", _jsx(_components.a, {\n href: \"https://docs.aws.amazon.com/IAM/latest/UserGuide/create-signed-request.html\",\n children: \"AWS Signature v4 algorithm\"\n }), \"; this is done using the credentials from the AWS environment where the IAM principal is running.\"]\n }), \"\\n\", _jsxs(_components.li, {\n children: [\"The client sends the signed query data to Infisical including the request method, request body, and request headers at the \", _jsx(_components.code, {\n children: \"/api/v1/auth/aws-auth/login\"\n }), \" endpoint.\"]\n }), \"\\n\", _jsxs(_components.li, {\n children: [\"Infisical reconstructs the query and sends it to AWS STS API via the \", _jsx(_components.a, {\n href: \"https://docs.aws.amazon.com/STS/latest/APIReference/API_GetCallerIdentity.html\",\n children: \"sts:GetCallerIdentity\"\n }), \" method for verification and obtains the identity associated with the IAM principal.\"]\n }), \"\\n\", _jsxs(_components.li, {\n children: [\"Infisical checks the identity’s properties against set criteria such \", _jsx(_components.strong, {\n children: \"Allowed Principal ARNs\"\n }), \".\"]\n }), \"\\n\", _jsx(_components.li, {\n children: \"If all is well, Infisical returns a short-lived access token that the IAM principal can use to make authenticated requests to the Infisical API.\"\n }), \"\\n\"]\n }), \"\\n\", _jsxs(Note, {\n children: [_jsxs(_components.p, {\n children: [\"We recommend using one of Infisical’s clients like SDKs or the Infisical Agent\\nto authenticate with Infisical using AWS Auth as they handle the\\nauthentication process including the signed \", _jsx(_components.code, {\n children: \"GetCallerIdentity\"\n }), \" query\\nconstruction for you.\"]\n }), _jsx(_components.p, {\n children: \"Also, note that Infisical needs network-level access to send requests to the AWS STS API\\nas part of the AWS Auth workflow.\"\n })]\n }), \"\\n\", _jsx(Heading, {\n level: \"2\",\n id: \"guide\",\n children: \"Guide\"\n }), \"\\n\", _jsx(_components.p, {\n children: \"In the following steps, we explore how to create and use identities for your workloads and applications on AWS to\\naccess the Infisical API using the AWS Auth authentication method.\"\n }), \"\\n\", _jsxs(Steps, {\n children: [_jsxs(Step, {\n title: \"Creating an identity\",\n children: [_jsxs(_components.p, {\n children: [\"To create an identity, head to your Organization Settings \u003e Access Control \u003e Machine Identities and press \", _jsx(_components.strong, {\n children: \"Create identity\"\n }), \".\"]\n }), _jsx(_components.p, {\n children: _jsx(_components.img, {\n src: \"https://mintlify.s3.us-west-1.amazonaws.com/infisical/images/platform/identities/identities-org.png\",\n alt: \"identities organization\"\n })\n }), _jsxs(_components.p, {\n children: [\"When creating an identity, you specify an organization level \", _jsx(_components.a, {\n href: \"/documentation/platform/role-based-access-controls\",\n children: \"role\"\n }), \" for it to assume; you can configure roles in Organization Settings \u003e Access Control \u003e Organization Roles.\"]\n }), _jsx(_components.p, {\n children: _jsx(_components.img, {\n src: \"https://mintlify.s3.us-west-1.amazonaws.com/infisical/images/platform/identities/identities-org-create.png\",\n alt: \"identities organization create\"\n })\n }), _jsx(_components.p, {\n children: \"Now input a few details for your new identity. Here’s some guidance for each field:\"\n }), _jsxs(_components.ul, {\n children: [\"\\n\", _jsx(_components.li, {\n children: \"Name (required): A friendly name for the identity.\"\n }), \"\\n\", _jsxs(_components.li, {\n children: [\"Role (required): A role from the \", _jsx(_components.strong, {\n children: \"Organization Roles\"\n }), \" tab for the identity to assume. The organization role assigned will determine what organization level resources this identity can have access to.\"]\n }), \"\\n\"]\n }), _jsx(_components.p, {\n children: \"Once you’ve created an identity, you’ll be redirected to a page where you can manage the identity.\"\n }), _jsx(_components.p, {\n children: _jsx(_components.img, {\n src: \"https://mintlify.s3.us-west-1.amazonaws.com/infisical/images/platform/identities/identities-page.png\",\n alt: \"identities page\"\n })\n }), _jsxs(_components.p, {\n children: [\"Since the identity has been configured with Universal Auth by default, you should re-configure it to use AWS Auth instead. To do this, press to edit the \", _jsx(_components.strong, {\n children: \"Authentication\"\n }), \" section,\\nremove the existing Universal Auth configuration, and add a new AWS Auth configuration onto the identity.\"]\n }), _jsx(_components.p, {\n children: _jsx(_components.img, {\n src: \"https://mintlify.s3.us-west-1.amazonaws.com/infisical/images/platform/identities/identities-page-remove-default-auth.png\",\n alt: \"identities page remove default auth\"\n })\n }), _jsx(_components.p, {\n children: _jsx(_components.img, {\n src: \"https://mintlify.s3.us-west-1.amazonaws.com/infisical/images/platform/identities/identities-org-create-aws-auth-method.png\",\n alt: \"identities create aws auth method\"\n })\n }), _jsx(_components.p, {\n children: \"Here’s some more guidance on each field:\"\n }), _jsxs(_components.ul, {\n children: [\"\\n\", _jsxs(_components.li, {\n children: [\"Allowed Principal ARNs: A comma-separated list of trusted IAM principal ARNs that are allowed to authenticate with Infisical. The values should take one of three forms: \", _jsx(_components.code, {\n children: \"arn:aws:iam::123456789012:user/MyUserName\"\n }), \", \", _jsx(_components.code, {\n children: \"arn:aws:iam::123456789012:role/MyRoleName\"\n }), \", or \", _jsx(_components.code, {\n children: \"arn:aws:iam::123456789012:*\"\n }), \". Using a wildcard in this case allows any IAM principal in the account \", _jsx(_components.code, {\n children: \"123456789012\"\n }), \" to authenticate with Infisical under the identity.\"]\n }), \"\\n\", _jsx(_components.li, {\n children: \"Allowed Account IDs: A comma-separated list of trusted AWS account IDs that are allowed to authenticate with Infisical.\"\n }), \"\\n\", _jsxs(_components.li, {\n children: [\"STS Endpoint (default is \", _jsx(_components.code, {\n children: \"https://sts.amazonaws.com/\"\n }), \"): The endpoint URL for the AWS STS API. This value should be adjusted based on the AWS region you are operating in (e.g. \", _jsx(_components.code, {\n children: \"https://sts.us-east-1.amazonaws.com/\"\n }), \"); refer to the list of regional STS endpoints \", _jsx(_components.a, {\n href: \"https://docs.aws.amazon.com/general/latest/gr/sts.html\",\n children: \"here\"\n }), \".\"]\n }), \"\\n\", _jsxs(_components.li, {\n children: [\"Access Token TTL (default is \", _jsx(_components.code, {\n children: \"2592000\"\n }), \" equivalent to 30 days): The lifetime for an acccess token in seconds. This value will be referenced at renewal time.\"]\n }), \"\\n\", _jsxs(_components.li, {\n children: [\"Access Token Max TTL (default is \", _jsx(_components.code, {\n children: \"2592000\"\n }), \" equivalent to 30 days): The maximum lifetime for an acccess token in seconds. This value will be referenced at renewal time.\"]\n }), \"\\n\", _jsxs(_components.li, {\n children: [\"Access Token Max Number of Uses (default is \", _jsx(_components.code, {\n children: \"0\"\n }), \"): The maximum number of times that an access token can be used; a value of \", _jsx(_components.code, {\n children: \"0\"\n }), \" implies infinite number of uses.\"]\n }), \"\\n\", _jsxs(_components.li, {\n children: [\"Access Token Trusted IPs: The IPs or CIDR ranges that access tokens can be used from. By default, each token is given the \", _jsx(_components.code, {\n children: \"0.0.0.0/0\"\n }), \", allowing usage from any network address.\"]\n }), \"\\n\"]\n })]\n }), _jsxs(Step, {\n title: \"Adding an identity to a project\",\n children: [_jsx(_components.p, {\n children: \"To enable the identity to access project-level resources such as secrets within a specific project, you should add it to that project.\"\n }), _jsxs(_components.p, {\n children: [\"To do this, head over to the project you want to add the identity to and go to Project Settings \u003e Access Control \u003e Machine Identities and press \", _jsx(_components.strong, {\n children: \"Add identity\"\n }), \".\"]\n }), _jsx(_components.p, {\n children: \"Next, select the identity you want to add to the project and the project level role you want to allow it to assume. The project role assigned will determine what project level resources this identity can have access to.\"\n }), _jsx(_components.p, {\n children: _jsx(_components.img, {\n src: \"https://mintlify.s3.us-west-1.amazonaws.com/infisical/images/platform/identities/identities-project.png\",\n alt: \"identities project\"\n })\n }), _jsx(_components.p, {\n children: _jsx(_components.img, {\n src: \"https://mintlify.s3.us-west-1.amazonaws.com/infisical/images/platform/identities/identities-project-create.png\",\n alt: \"identities project create\"\n })\n })]\n }), _jsxs(Step, {\n title: \"Accessing the Infisical API with the identity\",\n children: [_jsxs(_components.p, {\n children: [\"To access the Infisical API as the identity, you need to construct a signed \", _jsx(_components.code, {\n children: \"GetCallerIdentity\"\n }), \" query using the \", _jsx(_components.a, {\n href: \"https://docs.aws.amazon.com/IAM/latest/UserGuide/create-signed-request.html\",\n children: \"AWS Signature v4 algorithm\"\n }), \" and make a request to the \", _jsx(_components.code, {\n children: \"/api/v1/auth/aws-auth/login\"\n }), \" endpoint containing the query data\\nin exchange for an access token.\"]\n }), _jsxs(_components.p, {\n children: [\"We provide a few code examples below of how you can authenticate with Infisical from inside a Lambda function, EC2 instance, etc. and obtain an access token to access the \", _jsx(_components.a, {\n href: \"/api-reference/overview/introduction\",\n children: \"Infisical API\"\n }), \".\"]\n }), _jsxs(AccordionGroup, {\n children: [_jsxs(Accordion, {\n title: \"Sample code for inside a Lambda function\",\n children: [_jsx(_components.p, {\n children: \"The following query construction is an example of how you can authenticate with Infisical from inside a Lambda function.\"\n }), _jsx(_components.p, {\n children: \"The shown example uses Node.js but you can use other languages supported by AWS Lambda.\"\n }), _jsx(CodeBlock, {\n filename: \"\",\n expandable: \"false\",\n children: _jsx(_components.pre, {\n className: \"language-javascript\",\n children: _jsxs(_components.code, {\n className: \"language-javascript\",\n children: [_jsxs(_components.span, {\n className: \"\",\n children: [_jsx(_components.span, {\n className: \"token keyword module\",\n children: \"import\"\n }), \" \", _jsx(_components.span, {\n className: \"token constant\",\n children: \"AWS\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword module\",\n children: \"from\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"aws-sdk\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [_jsx(_components.span, {\n className: \"token keyword module\",\n children: \"import\"\n }), \" \", _jsx(_components.span, {\n className: \"token imports\",\n children: \"axios\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword module\",\n children: \"from\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"axios\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [_jsx(_components.span, {\n className: \"token keyword module\",\n children: \"export\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" \", _jsx(_components.span, {\n className: \"token function-variable function\",\n children: \"handler\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"async\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsxs(_components.span, {\n className: \"token parameter\",\n children: [\"event\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n }), \" context\"]\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), \" \", _jsx(_components.span, {\n className: \"token arrow operator\",\n children: \"=\u003e\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword control-flow\",\n children: \"try\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" region \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" process\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"env\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token constant\",\n children: \"AWS_REGION\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token constant\",\n children: \"AWS\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"config\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"update\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n }), \" region \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" iamRequestURL \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsxs(_components.span, {\n className: \"token template-string\",\n children: [_jsx(_components.span, {\n className: \"token template-punctuation string\",\n children: \"`\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"https://sts.\"\n }), _jsxs(_components.span, {\n className: \"token interpolation\",\n children: [_jsx(_components.span, {\n className: \"token interpolation-punctuation punctuation\",\n children: \"${\"\n }), \"region\", _jsx(_components.span, {\n className: \"token interpolation-punctuation punctuation\",\n children: \"}\"\n })]\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \".amazonaws.com/\"\n }), _jsx(_components.span, {\n className: \"token template-punctuation string\",\n children: \"`\"\n })]\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" iamRequestBody \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"Action=GetCallerIdentity\u0026Version=2011-06-15\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" iamRequestHeaders \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token string-property property\",\n children: \"\\\"Content-Type\\\"\"\n }), _jsx(_components.span, {\n className: \"token operator\",\n children: \":\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"application/x-www-form-urlencoded; charset=utf-8\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token literal-property property\",\n children: \"Host\"\n }), _jsx(_components.span, {\n className: \"token operator\",\n children: \":\"\n }), \" \", _jsxs(_components.span, {\n className: \"token template-string\",\n children: [_jsx(_components.span, {\n className: \"token template-punctuation string\",\n children: \"`\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"sts.\"\n }), _jsxs(_components.span, {\n className: \"token interpolation\",\n children: [_jsx(_components.span, {\n className: \"token interpolation-punctuation punctuation\",\n children: \"${\"\n }), \"region\", _jsx(_components.span, {\n className: \"token interpolation-punctuation punctuation\",\n children: \"}\"\n })]\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \".amazonaws.com\"\n }), _jsx(_components.span, {\n className: \"token template-punctuation string\",\n children: \"`\"\n })]\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token comment\",\n children: \"// Create the request\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" request \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"new\"\n }), \" \", _jsxs(_components.span, {\n className: \"token class-name\",\n children: [\"AWS\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), \"HttpRequest\"]\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"iamRequestURL\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n }), \" region\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" request\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"method\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"POST\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" request\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"headers\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" iamRequestHeaders\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" request\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"headers\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"[\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"X-Amz-Date\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"]\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token constant\",\n children: \"AWS\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"util\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"date\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"iso8601\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token keyword\",\n children: \"new\"\n }), \" \", _jsx(_components.span, {\n className: \"token class-name\",\n children: \"Date\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"replace\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsxs(_components.span, {\n className: \"token regex\",\n children: [_jsx(_components.span, {\n className: \"token regex-delimiter\",\n children: \"/\"\n }), _jsxs(_components.span, {\n className: \"token regex-source language-regex\",\n children: [_jsxs(_components.span, {\n className: \"token char-class\",\n children: [_jsx(_components.span, {\n className: \"token char-class-punctuation punctuation\",\n children: \"[\"\n }), \":-\", _jsx(_components.span, {\n className: \"token char-class-punctuation punctuation\",\n children: \"]\"\n })]\n }), _jsx(_components.span, {\n className: \"token alternation keyword\",\n children: \"|\"\n }), _jsx(_components.span, {\n className: \"token special-escape escape\",\n children: \"\\\\.\"\n }), _jsx(_components.span, {\n className: \"token char-set class-name\",\n children: \"\\\\d\"\n }), _jsx(_components.span, {\n className: \"token quantifier number\",\n children: \"{3}\"\n })]\n }), _jsx(_components.span, {\n className: \"token regex-delimiter\",\n children: \"/\"\n }), _jsx(_components.span, {\n className: \"token regex-flags\",\n children: \"g\"\n })]\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" request\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"body\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" iamRequestBody\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" request\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"headers\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"[\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"Content-Length\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"]\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token maybe-class-name\",\n children: \"Buffer\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"byteLength\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"iamRequestBody\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"toString\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token comment\",\n children: \"// Sign the request\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" signer \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"new\"\n }), \" \", _jsxs(_components.span, {\n className: \"token class-name\",\n children: [\"AWS\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), \"Signers\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), \"V4\"]\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"request\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"sts\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" signer\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"addAuthorization\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token constant\",\n children: \"AWS\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"config\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"credentials\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"new\"\n }), \" \", _jsx(_components.span, {\n className: \"token class-name\",\n children: \"Date\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" infisicalUrl \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"https://app.infisical.com\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n }), \" \", _jsx(_components.span, {\n className: \"token comment\",\n children: \"// or your self-hosted Infisical URL\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" identityId \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"\u003cyour-identity-id\u003e\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n }), \" data \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword control-flow\",\n children: \"await\"\n }), \" axios\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"post\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsxs(_components.span, {\n className: \"token template-string\",\n children: [_jsx(_components.span, {\n className: \"token template-punctuation string\",\n children: \"`\"\n }), _jsxs(_components.span, {\n className: \"token interpolation\",\n children: [_jsx(_components.span, {\n className: \"token interpolation-punctuation punctuation\",\n children: \"${\"\n }), \"infisicalUrl\", _jsx(_components.span, {\n className: \"token interpolation-punctuation punctuation\",\n children: \"}\"\n })]\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"/api/v1/auth/aws-auth/login\"\n }), _jsx(_components.span, {\n className: \"token template-punctuation string\",\n children: \"`\"\n })]\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" identityId\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token literal-property property\",\n children: \"iamHttpRequestMethod\"\n }), _jsx(_components.span, {\n className: \"token operator\",\n children: \":\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"POST\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token literal-property property\",\n children: \"iamRequestUrl\"\n }), _jsx(_components.span, {\n className: \"token operator\",\n children: \":\"\n }), \" \", _jsx(_components.span, {\n className: \"token maybe-class-name\",\n children: \"Buffer\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token keyword module\",\n children: \"from\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"iamRequestURL\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"toString\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"base64\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token literal-property property\",\n children: \"iamRequestBody\"\n }), _jsx(_components.span, {\n className: \"token operator\",\n children: \":\"\n }), \" \", _jsx(_components.span, {\n className: \"token maybe-class-name\",\n children: \"Buffer\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token keyword module\",\n children: \"from\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"iamRequestBody\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"toString\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"base64\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token literal-property property\",\n children: \"iamRequestHeaders\"\n }), _jsx(_components.span, {\n className: \"token operator\",\n children: \":\"\n }), \" \", _jsx(_components.span, {\n className: \"token maybe-class-name\",\n children: \"Buffer\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token keyword module\",\n children: \"from\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token known-class-name class-name\",\n children: \"JSON\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"stringify\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"iamRequestHeaders\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"toString\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"base64\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token console class-name\",\n children: \"console\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"log\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"result data: \\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n }), \" data\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n }), \" \", _jsx(_components.span, {\n className: \"token comment\",\n children: \"// access token here\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword control-flow\",\n children: \"catch\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"err\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token console class-name\",\n children: \"console\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"error\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"err\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [_jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\"]\n })\n })\n })]\n }), _jsxs(Accordion, {\n title: \"Sample code for inside an EC2 instance\",\n children: [_jsx(_components.p, {\n children: \"The following query construction is an example of how you can authenticate with Infisical from inside a EC2 instance.\"\n }), _jsx(_components.p, {\n children: \"The shown example uses Node.js but you can use other language you wish.\"\n }), _jsx(CodeBlock, {\n filename: \"\",\n expandable: \"false\",\n children: _jsx(_components.pre, {\n className: \"language-javascript\",\n children: _jsxs(_components.code, {\n className: \"language-javascript\",\n children: [_jsxs(_components.span, {\n className: \"\",\n children: [_jsx(_components.span, {\n className: \"token keyword module\",\n children: \"import\"\n }), \" \", _jsx(_components.span, {\n className: \"token constant\",\n children: \"AWS\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword module\",\n children: \"from\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"aws-sdk\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [_jsx(_components.span, {\n className: \"token keyword module\",\n children: \"import\"\n }), \" \", _jsx(_components.span, {\n className: \"token imports\",\n children: \"axios\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword module\",\n children: \"from\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"axios\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [_jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" \", _jsx(_components.span, {\n className: \"token function-variable function\",\n children: \"main\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"async\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), \" \", _jsx(_components.span, {\n className: \"token arrow operator\",\n children: \"=\u003e\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword control-flow\",\n children: \"try\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token comment\",\n children: \"// obtain region from EC2 instance metadata\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" tokenResponse \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword control-flow\",\n children: \"await\"\n }), \" axios\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"put\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"http://169.254.169.254/latest/api/token\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword null nil\",\n children: \"null\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token literal-property property\",\n children: \"headers\"\n }), _jsx(_components.span, {\n className: \"token operator\",\n children: \":\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token string-property property\",\n children: \"\\\"X-aws-ec2-metadata-token-ttl-seconds\\\"\"\n }), _jsx(_components.span, {\n className: \"token operator\",\n children: \":\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"21600\\\"\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" url \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"http://169.254.169.254/latest/dynamic/instance-identity/document\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" response \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword control-flow\",\n children: \"await\"\n }), \" axios\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"get\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"url\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token literal-property property\",\n children: \"headers\"\n }), _jsx(_components.span, {\n className: \"token operator\",\n children: \":\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token string-property property\",\n children: \"\\\"X-aws-ec2-metadata-token\\\"\"\n }), _jsx(_components.span, {\n className: \"token operator\",\n children: \":\"\n }), \" tokenResponse\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"data\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" region \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" response\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"data\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"region\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token constant\",\n children: \"AWS\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"config\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"update\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n })]\n }), \"\\n\", _jsx(_components.span, {\n className: \"\",\n children: \" region\"\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" iamRequestURL \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsxs(_components.span, {\n className: \"token template-string\",\n children: [_jsx(_components.span, {\n className: \"token template-punctuation string\",\n children: \"`\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"https://sts.\"\n }), _jsxs(_components.span, {\n className: \"token interpolation\",\n children: [_jsx(_components.span, {\n className: \"token interpolation-punctuation punctuation\",\n children: \"${\"\n }), \"region\", _jsx(_components.span, {\n className: \"token interpolation-punctuation punctuation\",\n children: \"}\"\n })]\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \".amazonaws.com/\"\n }), _jsx(_components.span, {\n className: \"token template-punctuation string\",\n children: \"`\"\n })]\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" iamRequestBody \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"Action=GetCallerIdentity\u0026Version=2011-06-15\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" iamRequestHeaders \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token string-property property\",\n children: \"\\\"Content-Type\\\"\"\n }), _jsx(_components.span, {\n className: \"token operator\",\n children: \":\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"application/x-www-form-urlencoded; charset=utf-8\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token literal-property property\",\n children: \"Host\"\n }), _jsx(_components.span, {\n className: \"token operator\",\n children: \":\"\n }), \" \", _jsxs(_components.span, {\n className: \"token template-string\",\n children: [_jsx(_components.span, {\n className: \"token template-punctuation string\",\n children: \"`\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"sts.\"\n }), _jsxs(_components.span, {\n className: \"token interpolation\",\n children: [_jsx(_components.span, {\n className: \"token interpolation-punctuation punctuation\",\n children: \"${\"\n }), \"region\", _jsx(_components.span, {\n className: \"token interpolation-punctuation punctuation\",\n children: \"}\"\n })]\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \".amazonaws.com\"\n }), _jsx(_components.span, {\n className: \"token template-punctuation string\",\n children: \"`\"\n })]\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" request \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"new\"\n }), \" \", _jsxs(_components.span, {\n className: \"token class-name\",\n children: [\"AWS\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), \"HttpRequest\"]\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token keyword\",\n children: \"new\"\n }), \" \", _jsxs(_components.span, {\n className: \"token class-name\",\n children: [\"AWS\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), \"Endpoint\"]\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"iamRequestURL\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n }), \" \", _jsx(_components.span, {\n className: \"token constant\",\n children: \"AWS\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"config\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"region\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" request\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"method\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"POST\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" request\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"headers\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" iamRequestHeaders\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" request\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"headers\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"[\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"X-Amz-Date\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"]\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token constant\",\n children: \"AWS\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"util\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"date\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"iso8601\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token keyword\",\n children: \"new\"\n }), \" \", _jsx(_components.span, {\n className: \"token class-name\",\n children: \"Date\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"replace\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsxs(_components.span, {\n className: \"token regex\",\n children: [_jsx(_components.span, {\n className: \"token regex-delimiter\",\n children: \"/\"\n }), _jsxs(_components.span, {\n className: \"token regex-source language-regex\",\n children: [_jsxs(_components.span, {\n className: \"token char-class\",\n children: [_jsx(_components.span, {\n className: \"token char-class-punctuation punctuation\",\n children: \"[\"\n }), \":-\", _jsx(_components.span, {\n className: \"token char-class-punctuation punctuation\",\n children: \"]\"\n })]\n }), _jsx(_components.span, {\n className: \"token alternation keyword\",\n children: \"|\"\n }), _jsx(_components.span, {\n className: \"token special-escape escape\",\n children: \"\\\\.\"\n }), _jsx(_components.span, {\n className: \"token char-set class-name\",\n children: \"\\\\d\"\n }), _jsx(_components.span, {\n className: \"token quantifier number\",\n children: \"{3}\"\n })]\n }), _jsx(_components.span, {\n className: \"token regex-delimiter\",\n children: \"/\"\n }), _jsx(_components.span, {\n className: \"token regex-flags\",\n children: \"g\"\n })]\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" request\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"body\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" iamRequestBody\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" request\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"headers\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"[\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"Content-Length\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"]\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token maybe-class-name\",\n children: \"Buffer\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"byteLength\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"iamRequestBody\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" signer \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"new\"\n }), \" \", _jsxs(_components.span, {\n className: \"token class-name\",\n children: [\"AWS\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), \"Signers\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), \"V4\"]\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"request\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"sts\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" signer\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"addAuthorization\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token constant\",\n children: \"AWS\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"config\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"credentials\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"new\"\n }), \" \", _jsx(_components.span, {\n className: \"token class-name\",\n children: \"Date\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" infisicalUrl \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"https://app.infisical.com\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n }), \" \", _jsx(_components.span, {\n className: \"token comment\",\n children: \"// or your self-hosted Infisical URL\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" identityId \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"\u003cyour-identity-id\u003e\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n }), \" data \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword control-flow\",\n children: \"await\"\n }), \" axios\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"post\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsxs(_components.span, {\n className: \"token template-string\",\n children: [_jsx(_components.span, {\n className: \"token template-punctuation string\",\n children: \"`\"\n }), _jsxs(_components.span, {\n className: \"token interpolation\",\n children: [_jsx(_components.span, {\n className: \"token interpolation-punctuation punctuation\",\n children: \"${\"\n }), \"infisicalUrl\", _jsx(_components.span, {\n className: \"token interpolation-punctuation punctuation\",\n children: \"}\"\n })]\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"/api/v1/auth/aws-auth/login\"\n }), _jsx(_components.span, {\n className: \"token template-punctuation string\",\n children: \"`\"\n })]\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" identityId\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token literal-property property\",\n children: \"iamHttpRequestMethod\"\n }), _jsx(_components.span, {\n className: \"token operator\",\n children: \":\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"POST\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token literal-property property\",\n children: \"iamRequestUrl\"\n }), _jsx(_components.span, {\n className: \"token operator\",\n children: \":\"\n }), \" \", _jsx(_components.span, {\n className: \"token maybe-class-name\",\n children: \"Buffer\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token keyword module\",\n children: \"from\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"iamRequestURL\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"toString\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"base64\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token literal-property property\",\n children: \"iamRequestBody\"\n }), _jsx(_components.span, {\n className: \"token operator\",\n children: \":\"\n }), \" \", _jsx(_components.span, {\n className: \"token maybe-class-name\",\n children: \"Buffer\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token keyword module\",\n children: \"from\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"iamRequestBody\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"toString\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"base64\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token literal-property property\",\n children: \"iamRequestHeaders\"\n }), _jsx(_components.span, {\n className: \"token operator\",\n children: \":\"\n }), \" \", _jsx(_components.span, {\n className: \"token maybe-class-name\",\n children: \"Buffer\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token keyword module\",\n children: \"from\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token known-class-name class-name\",\n children: \"JSON\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"stringify\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"iamRequestHeaders\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"toString\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"base64\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token console class-name\",\n children: \"console\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"log\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"result data: \\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n }), \" data\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n }), \" \", _jsx(_components.span, {\n className: \"token comment\",\n children: \"// access token here\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword control-flow\",\n children: \"catch\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"err\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token console class-name\",\n children: \"console\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"error\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"err\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n })]\n }), \"\\n\", _jsx(_components.span, {\n className: \"\",\n children: _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n })\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [_jsx(_components.span, {\n className: \"token function\",\n children: \"main\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\"]\n })\n })\n })]\n }), _jsxs(Accordion, {\n title: \"Sample code for general query construction\",\n children: [_jsxs(_components.p, {\n children: [\"The following query construction provides a generic example of how you can construct a signed \", _jsx(_components.code, {\n children: \"GetCallerIdentity\"\n }), \" query and obtain the required payload components.\"]\n }), _jsx(_components.p, {\n children: \"The shown example uses Node.js but you can use any language you wish.\"\n }), _jsx(CodeBlock, {\n filename: \"\",\n expandable: \"false\",\n children: _jsx(_components.pre, {\n className: \"language-javascript\",\n children: _jsxs(_components.code, {\n className: \"language-javascript\",\n children: [_jsxs(_components.span, {\n className: \"\",\n children: [_jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" \", _jsx(_components.span, {\n className: \"token constant\",\n children: \"AWS\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token function\",\n children: \"require\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"aws-sdk\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [_jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" region \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"\u003cyour-aws-region\u003e\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [_jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" infisicalUrl \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"https://app.infisical.com\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n }), \" \", _jsx(_components.span, {\n className: \"token comment\",\n children: \"// or your self-hosted Infisical URL\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [_jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" iamRequestURL \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsxs(_components.span, {\n className: \"token template-string\",\n children: [_jsx(_components.span, {\n className: \"token template-punctuation string\",\n children: \"`\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"https://sts.\"\n }), _jsxs(_components.span, {\n className: \"token interpolation\",\n children: [_jsx(_components.span, {\n className: \"token interpolation-punctuation punctuation\",\n children: \"${\"\n }), \"region\", _jsx(_components.span, {\n className: \"token interpolation-punctuation punctuation\",\n children: \"}\"\n })]\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \".amazonaws.com/\"\n }), _jsx(_components.span, {\n className: \"token template-punctuation string\",\n children: \"`\"\n })]\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [_jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" iamRequestBody \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"Action=GetCallerIdentity\u0026Version=2011-06-15\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [_jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" iamRequestHeaders \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token string-property property\",\n children: \"\\\"Content-Type\\\"\"\n }), _jsx(_components.span, {\n className: \"token operator\",\n children: \":\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"application/x-www-form-urlencoded; charset=utf-8\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token literal-property property\",\n children: \"Host\"\n }), _jsx(_components.span, {\n className: \"token operator\",\n children: \":\"\n }), \" \", _jsxs(_components.span, {\n className: \"token template-string\",\n children: [_jsx(_components.span, {\n className: \"token template-punctuation string\",\n children: \"`\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"sts.\"\n }), _jsxs(_components.span, {\n className: \"token interpolation\",\n children: [_jsx(_components.span, {\n className: \"token interpolation-punctuation punctuation\",\n children: \"${\"\n }), \"region\", _jsx(_components.span, {\n className: \"token interpolation-punctuation punctuation\",\n children: \"}\"\n })]\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \".amazonaws.com\"\n }), _jsx(_components.span, {\n className: \"token template-punctuation string\",\n children: \"`\"\n })]\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [_jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [_jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" request \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"new\"\n }), \" \", _jsxs(_components.span, {\n className: \"token class-name\",\n children: [\"AWS\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), \"HttpRequest\"]\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token keyword\",\n children: \"new\"\n }), \" \", _jsxs(_components.span, {\n className: \"token class-name\",\n children: [\"AWS\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), \"Endpoint\"]\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"iamRequestURL\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n }), \" region\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\"request\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"method\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"POST\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\"request\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"headers\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" iamRequestHeaders\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\"request\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"headers\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"[\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"X-Amz-Date\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"]\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token constant\",\n children: \"AWS\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"util\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"date\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"iso8601\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token keyword\",\n children: \"new\"\n }), \" \", _jsx(_components.span, {\n className: \"token class-name\",\n children: \"Date\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"replace\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsxs(_components.span, {\n className: \"token regex\",\n children: [_jsx(_components.span, {\n className: \"token regex-delimiter\",\n children: \"/\"\n }), _jsxs(_components.span, {\n className: \"token regex-source language-regex\",\n children: [_jsxs(_components.span, {\n className: \"token char-class\",\n children: [_jsx(_components.span, {\n className: \"token char-class-punctuation punctuation\",\n children: \"[\"\n }), \":-\", _jsx(_components.span, {\n className: \"token char-class-punctuation punctuation\",\n children: \"]\"\n })]\n }), _jsx(_components.span, {\n className: \"token alternation keyword\",\n children: \"|\"\n }), _jsx(_components.span, {\n className: \"token special-escape escape\",\n children: \"\\\\.\"\n }), _jsx(_components.span, {\n className: \"token char-set class-name\",\n children: \"\\\\d\"\n }), _jsx(_components.span, {\n className: \"token quantifier number\",\n children: \"{3}\"\n })]\n }), _jsx(_components.span, {\n className: \"token regex-delimiter\",\n children: \"/\"\n }), _jsx(_components.span, {\n className: \"token regex-flags\",\n children: \"g\"\n })]\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\"request\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"body\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" iamRequestBody\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\"request\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"headers\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"[\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"Content-Length\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"]\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token maybe-class-name\",\n children: \"Buffer\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"byteLength\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"iamRequestBody\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [_jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" signer \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"new\"\n }), \" \", _jsxs(_components.span, {\n className: \"token class-name\",\n children: [\"AWS\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), \"Signers\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), \"V4\"]\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"request\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"sts\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\"signer\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"addAuthorization\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token constant\",\n children: \"AWS\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"config\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"credentials\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"new\"\n }), \" \", _jsx(_components.span, {\n className: \"token class-name\",\n children: \"Date\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\"]\n })\n })\n }), _jsx(_components.h4, {\n children: \"Sample request\"\n }), _jsx(CodeBlock, {\n filename: \"Request\",\n expandable: \"false\",\n children: _jsx(_components.pre, {\n className: \"language-bash\",\n children: _jsxs(_components.code, {\n className: \"language-bash\",\n children: [_jsxs(_components.span, {\n className: \"\",\n children: [_jsx(_components.span, {\n className: \"token function\",\n children: \"curl\"\n }), \" \", _jsx(_components.span, {\n className: \"token parameter variable\",\n children: \"--location\"\n }), \" \", _jsx(_components.span, {\n className: \"token parameter variable\",\n children: \"--request\"\n }), \" POST \", _jsx(_components.span, {\n className: \"token string\",\n children: \"'https://app.infisical.com/api/v1/auth/aws-auth/login'\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"\\\\\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token parameter variable\",\n children: \"--header\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"'Content-Type: application/x-www-form-urlencoded'\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"\\\\\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" --data-urlencode \", _jsx(_components.span, {\n className: \"token string\",\n children: \"'identityId=...'\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"\\\\\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" --data-urlencode \", _jsx(_components.span, {\n className: \"token string\",\n children: \"'iamHttpRequestMethod=...'\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"\\\\\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" --data-urlencode \", _jsx(_components.span, {\n className: \"token string\",\n children: \"'iamRequestBody=...'\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"\\\\\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" --data-urlencode \", _jsx(_components.span, {\n className: \"token string\",\n children: \"'iamRequestHeaders=...'\"\n })]\n }), \"\\n\"]\n })\n })\n }), _jsx(Note, {\n children: _jsxs(_components.p, {\n children: [\"Note that you should replace \", _jsx(_components.code, {\n children: \"\u003cidentityId\u003e\"\n }), \" with the ID of the identity you created in step 1.\"]\n })\n }), _jsx(_components.h4, {\n children: \"Sample response\"\n }), _jsx(CodeBlock, {\n filename: \"Response\",\n expandable: \"false\",\n children: _jsx(_components.pre, {\n className: \"language-bash\",\n children: _jsxs(_components.code, {\n className: \"language-bash\",\n children: [_jsx(_components.span, {\n className: \"\",\n children: _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n })\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"accessToken\\\"\"\n }), _jsx(_components.span, {\n className: \"token builtin class-name\",\n children: \":\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"...\\\"\"\n }), \",\"]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"expiresIn\\\"\"\n }), _jsx(_components.span, {\n className: \"token builtin class-name\",\n children: \":\"\n }), \" \", _jsx(_components.span, {\n className: \"token number\",\n children: \"7200\"\n }), \",\"]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"accessTokenMaxTTL\\\"\"\n }), _jsx(_components.span, {\n className: \"token builtin class-name\",\n children: \":\"\n }), \" \", _jsx(_components.span, {\n className: \"token number\",\n children: \"43244\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"tokenType\\\"\"\n }), _jsx(_components.span, {\n className: \"token builtin class-name\",\n children: \":\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"Bearer\\\"\"\n })]\n }), \"\\n\", _jsx(_components.span, {\n className: \"\",\n children: _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n })\n }), \"\\n\"]\n })\n })\n }), _jsxs(_components.p, {\n children: [\"Next, you can use the access token to access the \", _jsx(_components.a, {\n href: \"/api-reference/overview/introduction\",\n children: \"Infisical API\"\n })]\n })]\n })]\n }), _jsx(Tip, {\n children: _jsxs(_components.p, {\n children: [\"We recommend using one of Infisical’s clients like SDKs or the Infisical Agent to authenticate with Infisical using AWS Auth as they handle the authentication process including the signed \", _jsx(_components.code, {\n children: \"GetCallerIdentity\"\n }), \" query construction for you.\"]\n })\n }), _jsxs(Note, {\n children: [_jsxs(_components.p, {\n children: [\"Each identity access token has a time-to-live (TLL) which you can infer from the response of the login operation;\\nthe default TTL is \", _jsx(_components.code, {\n children: \"7200\"\n }), \" seconds which can be adjusted.\"]\n }), _jsx(_components.p, {\n children: \"If an identity access token expires, it can no longer authenticate with the Infisical API. In this case,\\na new access token should be obtained by performing another login operation.\"\n })]\n })]\n })]\n })]\n });\n}\nfunction MDXContent(props = {}) {\n const {wrapper: MDXLayout} = {\n ..._provideComponents(),\n ...props.components\n };\n return MDXLayout ? _jsx(MDXLayout, {\n ...props,\n children: _jsx(_createMdxContent, {\n ...props\n })\n }) : _createMdxContent(props);\n}\nreturn {\n default: MDXContent\n};\nfunction _missingMdxReference(id, component) {\n throw new Error(\"Expected \" + (component ? \"component\" : \"object\") + \" `\" + id + \"` to be defined: you likely forgot to import, pass, or provide it.\");\n}\n","frontmatter":{},"scope":{"config":{"$schema":"https://mintlify.com/docs.json","theme":"mint","name":"Infisical","colors":{"primary":"#26272b","light":"#97b31d","dark":"#A1B659"},"favicon":"/favicon.png","navigation":{"tabs":[{"tab":"Documentation","groups":[{"group":"Getting Started","pages":["documentation/getting-started/introduction",{"group":"Quickstart","pages":["documentation/guides/local-development"]},{"group":"Guides","pages":["documentation/guides/introduction","documentation/guides/node","documentation/guides/python","documentation/guides/nextjs-vercel","documentation/guides/microsoft-power-apps","documentation/guides/organization-structure"]}]},{"group":"Platform","pages":["documentation/platform/organization","documentation/platform/project","documentation/platform/folder",{"group":"Secrets","pages":["documentation/platform/secret-versioning","documentation/platform/pit-recovery","documentation/platform/secret-reference","documentation/platform/webhooks"]},{"group":"Internal PKI","pages":["documentation/platform/pki/overview","documentation/platform/pki/private-ca","documentation/platform/pki/certificates","documentation/platform/pki/pki-issuer","documentation/platform/pki/est","documentation/platform/pki/alerting"]},"documentation/platform/ssh",{"group":"Key Management (KMS)","pages":["documentation/platform/kms/overview","documentation/platform/kms/hsm-integration","documentation/platform/kms/kubernetes-encryption"]},{"group":"KMS Configuration","pages":["documentation/platform/kms-configuration/overview","documentation/platform/kms-configuration/aws-kms","documentation/platform/kms-configuration/aws-hsm","documentation/platform/kms-configuration/gcp-kms"]},{"group":"Identities","pages":["documentation/platform/identities/overview","documentation/platform/identities/user-identities","documentation/platform/identities/machine-identities"]},{"group":"Access Control","pages":["documentation/platform/access-controls/overview","documentation/platform/access-controls/role-based-access-controls","documentation/platform/access-controls/attribute-based-access-controls","documentation/platform/access-controls/additional-privileges","documentation/platform/access-controls/temporary-access","documentation/platform/access-controls/access-requests","documentation/platform/pr-workflows","documentation/platform/groups"]},{"group":"Audit Logs","pages":["documentation/platform/audit-logs","documentation/platform/audit-log-streams/audit-log-streams","documentation/platform/audit-log-streams/audit-log-streams-with-fluentbit"]},{"group":"Secret Rotation","pages":["documentation/platform/secret-rotation/overview","documentation/platform/secret-rotation/sendgrid","documentation/platform/secret-rotation/postgres","documentation/platform/secret-rotation/mysql","documentation/platform/secret-rotation/mssql","documentation/platform/secret-rotation/aws-iam"]},{"group":"Dynamic Secrets","pages":["documentation/platform/dynamic-secrets/overview","documentation/platform/dynamic-secrets/postgresql","documentation/platform/dynamic-secrets/mysql","documentation/platform/dynamic-secrets/mssql","documentation/platform/dynamic-secrets/oracle","documentation/platform/dynamic-secrets/cassandra","documentation/platform/dynamic-secrets/redis","documentation/platform/dynamic-secrets/aws-elasticache","documentation/platform/dynamic-secrets/elastic-search","documentation/platform/dynamic-secrets/rabbit-mq","documentation/platform/dynamic-secrets/aws-iam","documentation/platform/dynamic-secrets/mongo-atlas","documentation/platform/dynamic-secrets/mongo-db","documentation/platform/dynamic-secrets/azure-entra-id","documentation/platform/dynamic-secrets/ldap","documentation/platform/dynamic-secrets/sap-ase","documentation/platform/dynamic-secrets/sap-hana","documentation/platform/dynamic-secrets/snowflake","documentation/platform/dynamic-secrets/totp"]},"documentation/platform/project-templates",{"group":"Workflow Integrations","pages":["documentation/platform/workflow-integrations/slack-integration"]},{"group":"Admin Consoles","pages":["documentation/platform/admin-panel/overview","documentation/platform/admin-panel/server-admin","documentation/platform/admin-panel/org-admin-console"]},"documentation/platform/secret-sharing"]},{"group":"Authentication Methods","pages":["documentation/platform/auth-methods/email-password","documentation/platform/token","documentation/platform/identities/token-auth","documentation/platform/identities/universal-auth","documentation/platform/identities/kubernetes-auth","documentation/platform/identities/gcp-auth","documentation/platform/identities/azure-auth","documentation/platform/identities/aws-auth","documentation/platform/identities/jwt-auth",{"group":"OIDC Auth","pages":["documentation/platform/identities/oidc-auth/general","documentation/platform/identities/oidc-auth/github","documentation/platform/identities/oidc-auth/circleci","documentation/platform/identities/oidc-auth/gitlab"]},"documentation/platform/mfa",{"group":"SSO","pages":["documentation/platform/sso/overview","documentation/platform/sso/google","documentation/platform/sso/github","documentation/platform/sso/gitlab","documentation/platform/sso/okta","documentation/platform/sso/azure","documentation/platform/sso/jumpcloud","documentation/platform/sso/keycloak-saml","documentation/platform/sso/google-saml","documentation/platform/sso/auth0-saml",{"group":"Keycloak OIDC","pages":["documentation/platform/sso/keycloak-oidc/overview","documentation/platform/sso/keycloak-oidc/group-membership-mapping"]},"documentation/platform/sso/auth0-oidc","documentation/platform/sso/general-oidc"]},{"group":"LDAP","pages":["documentation/platform/ldap/overview","documentation/platform/ldap/jumpcloud","documentation/platform/ldap/general"]},{"group":"SCIM","pages":["documentation/platform/scim/overview","documentation/platform/scim/okta","documentation/platform/scim/azure","documentation/platform/scim/jumpcloud","documentation/platform/scim/group-mappings"]}]},{"group":"Self-host Infisical","pages":["self-hosting/overview",{"group":"Installation methods","pages":["self-hosting/deployment-options/standalone-infisical","self-hosting/deployment-options/docker-swarm","self-hosting/deployment-options/docker-compose","self-hosting/deployment-options/kubernetes-helm"]},"self-hosting/guides/upgrading-infisical","self-hosting/configuration/envars","self-hosting/configuration/requirements",{"group":"Guides","pages":["self-hosting/guides/mongo-to-postgres","self-hosting/guides/custom-certificates"]},{"group":"Reference architectures","pages":["self-hosting/reference-architectures/aws-ecs","self-hosting/reference-architectures/linux-deployment-ha","self-hosting/reference-architectures/on-prem-k8s-ha"]},"self-hosting/ee","self-hosting/faq"]},{"group":"Internals","pages":["internals/overview","internals/permissions","internals/components","internals/security","internals/service-tokens"]},{"group":"Contributing","pages":[{"group":"Getting Started","pages":["contributing/getting-started/overview","contributing/getting-started/code-of-conduct","contributing/getting-started/pull-requests","contributing/getting-started/faq"]},{"group":"Contributing to platform","pages":["contributing/platform/developing","contributing/platform/backend/how-to-create-a-feature","contributing/platform/backend/folder-structure"]},{"group":"Contributing to SDK","pages":["contributing/sdk/developing"]}]}]},{"tab":"Integrations","groups":[{"group":"Infrastructure Integrations","pages":[{"group":"Container orchestrators","pages":[{"group":"Kubernetes","pages":["integrations/platforms/kubernetes/overview","integrations/platforms/kubernetes/infisical-secret-crd","integrations/platforms/kubernetes/infisical-push-secret-crd","integrations/platforms/kubernetes/infisical-dynamic-secret-crd"]},"integrations/platforms/kubernetes-csi","integrations/platforms/docker-swarm-with-agent","integrations/platforms/ecs-with-agent"]},"integrations/platforms/infisical-agent",{"group":"Docker","pages":["integrations/platforms/docker-intro","integrations/platforms/docker","integrations/platforms/docker-pass-envs","integrations/platforms/docker-compose"]},"integrations/frameworks/terraform","integrations/platforms/ansible"]},{"group":"App Connections","pages":["integrations/app-connections/overview",{"group":"Connections","pages":["integrations/app-connections/aws","integrations/app-connections/azure-app-configuration","integrations/app-connections/azure-key-vault","integrations/app-connections/databricks","integrations/app-connections/gcp","integrations/app-connections/github"]}]},{"group":"Secret Syncs","pages":["integrations/secret-syncs/overview",{"group":"Syncs","pages":["integrations/secret-syncs/aws-parameter-store","integrations/secret-syncs/aws-secrets-manager","integrations/secret-syncs/azure-app-configuration","integrations/secret-syncs/azure-key-vault","integrations/secret-syncs/databricks","integrations/secret-syncs/gcp-secret-manager","integrations/secret-syncs/github"]}]},{"group":"Native Integrations","pages":[{"group":"AWS","pages":["integrations/cloud/aws-parameter-store","integrations/cloud/aws-secret-manager","integrations/cloud/aws-amplify"]},"integrations/cloud/vercel","integrations/cloud/azure-key-vault","integrations/cloud/azure-app-configuration","integrations/cloud/azure-devops","integrations/cloud/gcp-secret-manager",{"group":"Cloudflare","pages":["integrations/cloud/cloudflare-pages","integrations/cloud/cloudflare-workers"]},"integrations/cloud/terraform-cloud","integrations/cloud/databricks",{"group":"View more","pages":["integrations/cloud/digital-ocean-app-platform","integrations/cloud/heroku","integrations/cloud/netlify","integrations/cloud/railway","integrations/cloud/flyio","integrations/cloud/render","integrations/cloud/laravel-forge","integrations/cloud/supabase","integrations/cloud/northflank","integrations/cloud/hasura-cloud","integrations/cloud/qovery","integrations/cloud/hashicorp-vault","integrations/cloud/cloud-66","integrations/cloud/windmill"]}]},{"group":"CI/CD Integrations","pages":["integrations/cicd/jenkins","integrations/cicd/githubactions","integrations/cicd/gitlab","integrations/cicd/bitbucket","integrations/cloud/teamcity",{"group":"View more","pages":["integrations/cicd/circleci","integrations/cicd/travisci","integrations/cicd/rundeck","integrations/cicd/codefresh","integrations/cloud/checkly","integrations/cicd/octopus-deploy"]}]},{"group":"Framework Integrations","pages":["integrations/frameworks/spring-boot-maven","integrations/frameworks/react","integrations/frameworks/vue","integrations/frameworks/express",{"group":"View more","pages":["integrations/frameworks/nextjs","integrations/frameworks/nestjs","integrations/frameworks/sveltekit","integrations/frameworks/nuxt","integrations/frameworks/gatsby","integrations/frameworks/remix","integrations/frameworks/vite","integrations/frameworks/fiber","integrations/frameworks/django","integrations/frameworks/flask","integrations/frameworks/laravel","integrations/frameworks/rails","integrations/frameworks/dotnet","integrations/platforms/pm2"]}]},{"group":"Build Tool Integrations","pages":["integrations/build-tools/gradle"]}]},{"tab":"CLI","groups":[{"group":"Command line","pages":["cli/overview","cli/usage",{"group":"Core commands","pages":["cli/commands/login","cli/commands/init","cli/commands/run","cli/commands/secrets","cli/commands/dynamic-secrets","cli/commands/ssh","cli/commands/export","cli/commands/token","cli/commands/service-token","cli/commands/vault","cli/commands/user","cli/commands/reset",{"group":"infisical scan","pages":["cli/commands/scan","cli/commands/scan-git-changes","cli/commands/scan-install"]}]},"cli/scanning-overview","cli/project-config","cli/faq"]}]},{"tab":"API Reference","groups":[{"group":"Overview","pages":["api-reference/overview/introduction","api-reference/overview/authentication",{"group":"Examples","pages":["api-reference/overview/examples/integration"]}]},{"group":"Endpoints","pages":[{"group":"Identities","pages":["api-reference/endpoints/identities/create","api-reference/endpoints/identities/update","api-reference/endpoints/identities/delete","api-reference/endpoints/identities/get-by-id","api-reference/endpoints/identities/list"]},{"group":"Token Auth","pages":["api-reference/endpoints/token-auth/attach","api-reference/endpoints/token-auth/retrieve","api-reference/endpoints/token-auth/update","api-reference/endpoints/token-auth/revoke","api-reference/endpoints/token-auth/get-tokens","api-reference/endpoints/token-auth/create-token","api-reference/endpoints/token-auth/update-token","api-reference/endpoints/token-auth/revoke-token"]},{"group":"Universal Auth","pages":["api-reference/endpoints/universal-auth/login","api-reference/endpoints/universal-auth/attach","api-reference/endpoints/universal-auth/retrieve","api-reference/endpoints/universal-auth/update","api-reference/endpoints/universal-auth/revoke","api-reference/endpoints/universal-auth/create-client-secret","api-reference/endpoints/universal-auth/list-client-secrets","api-reference/endpoints/universal-auth/revoke-client-secret","api-reference/endpoints/universal-auth/get-client-secret-by-id","api-reference/endpoints/universal-auth/renew-access-token","api-reference/endpoints/universal-auth/revoke-access-token"]},{"group":"GCP Auth","pages":["api-reference/endpoints/gcp-auth/login","api-reference/endpoints/gcp-auth/attach","api-reference/endpoints/gcp-auth/retrieve","api-reference/endpoints/gcp-auth/update","api-reference/endpoints/gcp-auth/revoke"]},{"group":"AWS Auth","pages":["api-reference/endpoints/aws-auth/login","api-reference/endpoints/aws-auth/attach","api-reference/endpoints/aws-auth/retrieve","api-reference/endpoints/aws-auth/update","api-reference/endpoints/aws-auth/revoke"]},{"group":"Azure Auth","pages":["api-reference/endpoints/azure-auth/login","api-reference/endpoints/azure-auth/attach","api-reference/endpoints/azure-auth/retrieve","api-reference/endpoints/azure-auth/update","api-reference/endpoints/azure-auth/revoke"]},{"group":"Kubernetes Auth","pages":["api-reference/endpoints/kubernetes-auth/login","api-reference/endpoints/kubernetes-auth/attach","api-reference/endpoints/kubernetes-auth/retrieve","api-reference/endpoints/kubernetes-auth/update","api-reference/endpoints/kubernetes-auth/revoke"]},{"group":"OIDC Auth","pages":["api-reference/endpoints/oidc-auth/login","api-reference/endpoints/oidc-auth/attach","api-reference/endpoints/oidc-auth/retrieve","api-reference/endpoints/oidc-auth/update","api-reference/endpoints/oidc-auth/revoke"]},{"group":"JWT Auth","pages":["api-reference/endpoints/jwt-auth/login","api-reference/endpoints/jwt-auth/attach","api-reference/endpoints/jwt-auth/retrieve","api-reference/endpoints/jwt-auth/update","api-reference/endpoints/jwt-auth/revoke"]},{"group":"Groups","pages":["api-reference/endpoints/groups/create","api-reference/endpoints/groups/update","api-reference/endpoints/groups/delete","api-reference/endpoints/groups/get","api-reference/endpoints/groups/get-by-id","api-reference/endpoints/groups/add-group-user","api-reference/endpoints/groups/remove-group-user","api-reference/endpoints/groups/list-group-users"]},{"group":"Organizations","pages":["api-reference/endpoints/organizations/memberships","api-reference/endpoints/organizations/update-membership","api-reference/endpoints/organizations/delete-membership","api-reference/endpoints/organizations/list-identity-memberships","api-reference/endpoints/organizations/workspaces"]},{"group":"Projects","pages":["api-reference/endpoints/workspaces/create-workspace","api-reference/endpoints/workspaces/delete-workspace","api-reference/endpoints/workspaces/get-workspace","api-reference/endpoints/workspaces/update-workspace","api-reference/endpoints/workspaces/secret-snapshots","api-reference/endpoints/workspaces/rollback-snapshot"]},{"group":"Project Users","pages":["api-reference/endpoints/project-users/invite-member-to-workspace","api-reference/endpoints/project-users/remove-member-from-workspace","api-reference/endpoints/project-users/memberships","api-reference/endpoints/project-users/get-by-username","api-reference/endpoints/project-users/update-membership"]},{"group":"Project Groups","pages":["api-reference/endpoints/project-groups/create","api-reference/endpoints/project-groups/delete","api-reference/endpoints/project-groups/get-by-id","api-reference/endpoints/project-groups/list","api-reference/endpoints/project-groups/update"]},{"group":"Project Identities","pages":["api-reference/endpoints/project-identities/add-identity-membership","api-reference/endpoints/project-identities/list-identity-memberships","api-reference/endpoints/project-identities/get-by-id","api-reference/endpoints/project-identities/update-identity-membership","api-reference/endpoints/project-identities/delete-identity-membership"]},{"group":"Project Roles","pages":["api-reference/endpoints/project-roles/create","api-reference/endpoints/project-roles/update","api-reference/endpoints/project-roles/delete","api-reference/endpoints/project-roles/get-by-slug","api-reference/endpoints/project-roles/list"]},{"group":"Project Templates","pages":["api-reference/endpoints/project-templates/create","api-reference/endpoints/project-templates/update","api-reference/endpoints/project-templates/delete","api-reference/endpoints/project-templates/get-by-id","api-reference/endpoints/project-templates/list"]},{"group":"Environments","pages":["api-reference/endpoints/environments/create","api-reference/endpoints/environments/update","api-reference/endpoints/environments/delete"]},{"group":"Folders","pages":["api-reference/endpoints/folders/list","api-reference/endpoints/folders/get-by-id","api-reference/endpoints/folders/create","api-reference/endpoints/folders/update","api-reference/endpoints/folders/delete"]},{"group":"Secret Tags","pages":["api-reference/endpoints/secret-tags/list","api-reference/endpoints/secret-tags/get-by-id","api-reference/endpoints/secret-tags/get-by-slug","api-reference/endpoints/secret-tags/create","api-reference/endpoints/secret-tags/update","api-reference/endpoints/secret-tags/delete"]},{"group":"Secrets","pages":["api-reference/endpoints/secrets/list","api-reference/endpoints/secrets/create","api-reference/endpoints/secrets/read","api-reference/endpoints/secrets/update","api-reference/endpoints/secrets/delete","api-reference/endpoints/secrets/create-many","api-reference/endpoints/secrets/update-many","api-reference/endpoints/secrets/delete-many","api-reference/endpoints/secrets/attach-tags","api-reference/endpoints/secrets/detach-tags"]},{"group":"Dynamic Secrets","pages":["api-reference/endpoints/dynamic-secrets/create","api-reference/endpoints/dynamic-secrets/update","api-reference/endpoints/dynamic-secrets/delete","api-reference/endpoints/dynamic-secrets/get","api-reference/endpoints/dynamic-secrets/list","api-reference/endpoints/dynamic-secrets/list-leases","api-reference/endpoints/dynamic-secrets/create-lease","api-reference/endpoints/dynamic-secrets/delete-lease","api-reference/endpoints/dynamic-secrets/renew-lease","api-reference/endpoints/dynamic-secrets/get-lease"]},{"group":"Secret Imports","pages":["api-reference/endpoints/secret-imports/list","api-reference/endpoints/secret-imports/create","api-reference/endpoints/secret-imports/update","api-reference/endpoints/secret-imports/delete"]},{"group":"Identity Specific Privilege","pages":["api-reference/endpoints/identity-specific-privilege/create-permanent","api-reference/endpoints/identity-specific-privilege/create-temporary","api-reference/endpoints/identity-specific-privilege/update","api-reference/endpoints/identity-specific-privilege/delete","api-reference/endpoints/identity-specific-privilege/find-by-slug","api-reference/endpoints/identity-specific-privilege/list"]},{"group":"App Connections","pages":["api-reference/endpoints/app-connections/list","api-reference/endpoints/app-connections/options",{"group":"AWS","pages":["api-reference/endpoints/app-connections/aws/list","api-reference/endpoints/app-connections/aws/available","api-reference/endpoints/app-connections/aws/get-by-id","api-reference/endpoints/app-connections/aws/get-by-name","api-reference/endpoints/app-connections/aws/create","api-reference/endpoints/app-connections/aws/update","api-reference/endpoints/app-connections/aws/delete"]},{"group":"Azure App Configuration","pages":["api-reference/endpoints/app-connections/azure-app-configuration/list","api-reference/endpoints/app-connections/azure-app-configuration/available","api-reference/endpoints/app-connections/azure-app-configuration/get-by-id","api-reference/endpoints/app-connections/azure-app-configuration/get-by-name","api-reference/endpoints/app-connections/azure-app-configuration/create","api-reference/endpoints/app-connections/azure-app-configuration/update","api-reference/endpoints/app-connections/azure-app-configuration/delete"]},{"group":"Azure Key Vault","pages":["api-reference/endpoints/app-connections/azure-key-vault/list","api-reference/endpoints/app-connections/azure-key-vault/available","api-reference/endpoints/app-connections/azure-key-vault/get-by-id","api-reference/endpoints/app-connections/azure-key-vault/get-by-name","api-reference/endpoints/app-connections/azure-key-vault/create","api-reference/endpoints/app-connections/azure-key-vault/update","api-reference/endpoints/app-connections/azure-key-vault/delete"]},{"group":"Databricks","pages":["api-reference/endpoints/app-connections/databricks/list","api-reference/endpoints/app-connections/databricks/available","api-reference/endpoints/app-connections/databricks/get-by-id","api-reference/endpoints/app-connections/databricks/get-by-name","api-reference/endpoints/app-connections/databricks/create","api-reference/endpoints/app-connections/databricks/update","api-reference/endpoints/app-connections/databricks/delete"]},{"group":"GCP","pages":["api-reference/endpoints/app-connections/gcp/list","api-reference/endpoints/app-connections/gcp/available","api-reference/endpoints/app-connections/gcp/get-by-id","api-reference/endpoints/app-connections/gcp/get-by-name","api-reference/endpoints/app-connections/gcp/create","api-reference/endpoints/app-connections/gcp/update","api-reference/endpoints/app-connections/gcp/delete"]},{"group":"GitHub","pages":["api-reference/endpoints/app-connections/github/list","api-reference/endpoints/app-connections/github/available","api-reference/endpoints/app-connections/github/get-by-id","api-reference/endpoints/app-connections/github/get-by-name","api-reference/endpoints/app-connections/github/create","api-reference/endpoints/app-connections/github/update","api-reference/endpoints/app-connections/github/delete"]}]},{"group":"Secret Syncs","pages":["api-reference/endpoints/secret-syncs/list","api-reference/endpoints/secret-syncs/options",{"group":"AWS Parameter Store","pages":["api-reference/endpoints/secret-syncs/aws-parameter-store/list","api-reference/endpoints/secret-syncs/aws-parameter-store/get-by-id","api-reference/endpoints/secret-syncs/aws-parameter-store/get-by-name","api-reference/endpoints/secret-syncs/aws-parameter-store/create","api-reference/endpoints/secret-syncs/aws-parameter-store/update","api-reference/endpoints/secret-syncs/aws-parameter-store/delete","api-reference/endpoints/secret-syncs/aws-parameter-store/sync-secrets","api-reference/endpoints/secret-syncs/aws-parameter-store/import-secrets","api-reference/endpoints/secret-syncs/aws-parameter-store/remove-secrets"]},{"group":"AWS Secrets Manager","pages":["api-reference/endpoints/secret-syncs/aws-secrets-manager/list","api-reference/endpoints/secret-syncs/aws-secrets-manager/get-by-id","api-reference/endpoints/secret-syncs/aws-secrets-manager/get-by-name","api-reference/endpoints/secret-syncs/aws-secrets-manager/create","api-reference/endpoints/secret-syncs/aws-secrets-manager/update","api-reference/endpoints/secret-syncs/aws-secrets-manager/delete","api-reference/endpoints/secret-syncs/aws-secrets-manager/sync-secrets","api-reference/endpoints/secret-syncs/aws-secrets-manager/import-secrets","api-reference/endpoints/secret-syncs/aws-secrets-manager/remove-secrets"]},{"group":"Azure App Configuration","pages":["api-reference/endpoints/secret-syncs/azure-app-configuration/list","api-reference/endpoints/secret-syncs/azure-app-configuration/get-by-id","api-reference/endpoints/secret-syncs/azure-app-configuration/get-by-name","api-reference/endpoints/secret-syncs/azure-app-configuration/create","api-reference/endpoints/secret-syncs/azure-app-configuration/update","api-reference/endpoints/secret-syncs/azure-app-configuration/delete","api-reference/endpoints/secret-syncs/azure-app-configuration/sync-secrets","api-reference/endpoints/secret-syncs/azure-app-configuration/import-secrets","api-reference/endpoints/secret-syncs/azure-app-configuration/remove-secrets"]},{"group":"Azure Key Vault","pages":["api-reference/endpoints/secret-syncs/azure-key-vault/list","api-reference/endpoints/secret-syncs/azure-key-vault/get-by-id","api-reference/endpoints/secret-syncs/azure-key-vault/get-by-name","api-reference/endpoints/secret-syncs/azure-key-vault/create","api-reference/endpoints/secret-syncs/azure-key-vault/update","api-reference/endpoints/secret-syncs/azure-key-vault/delete","api-reference/endpoints/secret-syncs/azure-key-vault/sync-secrets","api-reference/endpoints/secret-syncs/azure-key-vault/import-secrets","api-reference/endpoints/secret-syncs/azure-key-vault/remove-secrets"]},{"group":"Databricks","pages":["api-reference/endpoints/secret-syncs/databricks/list","api-reference/endpoints/secret-syncs/databricks/get-by-id","api-reference/endpoints/secret-syncs/databricks/get-by-name","api-reference/endpoints/secret-syncs/databricks/create","api-reference/endpoints/secret-syncs/databricks/update","api-reference/endpoints/secret-syncs/databricks/delete","api-reference/endpoints/secret-syncs/databricks/sync-secrets","api-reference/endpoints/secret-syncs/databricks/remove-secrets"]},{"group":"GCP Secret Manager","pages":["api-reference/endpoints/secret-syncs/gcp-secret-manager/list","api-reference/endpoints/secret-syncs/gcp-secret-manager/get-by-id","api-reference/endpoints/secret-syncs/gcp-secret-manager/get-by-name","api-reference/endpoints/secret-syncs/gcp-secret-manager/create","api-reference/endpoints/secret-syncs/gcp-secret-manager/update","api-reference/endpoints/secret-syncs/gcp-secret-manager/delete","api-reference/endpoints/secret-syncs/gcp-secret-manager/sync-secrets","api-reference/endpoints/secret-syncs/gcp-secret-manager/import-secrets","api-reference/endpoints/secret-syncs/gcp-secret-manager/remove-secrets"]},{"group":"GitHub","pages":["api-reference/endpoints/secret-syncs/github/list","api-reference/endpoints/secret-syncs/github/get-by-id","api-reference/endpoints/secret-syncs/github/get-by-name","api-reference/endpoints/secret-syncs/github/create","api-reference/endpoints/secret-syncs/github/update","api-reference/endpoints/secret-syncs/github/delete","api-reference/endpoints/secret-syncs/github/sync-secrets","api-reference/endpoints/secret-syncs/github/remove-secrets"]}]},{"group":"Integrations","pages":["api-reference/endpoints/integrations/create-auth","api-reference/endpoints/integrations/list-auth","api-reference/endpoints/integrations/find-auth","api-reference/endpoints/integrations/delete-auth","api-reference/endpoints/integrations/delete-auth-by-id","api-reference/endpoints/integrations/create","api-reference/endpoints/integrations/update","api-reference/endpoints/integrations/delete","api-reference/endpoints/integrations/list-project-integrations"]},{"group":"Service Tokens","pages":["api-reference/endpoints/service-tokens/get"]},{"group":"Audit Logs","pages":["api-reference/endpoints/audit-logs/export-audit-log"]}]},{"group":"Infisical PKI","pages":[{"group":"Certificate Authorities","pages":["api-reference/endpoints/certificate-authorities/list","api-reference/endpoints/certificate-authorities/create","api-reference/endpoints/certificate-authorities/read","api-reference/endpoints/certificate-authorities/update","api-reference/endpoints/certificate-authorities/delete","api-reference/endpoints/certificate-authorities/renew","api-reference/endpoints/certificate-authorities/list-ca-certs","api-reference/endpoints/certificate-authorities/csr","api-reference/endpoints/certificate-authorities/cert","api-reference/endpoints/certificate-authorities/sign-intermediate","api-reference/endpoints/certificate-authorities/import-cert","api-reference/endpoints/certificate-authorities/issue-cert","api-reference/endpoints/certificate-authorities/sign-cert","api-reference/endpoints/certificate-authorities/crl"]},{"group":"Certificates","pages":["api-reference/endpoints/certificates/list","api-reference/endpoints/certificates/read","api-reference/endpoints/certificates/revoke","api-reference/endpoints/certificates/delete","api-reference/endpoints/certificates/cert-body","api-reference/endpoints/certificates/issue-certificate","api-reference/endpoints/certificates/sign-certificate"]},{"group":"Certificate Templates","pages":["api-reference/endpoints/certificate-templates/create","api-reference/endpoints/certificate-templates/update","api-reference/endpoints/certificate-templates/get-by-id","api-reference/endpoints/certificate-templates/delete"]},{"group":"Certificate Collections","pages":["api-reference/endpoints/pki-collections/create","api-reference/endpoints/pki-collections/read","api-reference/endpoints/pki-collections/update","api-reference/endpoints/pki-collections/delete","api-reference/endpoints/pki-collections/add-item","api-reference/endpoints/pki-collections/list-items","api-reference/endpoints/pki-collections/delete-item"]},{"group":"PKI Alerting","pages":["api-reference/endpoints/pki-alerts/create","api-reference/endpoints/pki-alerts/read","api-reference/endpoints/pki-alerts/update","api-reference/endpoints/pki-alerts/delete"]}]},{"group":"Infisical SSH","pages":[{"group":"Certificates","pages":["api-reference/endpoints/ssh/certificates/issue-credentials","api-reference/endpoints/ssh/certificates/sign-key"]},{"group":"Certificate Authorities","pages":["api-reference/endpoints/ssh/ca/list","api-reference/endpoints/ssh/ca/create","api-reference/endpoints/ssh/ca/read","api-reference/endpoints/ssh/ca/update","api-reference/endpoints/ssh/ca/delete","api-reference/endpoints/ssh/ca/public-key","api-reference/endpoints/ssh/ca/list-certificate-templates"]},{"group":"Certificate Templates","pages":["api-reference/endpoints/ssh/certificate-templates/list","api-reference/endpoints/ssh/certificate-templates/create","api-reference/endpoints/ssh/certificate-templates/read","api-reference/endpoints/ssh/certificate-templates/update","api-reference/endpoints/ssh/certificate-templates/delete"]}]},{"group":"Infisical KMS","pages":[{"group":"Keys","pages":["api-reference/endpoints/kms/keys/list","api-reference/endpoints/kms/keys/get-by-id","api-reference/endpoints/kms/keys/get-by-name","api-reference/endpoints/kms/keys/create","api-reference/endpoints/kms/keys/update","api-reference/endpoints/kms/keys/delete","api-reference/endpoints/kms/keys/encrypt","api-reference/endpoints/kms/keys/decrypt"]}]}]},{"tab":"SDKs","groups":[{"group":"","pages":["sdks/overview"]},{"group":"SDK's","pages":["sdks/languages/node","sdks/languages/python","sdks/languages/java","sdks/languages/go","sdks/languages/ruby","sdks/languages/csharp"]}]},{"tab":"Changelog","groups":[{"group":"","pages":["changelog/overview"]}]}]},"logo":{"light":"https://mintlify.s3.us-west-1.amazonaws.com/infisical/logo/light.svg","dark":"https://mintlify.s3.us-west-1.amazonaws.com/infisical/logo/dark.svg","href":"https://infisical.com"},"api":{"openapi":"https://app.infisical.com/api/docs/json","mdx":{"server":["https://app.infisical.com","http://localhost:8080"]}},"appearance":{"default":"light","strict":true},"background":{"color":{"light":"#ffffff","dark":"#0D1117"}},"navbar":{"links":[{"label":"Log In","href":"https://app.infisical.com/login"}],"primary":{"type":"button","label":"Start for Free","href":"https://app.infisical.com/signup"}},"footer":{"socials":{"x":"https://www.twitter.com/infisical/","linkedin":"https://www.linkedin.com/company/infisical/","github":"https://github.com/Infisical/infisical-cli","slack":"https://infisical.com/slack"},"links":[{"header":"PRODUCT","items":[{"label":"Secret Management","href":"https://infisical.com/"},{"label":"Secret Scanning","href":"https://infisical.com/radar"},{"label":"Share Secrets","href":"https://app.infisical.com/share-secret"},{"label":"Pricing","href":"https://infisical.com/pricing"},{"label":"Security","href":"https://infisical.com/docs/internals/security"},{"label":"Blog","href":"https://infisical.com/blog"},{"label":"Infisical vs Vault","href":"https://infisical.com/infisical-vs-hashicorp-vault"},{"label":"Forum","href":"https://questions.infisical.com/"}]},{"header":"USE CASES","items":[{"label":"Infisical Agent","href":"https://infisical.com/docs/documentation/getting-started/introduction"},{"label":"Kubernetes","href":"https://infisical.com/docs/integrations/platforms/kubernetes"},{"label":"Dynamic Secrets","href":"https://infisical.com/docs/documentation/platform/dynamic-secrets/overview"},{"label":"Terraform","href":"https://infisical.com/docs/integrations/frameworks/terraform"},{"label":"Ansible","href":"https://infisical.com/docs/integrations/platforms/ansible"},{"label":"Jenkins","href":"https://infisical.com/docs/integrations/cicd/jenkins"},{"label":"Docker","href":"https://infisical.com/docs/integrations/platforms/docker-intro"},{"label":"AWS ECS","href":"https://infisical.com/docs/integrations/platforms/ecs-with-agent"},{"label":"GitLab","href":"https://infisical.com/docs/integrations/cicd/gitlab"},{"label":"GitHub","href":"https://infisical.com/docs/integrations/cicd/githubactions"},{"label":"SDK","href":"https://infisical.com/docs/sdks/overview"}]},{"header":"DEVELOPERS","items":[{"label":"Changelog","href":"https://www.infisical.com/docs/changelog"},{"label":"Status","href":"https://status.infisical.com/"},{"label":"Feedback \u0026 Requests","href":"https://github.com/Infisical/infisical/issues"},{"label":"Trust of Center","href":"https://app.vanta.com/infisical.com/trust/hoop8cr78cuarxo9sztvs"},{"label":"Open Source Friends","href":"https://infisical.com/infisical-friends"},{"label":"How to contribute","href":"https://www.infisical.com/infisical-heroes"}]},{"header":"OTHERS","items":[{"label":"Customers","href":"https://infisical.com/customers/traba"},{"label":"Company Handbook","href":"https://infisical.com/wiki/handbook/overview"},{"label":"Careers","href":"https://infisical.com/careers"},{"label":"Terms of Service","href":"https://infisical.com/terms"},{"label":"Privacy Policy","href":"https://infisical.com/privacy"},{"label":"Subprocessors","href":"https://infisical.com/subprocessors"},{"label":"SLA","href":"https://infisical.com/sla"},{"label":"Team Email","href":"mailto:team@infisical.com"},{"label":"Sales","href":"mailto:sales@infisical.com"},{"label":"Support","href":"https://infisical.com/slack"}]}]},"integrations":{"posthog":{"apiKey":"phc_Q0xfB3LeOqo7ySk4DE6zLNwDzHFesKcmigknCy4fTdV"},"koala":{"publicApiKey":"pk_b50d7184e0e39ddd5cdb43cf6abeadd9b97d"}}},"pageMetadata":{"title":"AWS Auth","description":"Learn how to authenticate with Infisical for EC2 instances, Lambda functions, and other IAM principals.","href":"/documentation/platform/identities/aws-auth"}}},"mdxExtracts":{"tableOfContents":[{"title":"Diagram","slug":"diagram","depth":2,"children":[]},{"title":"Concept","slug":"concept","depth":2,"children":[]},{"title":"Guide","slug":"guide","depth":2,"children":[]}],"codeExamples":{}},"description":{"compiledSource":"\"use strict\";\nconst {jsx: _jsx} = arguments[0];\nconst {useMDXComponents: _provideComponents} = arguments[0];\nfunction _createMdxContent(props) {\n const _components = {\n p: \"p\",\n ..._provideComponents(),\n ...props.components\n };\n return _jsx(_components.p, {\n children: \"Learn how to authenticate with Infisical for EC2 instances, Lambda functions, and other IAM principals.\"\n });\n}\nfunction MDXContent(props = {}) {\n const {wrapper: MDXLayout} = {\n ..._provideComponents(),\n ...props.components\n };\n return MDXLayout ? _jsx(MDXLayout, {\n ...props,\n children: _jsx(_createMdxContent, {\n ...props\n })\n }) : _createMdxContent(props);\n}\nreturn {\n default: MDXContent\n};\n","frontmatter":{},"scope":{}},"pageData":{"navWithMetadata":[{"group":"Getting Started","pages":[{"title":"What is Infisical?","description":"An Introduction to the Infisical secret management platform.","sidebarTitle":"What is Infisical?","href":"/documentation/getting-started/introduction"},{"group":"Quickstart","pages":[{"title":"Secret Management in Development Environments","description":"Learn how to manage secrets in local development environments.","sidebarTitle":"Local Development","href":"/documentation/guides/local-development"}]},{"group":"Guides","pages":[{"title":"Introduction","description":null,"href":"/documentation/guides/introduction"},{"title":"Node","description":null,"href":"/documentation/guides/node"},{"title":"Python","description":null,"href":"/documentation/guides/python"},{"title":"Next.js + Vercel","description":null,"href":"/documentation/guides/nextjs-vercel"},{"title":"Microsoft Power Apps","description":"Learn how to manage secrets in Microsoft Power Apps with Infisical.","href":"/documentation/guides/microsoft-power-apps"},{"title":"Infisical Organizational Structure Blueprint","description":"Learn how to structure your projects, secrets, and other resources within Infisical.","sidebarTitle":"Organization Structure","href":"/documentation/guides/organization-structure"}]}]},{"group":"Platform","pages":[{"title":"Organizations","description":"Learn more and understand the concept of Infisical organizations.","href":"/documentation/platform/organization"},{"title":"Projects","description":"Learn more and understand the concept of Infisical projects.","href":"/documentation/platform/project"},{"title":"Folders","description":"Learn how to organize secrets with folders.","href":"/documentation/platform/folder"},{"group":"Secrets","pages":[{"title":"Secret Versioning","description":"Learn how secret versioning works in Infisical.","href":"/documentation/platform/secret-versioning"},{"title":"Point-in-Time Recovery","description":"Learn how to rollback secrets and configurations to any snapshot with Infisical.","href":"/documentation/platform/pit-recovery"},{"title":"Secret Referencing and Importing","description":"Learn the fundamentals of secret referencing and importing in Infisical.","sidebarTitle":"Referencing and Importing","href":"/documentation/platform/secret-reference"},{"title":"Webhooks","description":"Learn the fundamentals of Infisical webhooks.","href":"/documentation/platform/webhooks"}]},{"group":"Internal PKI","pages":[{"title":"Internal PKI","description":"Learn how to create a Private CA hierarchy and issue X.509 certificates.","sidebarTitle":"Overview","href":"/documentation/platform/pki/overview"},{"title":"Private CA","description":"Learn how to create a Private CA hierarchy with Infisical.","sidebarTitle":"Private CA","href":"/documentation/platform/pki/private-ca"},{"title":"Certificates","description":"Learn how to issue X.509 certificates with Infisical.","sidebarTitle":"Certificates","href":"/documentation/platform/pki/certificates"},{"title":"Kubernetes Issuer","description":"Learn how to automatically provision and manage TLS certificates for in Kubernetes using Infisical PKI","sidebarTitle":"Certificates for Kubernetes","href":"/documentation/platform/pki/pki-issuer"},{"title":"Enrollment over Secure Transport (EST)","description":"Learn how to manage certificate enrollment of clients using EST","sidebarTitle":"Enrollment over Secure Transport (EST)","href":"/documentation/platform/pki/est"},{"title":"Alerting","description":"Learn how to set up alerting for expiring certificates with Infisical","href":"/documentation/platform/pki/alerting"}]},{"title":"Infisical SSH","description":"Learn how to generate SSH credentials to provide secure and centralized SSH access control for your infrastructure.","sidebarTitle":"Infisical SSH","href":"/documentation/platform/ssh"},{"group":"Key Management (KMS)","pages":[{"title":"Key Management Service (KMS)","description":"Learn how to manage and use cryptographic keys with Infisical.","sidebarTitle":"Overview","href":"/documentation/platform/kms/overview"},{"title":"HSM Integration","description":"Learn more about integrating an HSM with Infisical KMS.","href":"/documentation/platform/kms/hsm-integration"},{"title":"Kubernetes Encryption with KMS","description":null,"sidebarTitle":"Kubernetes Encryption","url":"https://github.com/Infisical/k8-kms-plugin","href":"/documentation/platform/kms/kubernetes-encryption"}]},{"group":"KMS Configuration","pages":[{"title":"Key Management Service (KMS) Configuration","description":"Learn how to configure your project's encryption","sidebarTitle":"Overview","href":"/documentation/platform/kms-configuration/overview"},{"title":"AWS Key Management Service","description":"Learn how to manage encryption using AWS KMS","href":"/documentation/platform/kms-configuration/aws-kms"},{"title":"AWS CloudHSM","description":"Learn how to manage encryption using AWS CloudHSM","href":"/documentation/platform/kms-configuration/aws-hsm"},{"title":"GCP Key Management Service","description":"Learn how to manage encryption using GCP KMS","href":"/documentation/platform/kms-configuration/gcp-kms"}]},{"group":"Identities","pages":[{"title":"User and Machine Identities","description":"Learn more about identities to interact with resources in Infisical.","sidebarTitle":"Overview","href":"/documentation/platform/identities/overview"},{"title":"User Identities","description":"Read more about the concept of user identities in Infisical.","href":"/documentation/platform/identities/user-identities"},{"title":"Machine Identities","description":"Learn how to use Machine Identities to programmatically interact with Infisical.","href":"/documentation/platform/identities/machine-identities"}]},{"group":"Access Control","pages":[{"title":"Access Controls","description":"Learn about Infisical's access control toolset.","sidebarTitle":"Overview","href":"/documentation/platform/access-controls/overview"},{"title":"Role-based Access Controls","description":"Learn how to use RBAC to manage user permissions.","href":"/documentation/platform/access-controls/role-based-access-controls"},{"title":"Attribute-based Access Controls","description":"Learn how to use ABAC to manage permissions based on identity attributes.","href":"/documentation/platform/access-controls/attribute-based-access-controls"},{"title":"Additional Privileges","description":"Learn how to add specific privileges on top of predefined roles.","href":"/documentation/platform/access-controls/additional-privileges"},{"title":"Temporary Access","description":"Learn how to set up timed access to sensitive resources for user and machine identities.","href":"/documentation/platform/access-controls/temporary-access"},{"title":"Access Requests","description":"Learn how to request access to sensitive resources in Infisical.","href":"/documentation/platform/access-controls/access-requests"},{"title":"Approval Workflows","description":"Learn how to enable a set of policies to manage changes to sensitive secrets and environments.","href":"/documentation/platform/pr-workflows"},{"title":"User Groups","description":"Manage user groups in Infisical.","href":"/documentation/platform/groups"}]},{"group":"Audit Logs","pages":[{"title":"Overview","description":"Track evert event action performed within Infisical projects.","href":"/documentation/platform/audit-logs"},{"title":"Audit Log Streams","description":"Learn how to stream Infisical Audit Logs to external logging providers.","href":"/documentation/platform/audit-log-streams/audit-log-streams"},{"title":"Stream to Non-HTTP providers","description":"How to stream Infisical Audit Logs to Non-HTTP log providers","href":"/documentation/platform/audit-log-streams/audit-log-streams-with-fluentbit"}]},{"group":"Secret Rotation","pages":[{"title":"Secret Rotation","description":"Learn how to set up automated secret rotation in Infisical.","sidebarTitle":"Overview","href":"/documentation/platform/secret-rotation/overview"},{"title":"Twilio SendGrid","description":"Find out how to rotate Twilio SendGrid API keys.","href":"/documentation/platform/secret-rotation/sendgrid"},{"title":"PostgreSQL/CockroachDB","description":"Learn how to automatically rotate PostgreSQL/CockroachDB user passwords.","href":"/documentation/platform/secret-rotation/postgres"},{"title":"MySQL/MariaDB","description":"Learn how to automatically rotate MySQL/MariaDB user passwords.","href":"/documentation/platform/secret-rotation/mysql"},{"title":"Microsoft SQL Server","description":"Learn how to automatically rotate Microsoft SQL Server user passwords.","href":"/documentation/platform/secret-rotation/mssql"},{"title":"AWS IAM User","description":"Learn how to automatically rotate Access Key Id and Secret Key of AWS IAM Users.","href":"/documentation/platform/secret-rotation/aws-iam"}]},{"group":"Dynamic Secrets","pages":[{"title":"Dynamic Secrets","description":"Learn how to generate secrets dynamically on-demand.","sidebarTitle":"Overview","href":"/documentation/platform/dynamic-secrets/overview"},{"title":"PostgreSQL","description":"Learn how to dynamically generate PostgreSQL database users.","href":"/documentation/platform/dynamic-secrets/postgresql"},{"title":"MySQL","description":"Learn how to dynamically generate MySQL Database user credentials.","href":"/documentation/platform/dynamic-secrets/mysql"},{"title":"MS SQL","description":"Learn how to dynamically generate MS SQL database user credentials.","href":"/documentation/platform/dynamic-secrets/mssql"},{"title":"Oracle","description":"Learn how to dynamically generate Oracle Database user credentials.","href":"/documentation/platform/dynamic-secrets/oracle"},{"title":"Cassandra","description":"Learn how to dynamically generate Cassandra database user credentials","href":"/documentation/platform/dynamic-secrets/cassandra"},{"title":"Redis","description":"Learn how to dynamically generate Redis Database user credentials.","href":"/documentation/platform/dynamic-secrets/redis"},{"title":"AWS ElastiCache","description":"Learn how to dynamically generate AWS ElastiCache user credentials.","href":"/documentation/platform/dynamic-secrets/aws-elasticache"},{"title":"Elasticsearch","description":"Learn how to dynamically generate Elasticsearch user credentials.","href":"/documentation/platform/dynamic-secrets/elastic-search"},{"title":"RabbitMQ","description":"Learn how to dynamically generate RabbitMQ user credentials.","href":"/documentation/platform/dynamic-secrets/rabbit-mq"},{"title":"AWS IAM","description":"Learn how to dynamically generate AWS IAM Users.","href":"/documentation/platform/dynamic-secrets/aws-iam"},{"title":"Mongo Atlas","description":"Learn how to dynamically generate Mongo Atlas Database user credentials.","href":"/documentation/platform/dynamic-secrets/mongo-atlas"},{"title":"Mongo DB","description":"Learn how to dynamically generate Mongo DB Database user credentials.","href":"/documentation/platform/dynamic-secrets/mongo-db"},{"title":"Azure Entra Id","description":"Learn how to dynamically generate Azure Entra Id user credentials.","href":"/documentation/platform/dynamic-secrets/azure-entra-id"},{"title":"LDAP","description":"Learn how to dynamically generate user credentials via LDAP.","href":"/documentation/platform/dynamic-secrets/ldap"},{"title":"SAP ASE","description":"Learn how to dynamically generate SAP ASE database account credentials.","href":"/documentation/platform/dynamic-secrets/sap-ase"},{"title":"SAP HANA","description":"Learn how to dynamically generate SAP HANA database account credentials.","href":"/documentation/platform/dynamic-secrets/sap-hana"},{"title":"Snowflake","description":"Learn how to dynamically generate Snowflake user credentials.","href":"/documentation/platform/dynamic-secrets/snowflake"},{"title":"TOTP","description":"Learn how to dynamically generate time-based one-time passwords.","href":"/documentation/platform/dynamic-secrets/totp"}]},{"title":"Project Templates","description":"Learn how to manage and apply project templates","sidebarTitle":"Project Templates","href":"/documentation/platform/project-templates"},{"group":"Workflow Integrations","pages":[{"title":"Slack integration","description":"Learn how to setup Slack integration","href":"/documentation/platform/workflow-integrations/slack-integration"}]},{"group":"Admin Consoles","pages":[{"title":null,"description":"Learn about Infisical's Admin Consoles","href":"/documentation/platform/admin-panel/overview"},{"title":"Server Admin Console","description":"Configure and manage server related features","href":"/documentation/platform/admin-panel/server-admin"},{"title":"Organization Admin Console","description":"View and manage resources across your organization","href":"/documentation/platform/admin-panel/org-admin-console"}]},{"title":"Secret Sharing","description":"Learn how to share time \u0026 view-count bound secrets securely with anyone on the internet.","sidebarTitle":"Secret Sharing","href":"/documentation/platform/secret-sharing"}]},{"group":"Authentication Methods","pages":[{"title":"Email and Password","description":"Learn how to authenticate into Infisical with email and password.","href":"/documentation/platform/auth-methods/email-password"},{"title":"Service Token","description":"Infisical service tokens allow users to programmatically interact with Infisical.","href":"/documentation/platform/token"},{"title":"Token Auth","description":"Learn how to authenticate to Infisical from any platform or environment using an access token.","href":"/documentation/platform/identities/token-auth"},{"title":"Universal Auth","description":"Learn how to authenticate to Infisical from any platform or environment.","href":"/documentation/platform/identities/universal-auth"},{"title":"Kubernetes Auth","description":"Learn how to authenticate with Infisical in Kubernetes","href":"/documentation/platform/identities/kubernetes-auth"},{"title":"GCP Auth","description":"Learn how to authenticate with Infisical for services on Google Cloud Platform","href":"/documentation/platform/identities/gcp-auth"},{"title":"Azure Auth","description":"Learn how to authenticate with Infisical for services on Azure","href":"/documentation/platform/identities/azure-auth"},{"title":"AWS Auth","description":"Learn how to authenticate with Infisical for EC2 instances, Lambda functions, and other IAM principals.","href":"/documentation/platform/identities/aws-auth"},{"title":"JWT Auth","description":"Learn how to authenticate with Infisical using JWT-based authentication.","href":"/documentation/platform/identities/jwt-auth"},{"group":"OIDC Auth","pages":[{"title":"General","description":"Learn how to authenticate with Infisical from any platform or environment using OpenID Connect (OIDC).","href":"/documentation/platform/identities/oidc-auth/general"},{"title":"Github","description":"Learn how to authenticate Github workflows with Infisical using OpenID Connect (OIDC).","href":"/documentation/platform/identities/oidc-auth/github"},{"title":"CircleCI","description":"Learn how to authenticate CircleCI jobs with Infisical using OpenID Connect (OIDC).","href":"/documentation/platform/identities/oidc-auth/circleci"},{"title":"GitLab","description":"Learn how to authenticate GitLab pipelines with Infisical using OpenID Connect (OIDC).","href":"/documentation/platform/identities/oidc-auth/gitlab"}]},{"title":"Multi-factor Authentication","description":"Learn how to secure your Infisical account with MFA.","sidebarTitle":"MFA","href":"/documentation/platform/mfa"},{"group":"SSO","pages":[{"title":"SSO Overview","description":"Learn how to log in to Infisical via SSO protocols.","sidebarTitle":"Overview","href":"/documentation/platform/sso/overview"},{"title":"Google SSO","description":"Learn how to configure Google SSO for Infisical.","href":"/documentation/platform/sso/google"},{"title":"GitHub SSO","description":"Learn how to configure GitHub SSO for Infisical.","href":"/documentation/platform/sso/github"},{"title":"GitLab SSO","description":"Learn how to configure GitLab SSO for Infisical.","href":"/documentation/platform/sso/gitlab"},{"title":"Okta SAML","description":"Learn how to configure Okta SAML 2.0 for Infisical SSO.","href":"/documentation/platform/sso/okta"},{"title":"Entra ID / Azure AD SAML","description":"Learn how to configure Microsoft Entra ID for Infisical SSO.","href":"/documentation/platform/sso/azure"},{"title":"JumpCloud SAML","description":"Learn how to configure JumpCloud SAML for Infisical SSO.","href":"/documentation/platform/sso/jumpcloud"},{"title":"Keycloak SAML","description":"Learn how to configure Keycloak SAML for Infisical SSO.","href":"/documentation/platform/sso/keycloak-saml"},{"title":"Google SAML","description":"Learn how to configure Google SAML for Infisical SSO.","href":"/documentation/platform/sso/google-saml"},{"title":"Auth0 SAML","description":"Learn how to configure Auth0 SAML for Infisical SSO.","href":"/documentation/platform/sso/auth0-saml"},{"group":"Keycloak OIDC","pages":[{"title":"Keycloak OIDC Overview","description":"Learn how to configure Keycloak OIDC for Infisical SSO.","sidebarTitle":"Overview","href":"/documentation/platform/sso/keycloak-oidc/overview"},{"title":"Keycloak OIDC Group Membership Mapping","description":"Learn how to sync Keycloak group members to matching groups in Infisical.","sidebarTitle":"Group Membership Mapping","href":"/documentation/platform/sso/keycloak-oidc/group-membership-mapping"}]},{"title":"Auth0 OIDC","description":"Learn how to configure Auth0 OIDC for Infisical SSO.","href":"/documentation/platform/sso/auth0-oidc"},{"title":"General OIDC","description":"Learn how to configure OIDC for Infisical SSO with any OIDC-compliant identity provider","href":"/documentation/platform/sso/general-oidc"}]},{"group":"LDAP","pages":[{"title":"LDAP Overview","description":"Learn how to authenticate into Infisical with LDAP.","sidebarTitle":"Overview","href":"/documentation/platform/ldap/overview"},{"title":"JumpCloud LDAP","description":"Learn how to configure JumpCloud LDAP for authenticating into Infisical.","href":"/documentation/platform/ldap/jumpcloud"},{"title":"General LDAP","description":"Learn how to log in to Infisical with LDAP.","href":"/documentation/platform/ldap/general"}]},{"group":"SCIM","pages":[{"title":"SCIM Overview","description":"Learn how to provision users for Infisical via SCIM.","href":"/documentation/platform/scim/overview"},{"title":"Okta SCIM","description":"Learn how to configure SCIM provisioning with Okta for Infisical.","href":"/documentation/platform/scim/okta"},{"title":"Azure SCIM","description":"Learn how to configure SCIM provisioning with Azure for Infisical.","href":"/documentation/platform/scim/azure"},{"title":"JumpCloud SCIM","description":"Learn how to configure SCIM provisioning with JumpCloud for Infisical.","href":"/documentation/platform/scim/jumpcloud"},{"title":"SCIM Group Mappings","description":"Learn how to enhance your SCIM implementation using group mappings","href":"/documentation/platform/scim/group-mappings"}]}]},{"group":"Self-host Infisical","pages":[{"title":"","description":"Learn how to self-host Infisical on your own infrastructure.","sidebarTitle":"Introduction","href":"/self-hosting/overview"},{"group":"Installation methods","pages":[{"title":"Docker","description":"Learn how to run Infisical with Docker.","href":"/self-hosting/deployment-options/standalone-infisical"},{"title":"Docker Swarm","description":"How to self-host Infisical with Docker Swarm (HA).","href":"/self-hosting/deployment-options/docker-swarm"},{"title":"Docker Compose","description":"Read how to run Infisical with Docker Compose template.","href":"/self-hosting/deployment-options/docker-compose"},{"title":"Kubernetes via Helm Chart","description":"Learn how to use Helm chart to install Infisical on your Kubernetes cluster.","href":"/self-hosting/deployment-options/kubernetes-helm"}]},{"title":"Upgrade Infisical Instance","description":"How to upgrade Infisical self-hosted instance","href":"/self-hosting/guides/upgrading-infisical"},{"title":"Configurations","description":"Read how to configure environment variables for self-hosted Infisical.","href":"/self-hosting/configuration/envars"},{"title":"Hardware requirements","description":"Find out the minimal requirements for operating Infisical.","href":"/self-hosting/configuration/requirements"},{"group":"Guides","pages":[{"title":"Migrate Mongo to Postgres","description":"Learn how to migrate Infisical from MongoDB to PostgreSQL.","href":"/self-hosting/guides/mongo-to-postgres"},{"title":"Adding Custom Certificates","description":"Learn how to configure Infisical with custom certificates","href":"/self-hosting/guides/custom-certificates"}]},{"group":"Reference architectures","pages":[{"title":"AWS ECS (HA)","description":"Reference architecture for self-hosting Infisical on AWS ECS","href":"/self-hosting/reference-architectures/aws-ecs"},{"title":"Linux (HA)","description":"Infisical High Availability Deployment architecture for Linux","href":"/self-hosting/reference-architectures/linux-deployment-ha"},{"title":"Kubernetes (HA)","description":"Reference architecture for self-hosting Infisical on Kubernetes (HA)","href":"/self-hosting/reference-architectures/on-prem-k8s-ha"}]},{"title":"Infisical Enterprise","description":"Find out how to activate Infisical Enterprise edition (EE) features.","href":"/self-hosting/ee"},{"title":"FAQ","description":"Frequently Asked Questions about self-hosting Infisical.","href":"/self-hosting/faq"}]},{"group":"Command line","pages":[{"title":"Install","description":"Infisical's CLI is one of the best ways to manage environments and secrets. Install it here","href":"/cli/overview"},{"title":"Quickstart","description":"Manage secrets with Infisical CLI","href":"/cli/usage"},{"group":"Core commands","pages":[{"title":"infisical login","description":"Login into Infisical from the CLI","href":"/cli/commands/login"},{"title":"infisical init","description":"Switch between Infisical projects within CLI","href":"/cli/commands/init"},{"title":"infisical run","description":"The command that injects your secrets into local environment","href":"/cli/commands/run"},{"title":"infisical secrets","description":"Perform CRUD operations with Infisical secrets","href":"/cli/commands/secrets"},{"title":"infisical dynamic-secrets","description":"Perform dynamic secret operations directly with the CLI","href":"/cli/commands/dynamic-secrets"},{"title":"infisical ssh","description":"Generate SSH credentials with the CLI","href":"/cli/commands/ssh"},{"title":"infisical export","description":"Export Infisical secrets from CLI into different file formats","href":"/cli/commands/export"},{"title":"infisical token","description":"Manage your Infisical identity access tokens","href":"/cli/commands/token"},{"title":"infisical service-token","description":"Manage Infisical service tokens","href":"/cli/commands/service-token"},{"title":"infisical vault","description":"Change the vault type in Infisical","href":"/cli/commands/vault"},{"title":"infisical user","description":"Manage logged in users","href":"/cli/commands/user"},{"title":"infisical reset","description":"Reset Infisical","href":"/cli/commands/reset"},{"group":"infisical scan","pages":[{"title":"scan","description":"Scan git history, directories, and files for secrets","href":"/cli/commands/scan"},{"title":"scan git-changes","description":"Scan for secrets in your uncommitted code","href":"/cli/commands/scan-git-changes"},{"title":"scan install","description":"Add various scanning tools seamlessly into your development lifecycle","href":"/cli/commands/scan-install"}]}]},{"title":"Secret scanning","description":"Scan and prevent secret leaks in your code base","href":"/cli/scanning-overview"},{"title":"Project config file","description":"Project config file \u0026 customization options","href":"/cli/project-config"},{"title":"FAQ","description":"Frequently Asked Questions about Infisical CLI","href":"/cli/faq"}]},{"group":"Infrastructure Integrations","pages":[{"group":"Container orchestrators","pages":[{"group":"Kubernetes","pages":[{"title":"Kubernetes Operator","description":"How to use Infisical to inject, push, and manage secrets within Kubernetes clusters","sidebarTitle":"Overview","href":"/integrations/platforms/kubernetes/overview"},{"title":"Using the InfisicalSecret CRD","description":"Learn how to use the InfisicalSecret CRD to fetch secrets from Infisical and store them as native Kubernetes secret resource","sidebarTitle":"InfisicalSecret CRD","href":"/integrations/platforms/kubernetes/infisical-secret-crd"},{"title":"Using the InfisicalPushSecret CRD","description":"Learn how to use the InfisicalPushSecret CRD to push and manage secrets in Infisical.","sidebarTitle":"InfisicalPushSecret CRD","href":"/integrations/platforms/kubernetes/infisical-push-secret-crd"},{"title":"Using the InfisicalDynamicSecret CRD","description":"Learn how to generate dynamic secret leases in Infisical and sync them to your Kubernetes cluster.","sidebarTitle":"InfisicalDynamicSecret CRD","href":"/integrations/platforms/kubernetes/infisical-dynamic-secret-crd"}]},{"title":"Kubernetes CSI","description":"How to use Infisical to inject secrets directly into Kubernetes pods.","href":"/integrations/platforms/kubernetes-csi"},{"title":"Docker Swarm","description":"Learn how to manage secrets in Docker Swarm services.","href":"/integrations/platforms/docker-swarm-with-agent"},{"title":"Amazon ECS","description":"Learn how to deliver secrets to Amazon Elastic Container Service.","href":"/integrations/platforms/ecs-with-agent"}]},{"title":"Infisical Agent","description":"This page describes how to manage secrets using Infisical Agent.","href":"/integrations/platforms/infisical-agent"},{"group":"Docker","pages":[{"title":"Docker","description":"Learn how to feed secrets from Infisical into your Docker application.","href":"/integrations/platforms/docker-intro"},{"title":"Docker Entrypoint","description":"Learn how to use Infisical to inject environment variables into a Docker container.","href":"/integrations/platforms/docker"},{"title":"Docker Run","description":"Learn how to pass secrets to your docker container at run time.","href":"/integrations/platforms/docker-pass-envs"},{"title":"Docker Compose","description":"Find out how to use Infisical to inject environment variables into services defined in your Docker Compose file.","href":"/integrations/platforms/docker-compose"}]},{"title":"Terraform Provider","description":"Learn how to fetch Secrets From Infisical With Terraform.","url":"https://registry.terraform.io/providers/Infisical/infisical/latest/docs","href":"/integrations/frameworks/terraform"},{"title":"Ansible","description":"Learn how to use Infisical for secret management in Ansible.","href":"/integrations/platforms/ansible"}]},{"group":"App Connections","pages":[{"title":null,"description":"Learn how to manage and configure third-party app connections with Infisical.","sidebarTitle":"Overview","href":"/integrations/app-connections/overview"},{"group":"Connections","pages":[{"title":"AWS Connection","description":"Learn how to configure an AWS Connection for Infisical.","href":"/integrations/app-connections/aws"},{"title":"Azure App Configuration Connection","description":"Learn how to configure a Azure App Configuration Connection for Infisical.","href":"/integrations/app-connections/azure-app-configuration"},{"title":"Azure Key Vault Connection","description":"Learn how to configure a Azure Key Vault Connection for Infisical.","href":"/integrations/app-connections/azure-key-vault"},{"title":"Databricks Connection","description":"Learn how to configure a Databricks Connection for Infisical.","href":"/integrations/app-connections/databricks"},{"title":"GCP Connection","description":"Learn how to configure a GCP Connection for Infisical.","href":"/integrations/app-connections/gcp"},{"title":"GitHub Connection","description":"Learn how to configure a GitHub Connection for Infisical.","href":"/integrations/app-connections/github"}]}]},{"group":"Secret Syncs","pages":[{"title":null,"description":"Learn how to sync secrets to third-party services with Infisical.","sidebarTitle":"Overview","href":"/integrations/secret-syncs/overview"},{"group":"Syncs","pages":[{"title":"AWS Parameter Store Sync","description":"Learn how to configure an AWS Parameter Store Sync for Infisical.","href":"/integrations/secret-syncs/aws-parameter-store"},{"title":"AWS Secrets Manager Sync","description":"Learn how to configure an AWS Secrets Manager Sync for Infisical.","href":"/integrations/secret-syncs/aws-secrets-manager"},{"title":"Azure App Configuration Sync","description":"Learn how to configure an Azure App Configuration Sync for Infisical.","href":"/integrations/secret-syncs/azure-app-configuration"},{"title":"Azure Key Vault Sync","description":"Learn how to configure a Azure Key Vault Sync for Infisical.","href":"/integrations/secret-syncs/azure-key-vault"},{"title":"Databricks Sync","description":"Learn how to configure a Databricks Sync for Infisical.","href":"/integrations/secret-syncs/databricks"},{"title":"GCP Secret Manager Sync","description":"Learn how to configure a GCP Secret Manager Sync for Infisical.","href":"/integrations/secret-syncs/gcp-secret-manager"},{"title":"GitHub Sync","description":"Learn how to configure a GitHub Sync for Infisical.","href":"/integrations/secret-syncs/github"}]}]},{"group":"Native Integrations","pages":[{"group":"AWS","pages":[{"title":"AWS Parameter Store","description":"Learn how to sync secrets from Infisical to AWS Parameter Store.","href":"/integrations/cloud/aws-parameter-store"},{"title":"AWS Secrets Manager","description":"Learn how to sync secrets from Infisical to AWS Secrets Manager.","href":"/integrations/cloud/aws-secret-manager"},{"title":"AWS Amplify","description":"Learn how to sync secrets from Infisical to AWS Amplify.","href":"/integrations/cloud/aws-amplify"}]},{"title":"Vercel","description":"How to sync secrets from Infisical to Vercel","href":"/integrations/cloud/vercel"},{"title":"Azure Key Vault","description":"How to sync secrets from Infisical to Azure Key Vault","href":"/integrations/cloud/azure-key-vault"},{"title":"Azure App Configuration","description":"How to sync secrets from Infisical to Azure App Configuration","href":"/integrations/cloud/azure-app-configuration"},{"title":"Azure DevOps","description":"How to sync secrets from Infisical to Azure DevOps","href":"/integrations/cloud/azure-devops"},{"title":"GCP Secret Manager","description":"How to sync secrets from Infisical to GCP Secret Manager","href":"/integrations/cloud/gcp-secret-manager"},{"group":"Cloudflare","pages":[{"title":"Cloudflare Pages","description":"How to sync secrets from Infisical to Cloudflare Pages","href":"/integrations/cloud/cloudflare-pages"},{"title":"Cloudflare Workers","description":"How to sync secrets from Infisical to Cloudflare Workers","href":"/integrations/cloud/cloudflare-workers"}]},{"title":"Terraform Cloud","description":"How to sync secrets from Infisical to Terraform Cloud","href":"/integrations/cloud/terraform-cloud"},{"title":"Databricks","description":"Learn how to sync secrets from Infisical to Databricks.","href":"/integrations/cloud/databricks"},{"group":"View more","pages":[{"title":"Digital Ocean App Platform","description":"How to sync secrets from Infisical to Digital Ocean App Platform","href":"/integrations/cloud/digital-ocean-app-platform"},{"title":"Heroku","description":"How to sync secrets from Infisical to Heroku","href":"/integrations/cloud/heroku"},{"title":"Netlify","description":"How to sync secrets from Infisical to Netlify","href":"/integrations/cloud/netlify"},{"title":"Railway","description":"How to sync secrets from Infisical to Railway","href":"/integrations/cloud/railway"},{"title":"Fly.io","description":"How to sync secrets from Infisical to Fly.io","href":"/integrations/cloud/flyio"},{"title":"Render","description":"How to sync secrets from Infisical to Render","href":"/integrations/cloud/render"},{"title":"Laravel Forge","description":"How to sync secrets from Infisical to Laravel Forge","href":"/integrations/cloud/laravel-forge"},{"title":"Supabase","description":"How to sync secrets from Infisical to Supabase","href":"/integrations/cloud/supabase"},{"title":"Northflank","description":"How to sync secrets from Infisical to Northflank","href":"/integrations/cloud/northflank"},{"title":"Hasura Cloud","description":"How to sync secrets from Infisical to Hasura Cloud","href":"/integrations/cloud/hasura-cloud"},{"title":"Qovery","description":"How to sync secrets from Infisical to Qovery","href":"/integrations/cloud/qovery"},{"title":"HashiCorp Vault","description":"How to sync secrets from Infisical to HashiCorp Vault","href":"/integrations/cloud/hashicorp-vault"},{"title":"Cloud 66","description":"How to sync secrets from Infisical to Cloud 66","href":"/integrations/cloud/cloud-66"},{"title":"Windmill","description":"How to sync secrets from Infisical to Windmill","href":"/integrations/cloud/windmill"}]}]},{"group":"CI/CD Integrations","pages":[{"title":"Jenkins Plugin","description":"How to effectively and securely manage secrets in Jenkins using Infisical","href":"/integrations/cicd/jenkins"},{"title":"GitHub Actions","description":"How to sync secrets from Infisical to GitHub Actions","href":"/integrations/cicd/githubactions"},{"title":"GitLab","description":"How to sync secrets from Infisical to GitLab","href":"/integrations/cicd/gitlab"},{"title":"Bitbucket","description":"How to sync secrets from Infisical to Bitbucket","href":"/integrations/cicd/bitbucket"},{"title":"TeamCity","description":"How to sync secrets from Infisical to TeamCity","href":"/integrations/cloud/teamcity"},{"group":"View more","pages":[{"title":"CircleCI","description":"How to sync secrets from Infisical to CircleCI","href":"/integrations/cicd/circleci"},{"title":"Travis CI","description":"How to sync secrets from Infisical to Travis CI","href":"/integrations/cicd/travisci"},{"title":"Rundeck","description":"How to sync secrets from Infisical to Rundeck","href":"/integrations/cicd/rundeck"},{"title":"Codefresh","description":"How to sync secrets from Infisical to Codefresh","href":"/integrations/cicd/codefresh"},{"title":"Checkly","description":"How to sync secrets from Infisical to Checkly","href":"/integrations/cloud/checkly"},{"title":"Octopus Deploy","description":"Learn how to sync secrets from Infisical to Octopus Deploy","href":"/integrations/cicd/octopus-deploy"}]}]},{"group":"Framework Integrations","pages":[{"title":"Spring Boot with Maven","description":"How to use Infisical to inject environment variables into Java Spring Boot","href":"/integrations/frameworks/spring-boot-maven"},{"title":"React","description":"How to use Infisical to inject environment variables and secrets into a React app.","href":"/integrations/frameworks/react"},{"title":"Vue","description":"How to use Infisical to inject environment variables and secrets into a Vue.js app.","href":"/integrations/frameworks/vue"},{"title":"Express, Fastify, Koa","description":"How to use Infisical to inject environment variables and secrets into an Express app.","href":"/integrations/frameworks/express"},{"group":"View more","pages":[{"title":"Next.js","description":"How to use Infisical to inject environment variables and secrets into a Next.js app.","href":"/integrations/frameworks/nextjs"},{"title":"NestJS","description":"How to use Infisical to inject environment variables and secrets into a NestJS app.","href":"/integrations/frameworks/nestjs"},{"title":"SvelteKit","description":"How to use Infisical to inject environment variables and secrets into a SvelteKit app.","href":"/integrations/frameworks/sveltekit"},{"title":"Nuxt","description":"How to use Infisical to inject environment variables and secrets into a Nuxt app.","href":"/integrations/frameworks/nuxt"},{"title":"Gatsby","description":"How to use Infisical to inject environment variables and secrets into a Gatsby app.","href":"/integrations/frameworks/gatsby"},{"title":"Remix","description":"How to use Infisical to inject environment variables and secrets into a Remix app.","href":"/integrations/frameworks/remix"},{"title":"Vite","description":"How to use Infisical to inject environment variables and secrets into a Vite app.","href":"/integrations/frameworks/vite"},{"title":"Fiber","description":"How to use Infisical to inject environment variables and secrets into a Fiber app.","href":"/integrations/frameworks/fiber"},{"title":"Django","description":"How to use Infisical to inject environment variables and secrets into a Django app.","href":"/integrations/frameworks/django"},{"title":"Flask","description":"How to use Infisical to inject environment variables and secrets into a Flask app.","href":"/integrations/frameworks/flask"},{"title":"Laravel","description":"How to use Infisical to inject environment variables and secrets into a Laravel app.","href":"/integrations/frameworks/laravel"},{"title":"Ruby on Rails","description":"How to use Infisical to inject environment variables and secrets into a Ruby on Rails app.","href":"/integrations/frameworks/rails"},{"title":".NET","description":"How to use Infisical to inject environment variables and secrets into a .NET app.","href":"/integrations/frameworks/dotnet"},{"title":"PM2","description":"How to use Infisical to inject environment variables and secrets with PM2 into a Node.js app","href":"/integrations/platforms/pm2"}]}]},{"group":"Build Tool Integrations","pages":[{"title":"Gradle","description":"How to use Infisical to inject environment variables with Gradle","href":"/integrations/build-tools/gradle"}]},{"group":"","pages":[{"title":"SDKs","description":null,"sidebarTitle":"Introduction","href":"/sdks/overview"}]},{"group":"SDK's","pages":[{"title":"Infisical Node.js SDK","description":null,"sidebarTitle":"Node.js","url":"https://github.com/Infisical/node-sdk-v2","icon":"node","href":"/sdks/languages/node"},{"title":"Infisical Python SDK","description":null,"sidebarTitle":"Python","url":"https://github.com/Infisical/python-sdk-official?tab=readme-ov-file#infisical-python-sdk","icon":"python","href":"/sdks/languages/python"},{"title":"Infisical Java SDK","description":null,"sidebarTitle":"Java","url":"https://github.com/Infisical/java-sdk?tab=readme-ov-file#infisical-nodejs-sdk","icon":"java","href":"/sdks/languages/java"},{"title":"Infisical Go SDK","description":null,"sidebarTitle":"Go","icon":"golang","href":"/sdks/languages/go"},{"title":"Infisical Ruby SDK","description":null,"sidebarTitle":"Ruby","icon":"diamond","href":"/sdks/languages/ruby"},{"title":"Infisical .NET SDK","description":null,"sidebarTitle":".NET","icon":"bars","href":"/sdks/languages/csharp"}]},{"group":"Overview","pages":[{"title":"API Reference","description":null,"sidebarTitle":"Introduction","href":"/api-reference/overview/introduction"},{"title":"Authentication","description":"Learn how to authenticate with the Infisical Public API.","href":"/api-reference/overview/authentication"},{"group":"Examples","pages":[{"title":"Configure native integrations via API","description":"How to use Infisical API to sync secrets to external secret managers","href":"/api-reference/overview/examples/integration"}]}]},{"group":"Endpoints","pages":[{"group":"Identities","pages":[{"title":"Create","description":"Create identity","openapi":"POST /api/v1/identities","href":"/api-reference/endpoints/identities/create"},{"title":"Update","description":"Update identity","openapi":"PATCH /api/v1/identities/{identityId}","href":"/api-reference/endpoints/identities/update"},{"title":"Delete","description":"Delete identity","openapi":"DELETE /api/v1/identities/{identityId}","href":"/api-reference/endpoints/identities/delete"},{"title":"Get By ID","description":"Get an identity by id","openapi":"GET /api/v1/identities/{identityId}","href":"/api-reference/endpoints/identities/get-by-id"},{"title":"List","description":"List identities","openapi":"GET /api/v1/identities","href":"/api-reference/endpoints/identities/list"}]},{"group":"Token Auth","pages":[{"title":"Attach","description":"Attach Token Auth configuration onto identity","openapi":"POST /api/v1/auth/token-auth/identities/{identityId}","href":"/api-reference/endpoints/token-auth/attach"},{"title":"Retrieve","description":"Retrieve Token Auth configuration on identity","openapi":"GET /api/v1/auth/token-auth/identities/{identityId}","href":"/api-reference/endpoints/token-auth/retrieve"},{"title":"Update","description":"Update Token Auth configuration on identity","openapi":"PATCH /api/v1/auth/token-auth/identities/{identityId}","href":"/api-reference/endpoints/token-auth/update"},{"title":"Revoke","description":"Delete Token Auth configuration on identity","openapi":"DELETE /api/v1/auth/token-auth/identities/{identityId}","href":"/api-reference/endpoints/token-auth/revoke"},{"title":"Get Tokens","description":"Get tokens for identity with Token Auth","openapi":"GET /api/v1/auth/token-auth/identities/{identityId}/tokens","href":"/api-reference/endpoints/token-auth/get-tokens"},{"title":"Create Token","description":"Create token for identity with Token Auth","openapi":"POST /api/v1/auth/token-auth/identities/{identityId}/tokens","href":"/api-reference/endpoints/token-auth/create-token"},{"title":"Update Token","description":"Update token for identity with Token Auth","openapi":"PATCH /api/v1/auth/token-auth/tokens/{tokenId}","href":"/api-reference/endpoints/token-auth/update-token"},{"title":"Revoke Token","description":"Revoke token for identity with Token Auth","openapi":"POST /api/v1/auth/token-auth/tokens/{tokenId}/revoke","href":"/api-reference/endpoints/token-auth/revoke-token"}]},{"group":"Universal Auth","pages":[{"title":"Login","description":"Login with Universal Auth","openapi":"POST /api/v1/auth/universal-auth/login","href":"/api-reference/endpoints/universal-auth/login"},{"title":"Attach","description":"Attach Universal Auth configuration onto identity","openapi":"POST /api/v1/auth/universal-auth/identities/{identityId}","href":"/api-reference/endpoints/universal-auth/attach"},{"title":"Retrieve","description":"Retrieve Universal Auth configuration on identity","openapi":"GET /api/v1/auth/universal-auth/identities/{identityId}","href":"/api-reference/endpoints/universal-auth/retrieve"},{"title":"Update","description":"Update Universal Auth configuration on identity","openapi":"PATCH /api/v1/auth/universal-auth/identities/{identityId}","href":"/api-reference/endpoints/universal-auth/update"},{"title":"Revoke","description":"Delete Universal Auth configuration on identity","openapi":"DELETE /api/v1/auth/universal-auth/identities/{identityId}","href":"/api-reference/endpoints/universal-auth/revoke"},{"title":"Create Client Secret","description":"Create Universal Auth Client Secret for identity","openapi":"POST /api/v1/auth/universal-auth/identities/{identityId}/client-secrets","href":"/api-reference/endpoints/universal-auth/create-client-secret"},{"title":"List Client Secrets","description":"List Universal Auth Client Secrets for identity","openapi":"GET /api/v1/auth/universal-auth/identities/{identityId}/client-secrets","href":"/api-reference/endpoints/universal-auth/list-client-secrets"},{"title":"Revoke Client Secret","description":"Revoke Universal Auth Client Secrets for identity","openapi":"POST /api/v1/auth/universal-auth/identities/{identityId}/client-secrets/{clientSecretId}/revoke","href":"/api-reference/endpoints/universal-auth/revoke-client-secret"},{"title":"Get Client Secret By ID","description":"Get Universal Auth Client Secret for identity","openapi":"GET /api/v1/auth/universal-auth/identities/{identityId}/client-secrets/{clientSecretId}","href":"/api-reference/endpoints/universal-auth/get-client-secret-by-id"},{"title":"Renew Access Token","description":"Renew access token","openapi":"POST /api/v1/auth/token/renew","href":"/api-reference/endpoints/universal-auth/renew-access-token"},{"title":"Revoke Access Token","description":"Revoke access token","openapi":"POST /api/v1/auth/token/revoke","href":"/api-reference/endpoints/universal-auth/revoke-access-token"}]},{"group":"GCP Auth","pages":[{"title":"Login","description":"Login with GCP Auth","openapi":"POST /api/v1/auth/gcp-auth/login","href":"/api-reference/endpoints/gcp-auth/login"},{"title":"Attach","description":"Attach GCP Auth configuration onto identity","openapi":"POST /api/v1/auth/gcp-auth/identities/{identityId}","href":"/api-reference/endpoints/gcp-auth/attach"},{"title":"Retrieve","description":"Retrieve GCP Auth configuration on identity","openapi":"GET /api/v1/auth/gcp-auth/identities/{identityId}","href":"/api-reference/endpoints/gcp-auth/retrieve"},{"title":"Update","description":"Update GCP Auth configuration on identity","openapi":"PATCH /api/v1/auth/gcp-auth/identities/{identityId}","href":"/api-reference/endpoints/gcp-auth/update"},{"title":"Revoke","description":"Delete GCP Auth configuration on identity","openapi":"DELETE /api/v1/auth/gcp-auth/identities/{identityId}","href":"/api-reference/endpoints/gcp-auth/revoke"}]},{"group":"AWS Auth","pages":[{"title":"Login","description":"Login with AWS Auth","openapi":"POST /api/v1/auth/aws-auth/login","href":"/api-reference/endpoints/aws-auth/login"},{"title":"Attach","description":"Attach AWS Auth configuration onto identity","openapi":"POST /api/v1/auth/aws-auth/identities/{identityId}","href":"/api-reference/endpoints/aws-auth/attach"},{"title":"Retrieve","description":"Retrieve AWS Auth configuration on identity","openapi":"GET /api/v1/auth/aws-auth/identities/{identityId}","href":"/api-reference/endpoints/aws-auth/retrieve"},{"title":"Update","description":"Update AWS Auth configuration on identity","openapi":"PATCH /api/v1/auth/aws-auth/identities/{identityId}","href":"/api-reference/endpoints/aws-auth/update"},{"title":"Revoke","description":"Delete AWS Auth configuration on identity","openapi":"DELETE /api/v1/auth/aws-auth/identities/{identityId}","href":"/api-reference/endpoints/aws-auth/revoke"}]},{"group":"Azure Auth","pages":[{"title":"Login","description":"Login with Azure Auth","openapi":"POST /api/v1/auth/azure-auth/login","href":"/api-reference/endpoints/azure-auth/login"},{"title":"Attach","description":"Attach Azure Auth configuration onto identity","openapi":"POST /api/v1/auth/azure-auth/identities/{identityId}","href":"/api-reference/endpoints/azure-auth/attach"},{"title":"Retrieve","description":"Retrieve Azure Auth configuration on identity","openapi":"GET /api/v1/auth/azure-auth/identities/{identityId}","href":"/api-reference/endpoints/azure-auth/retrieve"},{"title":"Update","description":"Update Azure Auth configuration on identity","openapi":"PATCH /api/v1/auth/azure-auth/identities/{identityId}","href":"/api-reference/endpoints/azure-auth/update"},{"title":"Revoke","description":"Delete Azure Auth configuration on identity","openapi":"DELETE /api/v1/auth/azure-auth/identities/{identityId}","href":"/api-reference/endpoints/azure-auth/revoke"}]},{"group":"Kubernetes Auth","pages":[{"title":"Login","description":"Login with Kubernetes Auth","openapi":"POST /api/v1/auth/kubernetes-auth/login","href":"/api-reference/endpoints/kubernetes-auth/login"},{"title":"Attach","description":"Attach Kubernetes Auth configuration onto identity","openapi":"POST /api/v1/auth/kubernetes-auth/identities/{identityId}","href":"/api-reference/endpoints/kubernetes-auth/attach"},{"title":"Retrieve","description":"Retrieve Kubernetes Auth configuration on identity","openapi":"GET /api/v1/auth/kubernetes-auth/identities/{identityId}","href":"/api-reference/endpoints/kubernetes-auth/retrieve"},{"title":"Update","description":"Update Kubernetes Auth configuration on identity","openapi":"PATCH /api/v1/auth/kubernetes-auth/identities/{identityId}","href":"/api-reference/endpoints/kubernetes-auth/update"},{"title":"Revoke","description":"Delete Kubernetes Auth configuration on identity","openapi":"DELETE /api/v1/auth/kubernetes-auth/identities/{identityId}","href":"/api-reference/endpoints/kubernetes-auth/revoke"}]},{"group":"OIDC Auth","pages":[{"title":"Login","description":"Login with OIDC Auth","openapi":"POST /api/v1/auth/oidc-auth/login","href":"/api-reference/endpoints/oidc-auth/login"},{"title":"Attach","description":"Attach OIDC Auth configuration onto identity","openapi":"POST /api/v1/auth/oidc-auth/identities/{identityId}","href":"/api-reference/endpoints/oidc-auth/attach"},{"title":"Retrieve","description":"Retrieve OIDC Auth configuration on identity","openapi":"GET /api/v1/auth/oidc-auth/identities/{identityId}","href":"/api-reference/endpoints/oidc-auth/retrieve"},{"title":"Update","description":"Update OIDC Auth configuration on identity","openapi":"PATCH /api/v1/auth/oidc-auth/identities/{identityId}","href":"/api-reference/endpoints/oidc-auth/update"},{"title":"Revoke","description":"Delete OIDC Auth configuration on identity","openapi":"DELETE /api/v1/auth/oidc-auth/identities/{identityId}","href":"/api-reference/endpoints/oidc-auth/revoke"}]},{"group":"JWT Auth","pages":[{"title":"Login","description":"Login with JWT Auth","openapi":"POST /api/v1/auth/jwt-auth/login","href":"/api-reference/endpoints/jwt-auth/login"},{"title":"Attach","description":"Attach JWT Auth configuration onto identity","openapi":"POST /api/v1/auth/jwt-auth/identities/{identityId}","href":"/api-reference/endpoints/jwt-auth/attach"},{"title":"Retrieve","description":"Retrieve JWT Auth configuration on identity","openapi":"GET /api/v1/auth/jwt-auth/identities/{identityId}","href":"/api-reference/endpoints/jwt-auth/retrieve"},{"title":"Update","description":"Update JWT Auth configuration on identity","openapi":"PATCH /api/v1/auth/jwt-auth/identities/{identityId}","href":"/api-reference/endpoints/jwt-auth/update"},{"title":"Revoke","description":"Delete JWT Auth configuration on identity","openapi":"DELETE /api/v1/auth/jwt-auth/identities/{identityId}","href":"/api-reference/endpoints/jwt-auth/revoke"}]},{"group":"Groups","pages":[{"title":"Create","description":null,"openapi":"POST /api/v1/groups","href":"/api-reference/endpoints/groups/create"},{"title":"Update","description":null,"openapi":"PATCH /api/v1/groups/{id}","href":"/api-reference/endpoints/groups/update"},{"title":"Delete","description":null,"openapi":"DELETE /api/v1/groups/{id}","href":"/api-reference/endpoints/groups/delete"},{"title":"Get Groups in Organization","description":null,"openapi":"GET /api/v1/groups","href":"/api-reference/endpoints/groups/get"},{"title":"Get By ID","description":null,"openapi":"GET /api/v1/groups/{id}","href":"/api-reference/endpoints/groups/get-by-id"},{"title":"Add Group User","description":null,"openapi":"POST /api/v1/groups/{id}/users/{username}","href":"/api-reference/endpoints/groups/add-group-user"},{"title":"Remove Group User","description":null,"openapi":"DELETE /api/v1/groups/{id}/users/{username}","href":"/api-reference/endpoints/groups/remove-group-user"},{"title":"List Group Users","description":null,"openapi":"GET /api/v1/groups/{id}/users","href":"/api-reference/endpoints/groups/list-group-users"}]},{"group":"Organizations","pages":[{"title":"Get User Memberships","description":"Return organization user memberships","openapi":"GET /api/v2/organizations/{organizationId}/memberships","href":"/api-reference/endpoints/organizations/memberships"},{"title":"Update User Membership","description":"Update organization user memberships","openapi":"PATCH /api/v2/organizations/{organizationId}/memberships/{membershipId}","href":"/api-reference/endpoints/organizations/update-membership"},{"title":"Delete User Membership","description":"Delete organization user memberships","openapi":"DELETE /api/v2/organizations/{organizationId}/memberships/{membershipId}","href":"/api-reference/endpoints/organizations/delete-membership"},{"title":"List Identity Memberships","description":"Return organization identity memberships","openapi":"GET /api/v2/organizations/{orgId}/identity-memberships","href":"/api-reference/endpoints/organizations/list-identity-memberships"},{"title":"Get Projects","description":"Return projects in organization that user is apart of","openapi":"GET /api/v2/organizations/{organizationId}/workspaces","href":"/api-reference/endpoints/organizations/workspaces"}]},{"group":"Projects","pages":[{"title":"Create Project","description":"Create a new project","openapi":"POST /api/v2/workspace","href":"/api-reference/endpoints/workspaces/create-workspace"},{"title":"Delete Project","description":"Delete project","openapi":"DELETE /api/v1/workspace/{workspaceId}","href":"/api-reference/endpoints/workspaces/delete-workspace"},{"title":"Get Project","description":"Get project","openapi":"GET /api/v1/workspace/{workspaceId}","href":"/api-reference/endpoints/workspaces/get-workspace"},{"title":"Update Project","description":"Update project","openapi":"PATCH /api/v1/workspace/{workspaceId}","href":"/api-reference/endpoints/workspaces/update-workspace"},{"title":"Get Snapshots","description":"Return project secret snapshots ids","openapi":"GET /api/v1/workspace/{workspaceId}/secret-snapshots","href":"/api-reference/endpoints/workspaces/secret-snapshots"},{"title":"Roll Back to Snapshot","description":"Roll back project secrets to those captured in a secret snapshot version.","openapi":"POST /api/v1/secret-snapshot/{secretSnapshotId}/rollback","href":"/api-reference/endpoints/workspaces/rollback-snapshot"}]},{"group":"Project Users","pages":[{"title":"Invite Member","description":"Invite members to project","openapi":"POST /api/v2/workspace/{projectId}/memberships","href":"/api-reference/endpoints/project-users/invite-member-to-workspace"},{"title":"Remove Member","description":"Remove members from project","openapi":"DELETE /api/v2/workspace/{projectId}/memberships","href":"/api-reference/endpoints/project-users/remove-member-from-workspace"},{"title":"Get User Memberships","description":"Return project user memberships","openapi":"GET /api/v1/workspace/{workspaceId}/memberships","href":"/api-reference/endpoints/project-users/memberships"},{"title":"Get By Username","description":"Return project user memberships","openapi":"POST /api/v1/workspace/{workspaceId}/memberships/details","href":"/api-reference/endpoints/project-users/get-by-username"},{"title":"Update User Membership","description":"Update project user membership","openapi":"PATCH /api/v1/workspace/{workspaceId}/memberships/{membershipId}","href":"/api-reference/endpoints/project-users/update-membership"}]},{"group":"Project Groups","pages":[{"title":"Create Project Membership","description":null,"openapi":"POST /api/v2/workspace/{projectId}/groups/{groupId}","href":"/api-reference/endpoints/project-groups/create"},{"title":"Delete Project Membership","description":"Remove group from project","openapi":"DELETE /api/v2/workspace/{projectId}/groups/{groupId}","href":"/api-reference/endpoints/project-groups/delete"},{"title":"Get Project Membership","description":"Return project group","openapi":"GET /api/v2/workspace/{projectId}/groups/{groupId}","href":"/api-reference/endpoints/project-groups/get-by-id"},{"title":"List Project Memberships","description":"Return list of groups in project","openapi":"GET /api/v2/workspace/{projectId}/groups","href":"/api-reference/endpoints/project-groups/list"},{"title":"Update Project Membership","description":"Update group in project","openapi":"PATCH /api/v2/workspace/{projectId}/groups/{groupId}","href":"/api-reference/endpoints/project-groups/update"}]},{"group":"Project Identities","pages":[{"title":"Create Identity Membership","description":"Create project identity membership","openapi":"POST /api/v2/workspace/{projectId}/identity-memberships/{identityId}","href":"/api-reference/endpoints/project-identities/add-identity-membership"},{"title":"List Identity Memberships","description":"Return project identity memberships","openapi":"GET /api/v2/workspace/{projectId}/identity-memberships","href":"/api-reference/endpoints/project-identities/list-identity-memberships"},{"title":"Get Identity by ID","description":"Return project identity membership","openapi":"GET /api/v2/workspace/{projectId}/identity-memberships/{identityId}","href":"/api-reference/endpoints/project-identities/get-by-id"},{"title":"Update Identity Membership","description":"Update project identity memberships","openapi":"PATCH /api/v2/workspace/{projectId}/identity-memberships/{identityId}","href":"/api-reference/endpoints/project-identities/update-identity-membership"},{"title":"Delete Identity Membership","description":"Delete project identity memberships","openapi":"DELETE /api/v2/workspace/{projectId}/identity-memberships/{identityId}","href":"/api-reference/endpoints/project-identities/delete-identity-membership"}]},{"group":"Project Roles","pages":[{"title":"Create","description":"Create a project role","openapi":"POST /api/v1/workspace/{projectSlug}/roles","href":"/api-reference/endpoints/project-roles/create"},{"title":"Update","description":"Update a project role","openapi":"PATCH /api/v1/workspace/{projectSlug}/roles/{roleId}","href":"/api-reference/endpoints/project-roles/update"},{"title":"Delete","description":"Delete a project role","openapi":"DELETE /api/v1/workspace/{projectSlug}/roles/{roleId}","href":"/api-reference/endpoints/project-roles/delete"},{"title":"Get By Slug","description":null,"openapi":"GET /api/v1/workspace/{projectSlug}/roles/slug/{slug}","href":"/api-reference/endpoints/project-roles/get-by-slug"},{"title":"List","description":"List project role","openapi":"GET /api/v1/workspace/{projectSlug}/roles","href":"/api-reference/endpoints/project-roles/list"}]},{"group":"Project Templates","pages":[{"title":"Create","description":"Create a project template.","openapi":"POST /api/v1/project-templates","href":"/api-reference/endpoints/project-templates/create"},{"title":"Update","description":"Update a project template.","openapi":"PATCH /api/v1/project-templates/{templateId}","href":"/api-reference/endpoints/project-templates/update"},{"title":"Delete","description":"Delete a project template.","openapi":"DELETE /api/v1/project-templates/{templateId}","href":"/api-reference/endpoints/project-templates/delete"},{"title":"Get By ID","description":"Get a project template by ID.","openapi":"GET /api/v1/project-templates/{templateId}","href":"/api-reference/endpoints/project-templates/get-by-id"},{"title":"List","description":"List project templates for the current organization.","openapi":"GET /api/v1/project-templates","href":"/api-reference/endpoints/project-templates/list"}]},{"group":"Environments","pages":[{"title":"Create","description":"Create environment","openapi":"POST /api/v1/workspace/{workspaceId}/environments","href":"/api-reference/endpoints/environments/create"},{"title":"Update","description":"Update environment","openapi":"PATCH /api/v1/workspace/{workspaceId}/environments/{id}","href":"/api-reference/endpoints/environments/update"},{"title":"Delete","description":"Delete environment","openapi":"DELETE /api/v1/workspace/{workspaceId}/environments/{id}","href":"/api-reference/endpoints/environments/delete"}]},{"group":"Folders","pages":[{"title":"List","description":"Get folders","openapi":"GET /api/v1/folders","href":"/api-reference/endpoints/folders/list"},{"title":"Get by ID","description":"Get folder by id","openapi":"GET /api/v1/folders/{id}","href":"/api-reference/endpoints/folders/get-by-id"},{"title":"Create","description":"Create folders","openapi":"POST /api/v1/folders","href":"/api-reference/endpoints/folders/create"},{"title":"Update","description":"Update folder","openapi":"PATCH /api/v1/folders/{folderId}","href":"/api-reference/endpoints/folders/update"},{"title":"Delete","description":"Delete a folder","openapi":"DELETE /api/v1/folders/{folderIdOrName}","href":"/api-reference/endpoints/folders/delete"}]},{"group":"Secret Tags","pages":[{"title":"List","description":null,"openapi":"GET /api/v1/workspace/{projectId}/tags","href":"/api-reference/endpoints/secret-tags/list"},{"title":"Get By ID","description":null,"openapi":"GET /api/v1/workspace/{projectId}/tags/{tagId}","href":"/api-reference/endpoints/secret-tags/get-by-id"},{"title":"Get By Slug","description":null,"openapi":"GET /api/v1/workspace/{projectId}/tags/slug/{tagSlug}","href":"/api-reference/endpoints/secret-tags/get-by-slug"},{"title":"Create","description":null,"openapi":"POST /api/v1/workspace/{projectId}/tags","href":"/api-reference/endpoints/secret-tags/create"},{"title":"Update","description":null,"openapi":"PATCH /api/v1/workspace/{projectId}/tags/{tagId}","href":"/api-reference/endpoints/secret-tags/update"},{"title":"Delete","description":null,"openapi":"DELETE /api/v1/workspace/{projectId}/tags/{tagId}","href":"/api-reference/endpoints/secret-tags/delete"}]},{"group":"Secrets","pages":[{"title":"List","description":"List secrets","openapi":"GET /api/v3/secrets/raw","href":"/api-reference/endpoints/secrets/list"},{"title":"Create","description":"Create secret","openapi":"POST /api/v3/secrets/raw/{secretName}","href":"/api-reference/endpoints/secrets/create"},{"title":"Retrieve","description":"Get a secret by name","openapi":"GET /api/v3/secrets/raw/{secretName}","href":"/api-reference/endpoints/secrets/read"},{"title":"Update","description":"Update secret","openapi":"PATCH /api/v3/secrets/raw/{secretName}","href":"/api-reference/endpoints/secrets/update"},{"title":"Delete","description":"Delete secret","openapi":"DELETE /api/v3/secrets/raw/{secretName}","href":"/api-reference/endpoints/secrets/delete"},{"title":"Bulk Create","description":"Create many secrets","openapi":"POST /api/v3/secrets/batch/raw","href":"/api-reference/endpoints/secrets/create-many"},{"title":"Bulk Update","description":"Update many secrets","openapi":"PATCH /api/v3/secrets/batch/raw","href":"/api-reference/endpoints/secrets/update-many"},{"title":"Bulk Delete","description":"Delete many secrets","openapi":"DELETE /api/v3/secrets/batch/raw","href":"/api-reference/endpoints/secrets/delete-many"},{"title":"Attach tags","description":"Attach tags to a secret","openapi":"POST /api/v3/secrets/tags/{secretName}","href":"/api-reference/endpoints/secrets/attach-tags"},{"title":"Detach tags","description":"Detach tags from a secret","openapi":"DELETE /api/v3/secrets/tags/{secretName}","href":"/api-reference/endpoints/secrets/detach-tags"}]},{"group":"Dynamic Secrets","pages":[{"title":"Create","description":null,"openapi":"POST /api/v1/dynamic-secrets","href":"/api-reference/endpoints/dynamic-secrets/create"},{"title":"Update","description":null,"openapi":"PATCH /api/v1/dynamic-secrets/{name}","href":"/api-reference/endpoints/dynamic-secrets/update"},{"title":"Delete","description":null,"openapi":"DELETE /api/v1/dynamic-secrets/{name}","href":"/api-reference/endpoints/dynamic-secrets/delete"},{"title":"Get","description":null,"openapi":"GET /api/v1/dynamic-secrets/{name}","href":"/api-reference/endpoints/dynamic-secrets/get"},{"title":"List","description":null,"openapi":"GET /api/v1/dynamic-secrets","href":"/api-reference/endpoints/dynamic-secrets/list"},{"title":"List Leases","description":null,"openapi":"GET /api/v1/dynamic-secrets/{name}/leases","href":"/api-reference/endpoints/dynamic-secrets/list-leases"},{"title":"Create Lease","description":null,"openapi":"POST /api/v1/dynamic-secrets/leases","href":"/api-reference/endpoints/dynamic-secrets/create-lease"},{"title":"Delete Lease","description":null,"openapi":"DELETE /api/v1/dynamic-secrets/leases/{leaseId}","href":"/api-reference/endpoints/dynamic-secrets/delete-lease"},{"title":"Renew Lease","description":null,"openapi":"POST /api/v1/dynamic-secrets/leases/{leaseId}/renew","href":"/api-reference/endpoints/dynamic-secrets/renew-lease"},{"title":"Get Lease","description":null,"openapi":"GET /api/v1/dynamic-secrets/leases/{leaseId}","href":"/api-reference/endpoints/dynamic-secrets/get-lease"}]},{"group":"Secret Imports","pages":[{"title":"List","description":"Get secret imports","openapi":"GET /api/v1/secret-imports","href":"/api-reference/endpoints/secret-imports/list"},{"title":"Create","description":"Create secret imports","openapi":"POST /api/v1/secret-imports","href":"/api-reference/endpoints/secret-imports/create"},{"title":"Update","description":"Update secret imports","openapi":"PATCH /api/v1/secret-imports/{secretImportId}","href":"/api-reference/endpoints/secret-imports/update"},{"title":"Delete","description":"Delete secret imports","openapi":"DELETE /api/v1/secret-imports/{secretImportId}","href":"/api-reference/endpoints/secret-imports/delete"}]},{"group":"Identity Specific Privilege","pages":[{"title":"Create Permanent","description":"Create a permanent or a non expiry specific privilege for identity.","openapi":"POST /api/v1/additional-privilege/identity/permanent","href":"/api-reference/endpoints/identity-specific-privilege/create-permanent"},{"title":"Create Temporary","description":"Create a temporary or a expiring specific privilege for identity.","openapi":"POST /api/v1/additional-privilege/identity/temporary","href":"/api-reference/endpoints/identity-specific-privilege/create-temporary"},{"title":"Update","description":"Update a specific privilege of an identity.","openapi":"PATCH /api/v1/additional-privilege/identity","href":"/api-reference/endpoints/identity-specific-privilege/update"},{"title":"Delete","description":"Delete a specific privilege of an identity.","openapi":"DELETE /api/v1/additional-privilege/identity","href":"/api-reference/endpoints/identity-specific-privilege/delete"},{"title":"Find By Privilege Slug","description":"Retrieve details of a specific privilege by privilege slug.","openapi":"GET /api/v1/additional-privilege/identity/{privilegeSlug}","href":"/api-reference/endpoints/identity-specific-privilege/find-by-slug"},{"title":"List","description":"List of a specific privilege of an identity in a project.","openapi":"GET /api/v1/additional-privilege/identity","href":"/api-reference/endpoints/identity-specific-privilege/list"}]},{"group":"App Connections","pages":[{"title":"List","description":"List all the App Connections for the current organization.","openapi":"GET /api/v1/app-connections","href":"/api-reference/endpoints/app-connections/list"},{"title":"Options","description":"List the available App Connection Options.","openapi":"GET /api/v1/app-connections/options","href":"/api-reference/endpoints/app-connections/options"},{"group":"AWS","pages":[{"title":"List","description":"List the AWS Connections for the current organization.","openapi":"GET /api/v1/app-connections/aws","href":"/api-reference/endpoints/app-connections/aws/list"},{"title":"Available","description":"List the AWS Connections the current user has permission to establish connections with.","openapi":"GET /api/v1/app-connections/aws/available","href":"/api-reference/endpoints/app-connections/aws/available"},{"title":"Get by ID","description":"Get the specified AWS Connection by ID.","openapi":"GET /api/v1/app-connections/aws/{connectionId}","href":"/api-reference/endpoints/app-connections/aws/get-by-id"},{"title":"Get by Name","description":"Get the specified AWS Connection by name.","openapi":"GET /api/v1/app-connections/aws/connection-name/{connectionName}","href":"/api-reference/endpoints/app-connections/aws/get-by-name"},{"title":"Create","description":"Create an AWS Connection for the current organization.","openapi":"POST /api/v1/app-connections/aws","href":"/api-reference/endpoints/app-connections/aws/create"},{"title":"Update","description":"Update the specified AWS Connection.","openapi":"PATCH /api/v1/app-connections/aws/{connectionId}","href":"/api-reference/endpoints/app-connections/aws/update"},{"title":"Delete","description":"Delete the specified AWS Connection.","openapi":"DELETE /api/v1/app-connections/aws/{connectionId}","href":"/api-reference/endpoints/app-connections/aws/delete"}]},{"group":"Azure App Configuration","pages":[{"title":"List","description":"List the Azure App Configuration Connections for the current organization.","openapi":"GET /api/v1/app-connections/azure-app-configuration","href":"/api-reference/endpoints/app-connections/azure-app-configuration/list"},{"title":"Available","description":"List the Azure App Configuration Connections the current user has permission to establish connections with.","openapi":"GET /api/v1/app-connections/azure-app-configuration/available","href":"/api-reference/endpoints/app-connections/azure-app-configuration/available"},{"title":"Get by ID","description":"Get the specified Azure App Configuration Connection by ID.","openapi":"GET /api/v1/app-connections/azure-app-configuration/{connectionId}","href":"/api-reference/endpoints/app-connections/azure-app-configuration/get-by-id"},{"title":"Get by Name","description":"Get the specified Azure App Configuration Connection by name.","openapi":"GET /api/v1/app-connections/azure-app-configuration/connection-name/{connectionName}","href":"/api-reference/endpoints/app-connections/azure-app-configuration/get-by-name"},{"title":"Create","description":"Create an Azure App Configuration Connection for the current organization.","openapi":"POST /api/v1/app-connections/azure-app-configuration","href":"/api-reference/endpoints/app-connections/azure-app-configuration/create"},{"title":"Update","description":"Update the specified Azure App Configuration Connection.","openapi":"PATCH /api/v1/app-connections/azure-app-configuration/{connectionId}","href":"/api-reference/endpoints/app-connections/azure-app-configuration/update"},{"title":"Delete","description":"Delete the specified Azure App Configuration Connection.","openapi":"DELETE /api/v1/app-connections/azure-app-configuration/{connectionId}","href":"/api-reference/endpoints/app-connections/azure-app-configuration/delete"}]},{"group":"Azure Key Vault","pages":[{"title":"List","description":"List the Azure Key Vault Connections for the current organization.","openapi":"GET /api/v1/app-connections/azure-key-vault","href":"/api-reference/endpoints/app-connections/azure-key-vault/list"},{"title":"Available","description":"List the Azure Key Vault Connections the current user has permission to establish connections with.","openapi":"GET /api/v1/app-connections/azure-key-vault/available","href":"/api-reference/endpoints/app-connections/azure-key-vault/available"},{"title":"Get by ID","description":"Get the specified Azure Key Vault Connection by ID.","openapi":"GET /api/v1/app-connections/azure-key-vault/{connectionId}","href":"/api-reference/endpoints/app-connections/azure-key-vault/get-by-id"},{"title":"Get by Name","description":"Get the specified Azure Key Vault Connection by name.","openapi":"GET /api/v1/app-connections/azure-key-vault/connection-name/{connectionName}","href":"/api-reference/endpoints/app-connections/azure-key-vault/get-by-name"},{"title":"Create","description":"Create an Azure Key Vault Connection for the current organization.","openapi":"POST /api/v1/app-connections/azure-key-vault","href":"/api-reference/endpoints/app-connections/azure-key-vault/create"},{"title":"Update","description":"Update the specified Azure Key Vault Connection.","openapi":"PATCH /api/v1/app-connections/azure-key-vault/{connectionId}","href":"/api-reference/endpoints/app-connections/azure-key-vault/update"},{"title":"Delete","description":"Delete the specified Azure Key Vault Connection.","openapi":"DELETE /api/v1/app-connections/azure-key-vault/{connectionId}","href":"/api-reference/endpoints/app-connections/azure-key-vault/delete"}]},{"group":"Databricks","pages":[{"title":"List","description":"List the Databricks Connections for the current organization.","openapi":"GET /api/v1/app-connections/databricks","href":"/api-reference/endpoints/app-connections/databricks/list"},{"title":"Available","description":"List the Databricks Connections the current user has permission to establish connections with.","openapi":"GET /api/v1/app-connections/databricks/available","href":"/api-reference/endpoints/app-connections/databricks/available"},{"title":"Get by ID","description":"Get the specified Databricks Connection by ID.","openapi":"GET /api/v1/app-connections/databricks/{connectionId}","href":"/api-reference/endpoints/app-connections/databricks/get-by-id"},{"title":"Get by Name","description":"Get the specified Databricks Connection by name.","openapi":"GET /api/v1/app-connections/databricks/connection-name/{connectionName}","href":"/api-reference/endpoints/app-connections/databricks/get-by-name"},{"title":"Create","description":"Create a Databricks Connection for the current organization.","openapi":"POST /api/v1/app-connections/databricks","href":"/api-reference/endpoints/app-connections/databricks/create"},{"title":"Update","description":"Update the specified Databricks Connection.","openapi":"PATCH /api/v1/app-connections/databricks/{connectionId}","href":"/api-reference/endpoints/app-connections/databricks/update"},{"title":"Delete","description":"Delete the specified Databricks Connection.","openapi":"DELETE /api/v1/app-connections/databricks/{connectionId}","href":"/api-reference/endpoints/app-connections/databricks/delete"}]},{"group":"GCP","pages":[{"title":"List","description":"List the GCP Connections for the current organization.","openapi":"GET /api/v1/app-connections/gcp","href":"/api-reference/endpoints/app-connections/gcp/list"},{"title":"Available","description":"List the GCP Connections the current user has permission to establish connections with.","openapi":"GET /api/v1/app-connections/gcp/available","href":"/api-reference/endpoints/app-connections/gcp/available"},{"title":"Get by ID","description":"Get the specified GCP Connection by ID.","openapi":"GET /api/v1/app-connections/gcp/{connectionId}","href":"/api-reference/endpoints/app-connections/gcp/get-by-id"},{"title":"Get by Name","description":"Get the specified GCP Connection by name.","openapi":"GET /api/v1/app-connections/gcp/connection-name/{connectionName}","href":"/api-reference/endpoints/app-connections/gcp/get-by-name"},{"title":"Create","description":"Create a GCP Connection for the current organization.","openapi":"POST /api/v1/app-connections/gcp","href":"/api-reference/endpoints/app-connections/gcp/create"},{"title":"Update","description":"Update the specified GCP Connection.","openapi":"PATCH /api/v1/app-connections/gcp/{connectionId}","href":"/api-reference/endpoints/app-connections/gcp/update"},{"title":"Delete","description":"Delete the specified GCP Connection.","openapi":"DELETE /api/v1/app-connections/gcp/{connectionId}","href":"/api-reference/endpoints/app-connections/gcp/delete"}]},{"group":"GitHub","pages":[{"title":"List","description":"List the GitHub Connections for the current organization.","openapi":"GET /api/v1/app-connections/github","href":"/api-reference/endpoints/app-connections/github/list"},{"title":"Available","description":"List the GitHub Connections the current user has permission to establish connections with.","openapi":"GET /api/v1/app-connections/github/available","href":"/api-reference/endpoints/app-connections/github/available"},{"title":"Get by ID","description":"Get the specified GitHub Connection by ID.","openapi":"GET /api/v1/app-connections/github/{connectionId}","href":"/api-reference/endpoints/app-connections/github/get-by-id"},{"title":"Get by Name","description":"Get the specified GitHub Connection by name.","openapi":"GET /api/v1/app-connections/github/connection-name/{connectionName}","href":"/api-reference/endpoints/app-connections/github/get-by-name"},{"title":"Create","description":"Create a GitHub Connection for the current organization.","openapi":"POST /api/v1/app-connections/github","href":"/api-reference/endpoints/app-connections/github/create"},{"title":"Update","description":"Update the specified GitHub Connection.","openapi":"PATCH /api/v1/app-connections/github/{connectionId}","href":"/api-reference/endpoints/app-connections/github/update"},{"title":"Delete","description":"Delete the specified GitHub Connection.","openapi":"DELETE /api/v1/app-connections/github/{connectionId}","href":"/api-reference/endpoints/app-connections/github/delete"}]}]},{"group":"Secret Syncs","pages":[{"title":"List","description":"List all the Secret Syncs for the specified project.","openapi":"GET /api/v1/secret-syncs","href":"/api-reference/endpoints/secret-syncs/list"},{"title":"Options","description":"List the available Secret Sync Options.","openapi":"GET /api/v1/secret-syncs/options","href":"/api-reference/endpoints/secret-syncs/options"},{"group":"AWS Parameter Store","pages":[{"title":"List","description":"List the AWS Parameter Store Syncs for the specified project.","openapi":"GET /api/v1/secret-syncs/aws-parameter-store","href":"/api-reference/endpoints/secret-syncs/aws-parameter-store/list"},{"title":"Get by ID","description":"Get the specified AWS Parameter Store Sync by ID.","openapi":"GET /api/v1/secret-syncs/aws-parameter-store/{syncId}","href":"/api-reference/endpoints/secret-syncs/aws-parameter-store/get-by-id"},{"title":"Get by Name","description":"Get the specified AWS Parameter Store Sync by name and project ID.","openapi":"GET /api/v1/secret-syncs/aws-parameter-store/sync-name/{syncName}","href":"/api-reference/endpoints/secret-syncs/aws-parameter-store/get-by-name"},{"title":"Create","description":"Create an AWS Parameter Store Sync for the specified project environment.","openapi":"POST /api/v1/secret-syncs/aws-parameter-store","href":"/api-reference/endpoints/secret-syncs/aws-parameter-store/create"},{"title":"Update","description":"Update the specified AWS Parameter Store Sync.","openapi":"PATCH /api/v1/secret-syncs/aws-parameter-store/{syncId}","href":"/api-reference/endpoints/secret-syncs/aws-parameter-store/update"},{"title":"Delete","description":"Delete the specified AWS Parameter Store Sync.","openapi":"DELETE /api/v1/secret-syncs/aws-parameter-store/{syncId}","href":"/api-reference/endpoints/secret-syncs/aws-parameter-store/delete"},{"title":"Sync Secrets","description":"Trigger a sync for the specified AWS Parameter Store Sync.","openapi":"POST /api/v1/secret-syncs/aws-parameter-store/{syncId}/sync-secrets","href":"/api-reference/endpoints/secret-syncs/aws-parameter-store/sync-secrets"},{"title":"Import Secrets","description":"Import secrets from the specified AWS Parameter Store Sync destination.","openapi":"POST /api/v1/secret-syncs/aws-parameter-store/{syncId}/import-secrets","href":"/api-reference/endpoints/secret-syncs/aws-parameter-store/import-secrets"},{"title":"Remove Secrets","description":"Remove previously synced secrets from the specified AWS Parameter Store Sync destination.","openapi":"POST /api/v1/secret-syncs/aws-parameter-store/{syncId}/remove-secrets","href":"/api-reference/endpoints/secret-syncs/aws-parameter-store/remove-secrets"}]},{"group":"AWS Secrets Manager","pages":[{"title":"List","description":"List the AWS Secrets Manager Syncs for the specified project.","openapi":"GET /api/v1/secret-syncs/aws-secrets-manager","href":"/api-reference/endpoints/secret-syncs/aws-secrets-manager/list"},{"title":"Get by ID","description":"Get the specified AWS Secrets Manager Sync by ID.","openapi":"GET /api/v1/secret-syncs/aws-secrets-manager/{syncId}","href":"/api-reference/endpoints/secret-syncs/aws-secrets-manager/get-by-id"},{"title":"Get by Name","description":"Get the specified AWS Secrets Manager Sync by name and project ID.","openapi":"GET /api/v1/secret-syncs/aws-secrets-manager/sync-name/{syncName}","href":"/api-reference/endpoints/secret-syncs/aws-secrets-manager/get-by-name"},{"title":"Create","description":"Create an AWS Secrets Manager Sync for the specified project environment.","openapi":"POST /api/v1/secret-syncs/aws-secrets-manager","href":"/api-reference/endpoints/secret-syncs/aws-secrets-manager/create"},{"title":"Update","description":"Update the specified AWS Secrets Manager Sync.","openapi":"PATCH /api/v1/secret-syncs/aws-secrets-manager/{syncId}","href":"/api-reference/endpoints/secret-syncs/aws-secrets-manager/update"},{"title":"Delete","description":"Delete the specified AWS Secrets Manager Sync.","openapi":"DELETE /api/v1/secret-syncs/aws-secrets-manager/{syncId}","href":"/api-reference/endpoints/secret-syncs/aws-secrets-manager/delete"},{"title":"Sync Secrets","description":"Trigger a sync for the specified AWS Secrets Manager Sync.","openapi":"POST /api/v1/secret-syncs/aws-secrets-manager/{syncId}/sync-secrets","href":"/api-reference/endpoints/secret-syncs/aws-secrets-manager/sync-secrets"},{"title":"Import Secrets","description":"Import secrets from the specified AWS Secrets Manager Sync destination.","openapi":"POST /api/v1/secret-syncs/aws-secrets-manager/{syncId}/import-secrets","href":"/api-reference/endpoints/secret-syncs/aws-secrets-manager/import-secrets"},{"title":"Remove Secrets","description":"Remove previously synced secrets from the specified AWS Secrets Manager Sync destination.","openapi":"POST /api/v1/secret-syncs/aws-secrets-manager/{syncId}/remove-secrets","href":"/api-reference/endpoints/secret-syncs/aws-secrets-manager/remove-secrets"}]},{"group":"Azure App Configuration","pages":[{"title":"List","description":"List the Azure App Configuration Syncs for the specified project.","openapi":"GET /api/v1/secret-syncs/azure-app-configuration","href":"/api-reference/endpoints/secret-syncs/azure-app-configuration/list"},{"title":"Get by ID","description":"Get the specified Azure App Configuration Sync by ID.","openapi":"GET /api/v1/secret-syncs/azure-app-configuration/{syncId}","href":"/api-reference/endpoints/secret-syncs/azure-app-configuration/get-by-id"},{"title":"Get by Name","description":"Get the specified Azure App Configuration Sync by name and project ID.","openapi":"GET /api/v1/secret-syncs/azure-app-configuration/sync-name/{syncName}","href":"/api-reference/endpoints/secret-syncs/azure-app-configuration/get-by-name"},{"title":"Create","description":"Create an Azure App Configuration Sync for the specified project environment.","openapi":"POST /api/v1/secret-syncs/azure-app-configuration","href":"/api-reference/endpoints/secret-syncs/azure-app-configuration/create"},{"title":"Update","description":"Update the specified Azure App Configuration Sync.","openapi":"PATCH /api/v1/secret-syncs/azure-app-configuration/{syncId}","href":"/api-reference/endpoints/secret-syncs/azure-app-configuration/update"},{"title":"Delete","description":"Delete the specified Azure App Configuration Sync.","openapi":"DELETE /api/v1/secret-syncs/azure-app-configuration/{syncId}","href":"/api-reference/endpoints/secret-syncs/azure-app-configuration/delete"},{"title":"Sync Secrets","description":"Trigger a sync for the specified Azure App Configuration Sync.","openapi":"POST /api/v1/secret-syncs/azure-app-configuration/{syncId}/sync-secrets","href":"/api-reference/endpoints/secret-syncs/azure-app-configuration/sync-secrets"},{"title":"Import Secrets","description":"Import secrets from the specified Azure App Configuration Sync destination.","openapi":"POST /api/v1/secret-syncs/azure-app-configuration/{syncId}/import-secrets","href":"/api-reference/endpoints/secret-syncs/azure-app-configuration/import-secrets"},{"title":"Remove Secrets","description":"Remove previously synced secrets from the specified Azure App Configuration Sync destination.","openapi":"POST /api/v1/secret-syncs/azure-app-configuration/{syncId}/remove-secrets","href":"/api-reference/endpoints/secret-syncs/azure-app-configuration/remove-secrets"}]},{"group":"Azure Key Vault","pages":[{"title":"List","description":"List the Azure Key Vault Syncs for the specified project.","openapi":"GET /api/v1/secret-syncs/azure-key-vault","href":"/api-reference/endpoints/secret-syncs/azure-key-vault/list"},{"title":"Get by ID","description":"Get the specified Azure Key Vault Sync by ID.","openapi":"GET /api/v1/secret-syncs/azure-key-vault/{syncId}","href":"/api-reference/endpoints/secret-syncs/azure-key-vault/get-by-id"},{"title":"Get by Name","description":"Get the specified Azure Key Vault Sync by name and project ID.","openapi":"GET /api/v1/secret-syncs/azure-key-vault/sync-name/{syncName}","href":"/api-reference/endpoints/secret-syncs/azure-key-vault/get-by-name"},{"title":"Create","description":"Create an Azure Key Vault Sync for the specified project environment.","openapi":"POST /api/v1/secret-syncs/azure-key-vault","href":"/api-reference/endpoints/secret-syncs/azure-key-vault/create"},{"title":"Update","description":"Update the specified Azure Key Vault Sync.","openapi":"PATCH /api/v1/secret-syncs/azure-key-vault/{syncId}","href":"/api-reference/endpoints/secret-syncs/azure-key-vault/update"},{"title":"Delete","description":"Delete the specified Azure Key Vault Sync.","openapi":"DELETE /api/v1/secret-syncs/azure-key-vault/{syncId}","href":"/api-reference/endpoints/secret-syncs/azure-key-vault/delete"},{"title":"Sync Secrets","description":"Trigger a sync for the specified Azure Key Vault Sync.","openapi":"POST /api/v1/secret-syncs/azure-key-vault/{syncId}/sync-secrets","href":"/api-reference/endpoints/secret-syncs/azure-key-vault/sync-secrets"},{"title":"Import Secrets","description":"Import secrets from the specified Azure Key Vault Sync destination.","openapi":"POST /api/v1/secret-syncs/azure-key-vault/{syncId}/import-secrets","href":"/api-reference/endpoints/secret-syncs/azure-key-vault/import-secrets"},{"title":"Remove Secrets","description":"Remove previously synced secrets from the specified Azure Key Vault Sync destination.","openapi":"POST /api/v1/secret-syncs/azure-key-vault/{syncId}/remove-secrets","href":"/api-reference/endpoints/secret-syncs/azure-key-vault/remove-secrets"}]},{"group":"Databricks","pages":[{"title":"List","description":"List the Databricks Syncs for the specified project.","openapi":"GET /api/v1/secret-syncs/databricks","href":"/api-reference/endpoints/secret-syncs/databricks/list"},{"title":"Get by ID","description":"Get the specified Databricks Sync by ID.","openapi":"GET /api/v1/secret-syncs/databricks/{syncId}","href":"/api-reference/endpoints/secret-syncs/databricks/get-by-id"},{"title":"Get by Name","description":"Get the specified Databricks Sync by name and project ID.","openapi":"GET /api/v1/secret-syncs/databricks/sync-name/{syncName}","href":"/api-reference/endpoints/secret-syncs/databricks/get-by-name"},{"title":"Create","description":"Create a Databricks Sync for the specified project environment.","openapi":"POST /api/v1/secret-syncs/databricks","href":"/api-reference/endpoints/secret-syncs/databricks/create"},{"title":"Update","description":"Update the specified Databricks Sync.","openapi":"PATCH /api/v1/secret-syncs/databricks/{syncId}","href":"/api-reference/endpoints/secret-syncs/databricks/update"},{"title":"Delete","description":"Delete the specified Databricks Sync.","openapi":"DELETE /api/v1/secret-syncs/databricks/{syncId}","href":"/api-reference/endpoints/secret-syncs/databricks/delete"},{"title":"Sync Secrets","description":"Trigger a sync for the specified Databricks Sync.","openapi":"POST /api/v1/secret-syncs/databricks/{syncId}/sync-secrets","href":"/api-reference/endpoints/secret-syncs/databricks/sync-secrets"},{"title":"Remove Secrets","description":"Remove previously synced secrets from the specified Databricks Sync destination.","openapi":"POST /api/v1/secret-syncs/databricks/{syncId}/remove-secrets","href":"/api-reference/endpoints/secret-syncs/databricks/remove-secrets"}]},{"group":"GCP Secret Manager","pages":[{"title":"List","description":"List the GCP Secret Manager Syncs for the specified project.","openapi":"GET /api/v1/secret-syncs/gcp-secret-manager","href":"/api-reference/endpoints/secret-syncs/gcp-secret-manager/list"},{"title":"Get by ID","description":"Get the specified GCP Secret Manager Sync by ID.","openapi":"GET /api/v1/secret-syncs/gcp-secret-manager/{syncId}","href":"/api-reference/endpoints/secret-syncs/gcp-secret-manager/get-by-id"},{"title":"Get by Name","description":"Get the specified GCP Secret Manager Sync by name and project ID.","openapi":"GET /api/v1/secret-syncs/gcp-secret-manager/sync-name/{syncName}","href":"/api-reference/endpoints/secret-syncs/gcp-secret-manager/get-by-name"},{"title":"Create","description":"Create a GCP Secret Manager Sync for the specified project environment.","openapi":"POST /api/v1/secret-syncs/gcp-secret-manager","href":"/api-reference/endpoints/secret-syncs/gcp-secret-manager/create"},{"title":"Update","description":"Update the specified GCP Secret Manager Sync.","openapi":"PATCH /api/v1/secret-syncs/gcp-secret-manager/{syncId}","href":"/api-reference/endpoints/secret-syncs/gcp-secret-manager/update"},{"title":"Delete","description":"Delete the specified GCP Secret Manager Sync.","openapi":"DELETE /api/v1/secret-syncs/gcp-secret-manager/{syncId}","href":"/api-reference/endpoints/secret-syncs/gcp-secret-manager/delete"},{"title":"Sync Secrets","description":"Trigger a sync for the specified GCP Secret Manager Sync.","openapi":"POST /api/v1/secret-syncs/gcp-secret-manager/{syncId}/sync-secrets","href":"/api-reference/endpoints/secret-syncs/gcp-secret-manager/sync-secrets"},{"title":"Import Secrets","description":"Import secrets from the specified GCP Secret Manager Sync destination.","openapi":"POST /api/v1/secret-syncs/gcp-secret-manager/{syncId}/import-secrets","href":"/api-reference/endpoints/secret-syncs/gcp-secret-manager/import-secrets"},{"title":"Remove Secrets","description":"Remove previously synced secrets from the specified GCP Secret Manager Sync destination.","openapi":"POST /api/v1/secret-syncs/gcp-secret-manager/{syncId}/remove-secrets","href":"/api-reference/endpoints/secret-syncs/gcp-secret-manager/remove-secrets"}]},{"group":"GitHub","pages":[{"title":"List","description":"List the GitHub Syncs for the specified project.","openapi":"GET /api/v1/secret-syncs/github","href":"/api-reference/endpoints/secret-syncs/github/list"},{"title":"Get by ID","description":"Get the specified GitHub Sync by ID.","openapi":"GET /api/v1/secret-syncs/github/{syncId}","href":"/api-reference/endpoints/secret-syncs/github/get-by-id"},{"title":"Get by Name","description":"Get the specified GitHub Sync by name and project ID.","openapi":"GET /api/v1/secret-syncs/github/sync-name/{syncName}","href":"/api-reference/endpoints/secret-syncs/github/get-by-name"},{"title":"Create","description":"Create a GitHub Sync for the specified project environment.","openapi":"POST /api/v1/secret-syncs/github","href":"/api-reference/endpoints/secret-syncs/github/create"},{"title":"Update","description":"Update the specified GitHub Sync.","openapi":"PATCH /api/v1/secret-syncs/github/{syncId}","href":"/api-reference/endpoints/secret-syncs/github/update"},{"title":"Delete","description":"Delete the specified GitHub Sync.","openapi":"DELETE /api/v1/secret-syncs/github/{syncId}","href":"/api-reference/endpoints/secret-syncs/github/delete"},{"title":"Sync Secrets","description":"Trigger a sync for the specified GitHub Sync.","openapi":"POST /api/v1/secret-syncs/github/{syncId}/sync-secrets","href":"/api-reference/endpoints/secret-syncs/github/sync-secrets"},{"title":"Remove Secrets","description":"Remove previously synced secrets from the specified GitHub Sync destination.","openapi":"POST /api/v1/secret-syncs/github/{syncId}/remove-secrets","href":"/api-reference/endpoints/secret-syncs/github/remove-secrets"}]}]},{"group":"Integrations","pages":[{"title":"Create Auth","description":"Create the integration authentication object required for syncing secrets.","openapi":"POST /api/v1/integration-auth/access-token","href":"/api-reference/endpoints/integrations/create-auth"},{"title":"List Auth","description":"List integration auth objects for a workspace.","openapi":"GET /api/v1/workspace/{workspaceId}/authorizations","href":"/api-reference/endpoints/integrations/list-auth"},{"title":"Get Auth By ID","description":"Get details of an integration authorization by auth object id.","openapi":"GET /api/v1/integration-auth/{integrationAuthId}","href":"/api-reference/endpoints/integrations/find-auth"},{"title":"Delete Auth","description":"Remove all integration's auth object from the project.","openapi":"DELETE /api/v1/integration-auth","href":"/api-reference/endpoints/integrations/delete-auth"},{"title":"Delete Auth By ID","description":"Remove an integration auth object by object id.","openapi":"DELETE /api/v1/integration-auth/{integrationAuthId}","href":"/api-reference/endpoints/integrations/delete-auth-by-id"},{"title":"Create","description":"Create an integration to sync secrets.","openapi":"POST /api/v1/integration","href":"/api-reference/endpoints/integrations/create"},{"title":"Update","description":"Update an integration by integration id","openapi":"PATCH /api/v1/integration/{integrationId}","href":"/api-reference/endpoints/integrations/update"},{"title":"Delete","description":"Remove an integration using the integration object ID","openapi":"DELETE /api/v1/integration/{integrationId}","href":"/api-reference/endpoints/integrations/delete"},{"title":"List Project Integrations","description":"List integrations for a project.","openapi":"GET /api/v1/workspace/{workspaceId}/integrations","href":"/api-reference/endpoints/integrations/list-project-integrations"}]},{"group":"Service Tokens","pages":[{"title":"Get","description":"Return Infisical Token data","openapi":"GET /api/v2/service-token","href":"/api-reference/endpoints/service-tokens/get"}]},{"group":"Audit Logs","pages":[{"title":"Export","description":"Get all audit logs for an organization","openapi":"GET /api/v1/organization/audit-logs","href":"/api-reference/endpoints/audit-logs/export-audit-log"}]}]},{"group":"Infisical PKI","pages":[{"group":"Certificate Authorities","pages":[{"title":"List","description":null,"openapi":"GET /api/v2/workspace/{slug}/cas","href":"/api-reference/endpoints/certificate-authorities/list"},{"title":"Create","description":"Create CA","openapi":"POST /api/v1/pki/ca","href":"/api-reference/endpoints/certificate-authorities/create"},{"title":"Retrieve","description":"Get CA","openapi":"GET /api/v1/pki/ca/{caId}","href":"/api-reference/endpoints/certificate-authorities/read"},{"title":"Update","description":"Update CA","openapi":"PATCH /api/v1/pki/ca/{caId}","href":"/api-reference/endpoints/certificate-authorities/update"},{"title":"Delete","description":"Delete CA","openapi":"DELETE /api/v1/pki/ca/{caId}","href":"/api-reference/endpoints/certificate-authorities/delete"},{"title":"Renew","description":"Perform CA certificate renewal","openapi":"POST /api/v1/pki/ca/{caId}/renew","href":"/api-reference/endpoints/certificate-authorities/renew"},{"title":"List CA certificates","description":"Get list of past and current CA certificates for a CA","openapi":"GET /api/v1/pki/ca/{caId}/ca-certificates","href":"/api-reference/endpoints/certificate-authorities/list-ca-certs"},{"title":"Get CSR","description":"Get CA CSR","openapi":"GET /api/v1/pki/ca/{caId}/csr","href":"/api-reference/endpoints/certificate-authorities/csr"},{"title":"Retrieve certificate / chain","description":"Get current CA cert and cert chain of a CA","openapi":"GET /api/v1/pki/ca/{caId}/certificate","href":"/api-reference/endpoints/certificate-authorities/cert"},{"title":"Sign intermediate certificate","description":"Create intermediate CA certificate from parent CA","openapi":"POST /api/v1/pki/ca/{caId}/sign-intermediate","href":"/api-reference/endpoints/certificate-authorities/sign-intermediate"},{"title":"Import certificate","description":"Import certificate and chain to CA","openapi":"POST /api/v1/pki/ca/{caId}/import-certificate","href":"/api-reference/endpoints/certificate-authorities/import-cert"},{"title":"Issue certificate","description":"Issue certificate from CA","openapi":"POST /api/v1/pki/ca/{caId}/issue-certificate","href":"/api-reference/endpoints/certificate-authorities/issue-cert"},{"title":"Sign certificate","description":"Sign certificate from CA","openapi":"POST /api/v1/pki/ca/{caId}/sign-certificate","href":"/api-reference/endpoints/certificate-authorities/sign-cert"},{"title":"List CRLs","description":"Get list of CRLs of the CA","openapi":"GET /api/v1/pki/ca/{caId}/crls","href":"/api-reference/endpoints/certificate-authorities/crl"}]},{"group":"Certificates","pages":[{"title":"List","description":null,"openapi":"GET /api/v2/workspace/{slug}/certificates","href":"/api-reference/endpoints/certificates/list"},{"title":"Retrieve","description":"Get certificate","openapi":"GET /api/v1/pki/certificates/{serialNumber}","href":"/api-reference/endpoints/certificates/read"},{"title":"Revoke","description":"Revoke","openapi":"POST /api/v1/pki/certificates/{serialNumber}/revoke","href":"/api-reference/endpoints/certificates/revoke"},{"title":"Delete","description":"Delete certificate","openapi":"DELETE /api/v1/pki/certificates/{serialNumber}","href":"/api-reference/endpoints/certificates/delete"},{"title":"Get Certificate Body / Chain","description":"Get certificate body of certificate","openapi":"GET /api/v1/pki/certificates/{serialNumber}/certificate","href":"/api-reference/endpoints/certificates/cert-body"},{"title":"Issue Certificate","description":"Issue certificate","openapi":"POST /api/v1/pki/certificates/issue-certificate","href":"/api-reference/endpoints/certificates/issue-certificate"},{"title":"Sign Certificate","description":"Sign certificate","openapi":"POST /api/v1/pki/certificates/sign-certificate","href":"/api-reference/endpoints/certificates/sign-certificate"}]},{"group":"Certificate Templates","pages":[{"title":"Create","description":null,"openapi":"POST /api/v1/pki/certificate-templates","href":"/api-reference/endpoints/certificate-templates/create"},{"title":"Update","description":null,"openapi":"PATCH /api/v1/pki/certificate-templates/{certificateTemplateId}","href":"/api-reference/endpoints/certificate-templates/update"},{"title":"Get by ID","description":null,"openapi":"GET /api/v1/pki/certificate-templates/{certificateTemplateId}","href":"/api-reference/endpoints/certificate-templates/get-by-id"},{"title":"Delete","description":null,"openapi":"DELETE /api/v1/pki/certificate-templates/{certificateTemplateId}","href":"/api-reference/endpoints/certificate-templates/delete"}]},{"group":"Certificate Collections","pages":[{"title":"Create","description":"Create PKI collection","openapi":"POST /api/v1/pki/collections","href":"/api-reference/endpoints/pki-collections/create"},{"title":"Retrieve","description":"Get PKI collection","openapi":"GET /api/v1/pki/collections/{collectionId}","href":"/api-reference/endpoints/pki-collections/read"},{"title":"Update","description":"Update PKI collection","openapi":"PATCH /api/v1/pki/collections/{collectionId}","href":"/api-reference/endpoints/pki-collections/update"},{"title":"Delete","description":"Delete PKI collection","openapi":"DELETE /api/v1/pki/collections/{collectionId}","href":"/api-reference/endpoints/pki-collections/delete"},{"title":"Add Collection Item","description":"Add item to PKI collection","openapi":"POST /api/v1/pki/collections/{collectionId}/items","href":"/api-reference/endpoints/pki-collections/add-item"},{"title":"Retrieve","description":"Get items in PKI collection","openapi":"GET /api/v1/pki/collections/{collectionId}/items","href":"/api-reference/endpoints/pki-collections/list-items"},{"title":"Delete Collection Item","description":"Remove item from PKI collection","openapi":"DELETE /api/v1/pki/collections/{collectionId}/items/{collectionItemId}","href":"/api-reference/endpoints/pki-collections/delete-item"}]},{"group":"PKI Alerting","pages":[{"title":"Create","description":"Create PKI alert","openapi":"POST /api/v1/pki/alerts","href":"/api-reference/endpoints/pki-alerts/create"},{"title":"Retrieve","description":"Get PKI alert","openapi":"GET /api/v1/pki/alerts/{alertId}","href":"/api-reference/endpoints/pki-alerts/read"},{"title":"Update","description":"Update PKI alert","openapi":"PATCH /api/v1/pki/alerts/{alertId}","href":"/api-reference/endpoints/pki-alerts/update"},{"title":"Delete","description":"Delete PKI alert","openapi":"DELETE /api/v1/pki/alerts/{alertId}","href":"/api-reference/endpoints/pki-alerts/delete"}]}]},{"group":"Infisical SSH","pages":[{"group":"Certificates","pages":[{"title":"Issue SSH Credentials","description":"Issue SSH credentials (certificate + key)","openapi":"POST /api/v1/ssh/certificates/issue","href":"/api-reference/endpoints/ssh/certificates/issue-credentials"},{"title":"Sign SSH Public Key","description":"Sign SSH public key","openapi":"POST /api/v1/ssh/certificates/sign","href":"/api-reference/endpoints/ssh/certificates/sign-key"}]},{"group":"Certificate Authorities","pages":[{"title":"List","description":null,"openapi":"GET /api/v2/workspace/{projectId}/ssh-cas","href":"/api-reference/endpoints/ssh/ca/list"},{"title":"Create","description":"Create SSH CA","openapi":"POST /api/v1/ssh/ca","href":"/api-reference/endpoints/ssh/ca/create"},{"title":"Retrieve","description":"Get SSH CA","openapi":"GET /api/v1/ssh/ca/{sshCaId}","href":"/api-reference/endpoints/ssh/ca/read"},{"title":"Update","description":"Update SSH CA","openapi":"PATCH /api/v1/ssh/ca/{sshCaId}","href":"/api-reference/endpoints/ssh/ca/update"},{"title":"Delete","description":"Delete SSH CA","openapi":"DELETE /api/v1/ssh/ca/{sshCaId}","href":"/api-reference/endpoints/ssh/ca/delete"},{"title":"Retrieve public key","description":"Get public key of SSH CA","openapi":"GET /api/v1/ssh/ca/{sshCaId}/public-key","href":"/api-reference/endpoints/ssh/ca/public-key"},{"title":"List templates","description":"Get list of certificate templates for the SSH CA","openapi":"GET /api/v1/ssh/ca/{sshCaId}/certificate-templates","href":"/api-reference/endpoints/ssh/ca/list-certificate-templates"}]},{"group":"Certificate Templates","pages":[{"title":"List","description":null,"openapi":"GET /api/v2/workspace/{projectId}/ssh-certificate-templates","href":"/api-reference/endpoints/ssh/certificate-templates/list"},{"title":"Create","description":null,"openapi":"POST /api/v1/ssh/certificate-templates","href":"/api-reference/endpoints/ssh/certificate-templates/create"},{"title":"Retrieve","description":null,"openapi":"GET /api/v1/ssh/certificate-templates/{certificateTemplateId}","href":"/api-reference/endpoints/ssh/certificate-templates/read"},{"title":"Update","description":null,"openapi":"PATCH /api/v1/ssh/certificate-templates/{certificateTemplateId}","href":"/api-reference/endpoints/ssh/certificate-templates/update"},{"title":"Delete","description":null,"openapi":"DELETE /api/v1/ssh/certificate-templates/{certificateTemplateId}","href":"/api-reference/endpoints/ssh/certificate-templates/delete"}]}]},{"group":"Infisical KMS","pages":[{"group":"Keys","pages":[{"title":"List Keys","description":"List KMS keys","openapi":"Get /api/v1/kms/keys","href":"/api-reference/endpoints/kms/keys/list"},{"title":"Get Key by ID","description":"Get KMS key by ID","openapi":"Get /api/v1/kms/keys/{keyId}","href":"/api-reference/endpoints/kms/keys/get-by-id"},{"title":"Get Key by Name","description":"Get KMS key by Name","openapi":"Get /api/v1/kms/keys/key-name/{keyName}","href":"/api-reference/endpoints/kms/keys/get-by-name"},{"title":"Create Key","description":"Create KMS key","openapi":"POST /api/v1/kms/keys","href":"/api-reference/endpoints/kms/keys/create"},{"title":"Update Key","description":"Update KMS key","openapi":"PATCH /api/v1/kms/keys/{keyId}","href":"/api-reference/endpoints/kms/keys/update"},{"title":"Delete Key","description":"Delete KMS key","openapi":"DELETE /api/v1/kms/keys/{keyId}","href":"/api-reference/endpoints/kms/keys/delete"},{"title":"Encrypt Data","description":"Encrypt data with KMS key","openapi":"POST /api/v1/kms/keys/{keyId}/encrypt","href":"/api-reference/endpoints/kms/keys/encrypt"},{"title":"Decrypt Data","description":"Decrypt data with KMS key","openapi":"POST /api/v1/kms/keys/{keyId}/decrypt","href":"/api-reference/endpoints/kms/keys/decrypt"}]}]},{"group":"Internals","pages":[{"title":"Overview","description":"Read how Infisical works under the hood.","href":"/internals/overview"},{"title":"Permissions","description":"Infisical's permissions system provides granular access control.","href":"/internals/permissions"},{"title":"Components","description":"Understand Infisical's core architectural components and how they work together.","href":"/internals/components"},{"title":"Security","description":"Infisical's security model includes many considerations and initiatives.","href":"/internals/security"},{"title":"Service tokens","description":"Understanding service tokens and their best practices.","href":"/internals/service-tokens"}]},{"group":"","pages":[{"title":"Changelog","description":null,"href":"/changelog/overview"}]},{"group":"Contributing","pages":[{"group":"Getting Started","pages":[{"title":"Overview","description":"Contributing to the Infisical ecosystem.","href":"/contributing/getting-started/overview"},{"title":"Code of Conduct","description":"What you should know before contributing to Infisical?","href":"/contributing/getting-started/code-of-conduct"},{"title":"Pull requests","description":"This guide walks through the code submission process for Infisical.","href":"/contributing/getting-started/pull-requests"},{"title":"FAQ","description":"Frequently Asked Questions about contributing to Infisical","href":"/contributing/getting-started/faq"}]},{"group":"Contributing to platform","pages":[{"title":"Local development","description":"This guide will help you set up and run the Infisical platform in local development.","href":"/contributing/platform/developing"},{"title":"Backend development guide","description":null,"href":"/contributing/platform/backend/how-to-create-a-feature"},{"title":"Backend folder structure","description":null,"href":"/contributing/platform/backend/folder-structure"}]},{"group":"Contributing to SDK","pages":[{"title":"Local development","description":"This guide will help you contribute to the Infisical SDK.","href":"/contributing/sdk/developing"}]}]}],"docsNavWithMetadata":{"tabs":[{"tab":"Documentation","groups":[{"group":"Getting Started","pages":[{"title":"What is Infisical?","description":"An Introduction to the Infisical secret management platform.","sidebarTitle":"What is Infisical?","href":"/documentation/getting-started/introduction"},{"group":"Quickstart","pages":[{"title":"Secret Management in Development Environments","description":"Learn how to manage secrets in local development environments.","sidebarTitle":"Local Development","href":"/documentation/guides/local-development"}]},{"group":"Guides","pages":[{"title":"Introduction","description":null,"href":"/documentation/guides/introduction"},{"title":"Node","description":null,"href":"/documentation/guides/node"},{"title":"Python","description":null,"href":"/documentation/guides/python"},{"title":"Next.js + Vercel","description":null,"href":"/documentation/guides/nextjs-vercel"},{"title":"Microsoft Power Apps","description":"Learn how to manage secrets in Microsoft Power Apps with Infisical.","href":"/documentation/guides/microsoft-power-apps"},{"title":"Infisical Organizational Structure Blueprint","description":"Learn how to structure your projects, secrets, and other resources within Infisical.","sidebarTitle":"Organization Structure","href":"/documentation/guides/organization-structure"}]}]},{"group":"Platform","pages":[{"title":"Organizations","description":"Learn more and understand the concept of Infisical organizations.","href":"/documentation/platform/organization"},{"title":"Projects","description":"Learn more and understand the concept of Infisical projects.","href":"/documentation/platform/project"},{"title":"Folders","description":"Learn how to organize secrets with folders.","href":"/documentation/platform/folder"},{"group":"Secrets","pages":[{"title":"Secret Versioning","description":"Learn how secret versioning works in Infisical.","href":"/documentation/platform/secret-versioning"},{"title":"Point-in-Time Recovery","description":"Learn how to rollback secrets and configurations to any snapshot with Infisical.","href":"/documentation/platform/pit-recovery"},{"title":"Secret Referencing and Importing","description":"Learn the fundamentals of secret referencing and importing in Infisical.","sidebarTitle":"Referencing and Importing","href":"/documentation/platform/secret-reference"},{"title":"Webhooks","description":"Learn the fundamentals of Infisical webhooks.","href":"/documentation/platform/webhooks"}]},{"group":"Internal PKI","pages":[{"title":"Internal PKI","description":"Learn how to create a Private CA hierarchy and issue X.509 certificates.","sidebarTitle":"Overview","href":"/documentation/platform/pki/overview"},{"title":"Private CA","description":"Learn how to create a Private CA hierarchy with Infisical.","sidebarTitle":"Private CA","href":"/documentation/platform/pki/private-ca"},{"title":"Certificates","description":"Learn how to issue X.509 certificates with Infisical.","sidebarTitle":"Certificates","href":"/documentation/platform/pki/certificates"},{"title":"Kubernetes Issuer","description":"Learn how to automatically provision and manage TLS certificates for in Kubernetes using Infisical PKI","sidebarTitle":"Certificates for Kubernetes","href":"/documentation/platform/pki/pki-issuer"},{"title":"Enrollment over Secure Transport (EST)","description":"Learn how to manage certificate enrollment of clients using EST","sidebarTitle":"Enrollment over Secure Transport (EST)","href":"/documentation/platform/pki/est"},{"title":"Alerting","description":"Learn how to set up alerting for expiring certificates with Infisical","href":"/documentation/platform/pki/alerting"}]},{"title":"Infisical SSH","description":"Learn how to generate SSH credentials to provide secure and centralized SSH access control for your infrastructure.","sidebarTitle":"Infisical SSH","href":"/documentation/platform/ssh"},{"group":"Key Management (KMS)","pages":[{"title":"Key Management Service (KMS)","description":"Learn how to manage and use cryptographic keys with Infisical.","sidebarTitle":"Overview","href":"/documentation/platform/kms/overview"},{"title":"HSM Integration","description":"Learn more about integrating an HSM with Infisical KMS.","href":"/documentation/platform/kms/hsm-integration"},{"title":"Kubernetes Encryption with KMS","description":null,"sidebarTitle":"Kubernetes Encryption","url":"https://github.com/Infisical/k8-kms-plugin","href":"/documentation/platform/kms/kubernetes-encryption"}]},{"group":"KMS Configuration","pages":[{"title":"Key Management Service (KMS) Configuration","description":"Learn how to configure your project's encryption","sidebarTitle":"Overview","href":"/documentation/platform/kms-configuration/overview"},{"title":"AWS Key Management Service","description":"Learn how to manage encryption using AWS KMS","href":"/documentation/platform/kms-configuration/aws-kms"},{"title":"AWS CloudHSM","description":"Learn how to manage encryption using AWS CloudHSM","href":"/documentation/platform/kms-configuration/aws-hsm"},{"title":"GCP Key Management Service","description":"Learn how to manage encryption using GCP KMS","href":"/documentation/platform/kms-configuration/gcp-kms"}]},{"group":"Identities","pages":[{"title":"User and Machine Identities","description":"Learn more about identities to interact with resources in Infisical.","sidebarTitle":"Overview","href":"/documentation/platform/identities/overview"},{"title":"User Identities","description":"Read more about the concept of user identities in Infisical.","href":"/documentation/platform/identities/user-identities"},{"title":"Machine Identities","description":"Learn how to use Machine Identities to programmatically interact with Infisical.","href":"/documentation/platform/identities/machine-identities"}]},{"group":"Access Control","pages":[{"title":"Access Controls","description":"Learn about Infisical's access control toolset.","sidebarTitle":"Overview","href":"/documentation/platform/access-controls/overview"},{"title":"Role-based Access Controls","description":"Learn how to use RBAC to manage user permissions.","href":"/documentation/platform/access-controls/role-based-access-controls"},{"title":"Attribute-based Access Controls","description":"Learn how to use ABAC to manage permissions based on identity attributes.","href":"/documentation/platform/access-controls/attribute-based-access-controls"},{"title":"Additional Privileges","description":"Learn how to add specific privileges on top of predefined roles.","href":"/documentation/platform/access-controls/additional-privileges"},{"title":"Temporary Access","description":"Learn how to set up timed access to sensitive resources for user and machine identities.","href":"/documentation/platform/access-controls/temporary-access"},{"title":"Access Requests","description":"Learn how to request access to sensitive resources in Infisical.","href":"/documentation/platform/access-controls/access-requests"},{"title":"Approval Workflows","description":"Learn how to enable a set of policies to manage changes to sensitive secrets and environments.","href":"/documentation/platform/pr-workflows"},{"title":"User Groups","description":"Manage user groups in Infisical.","href":"/documentation/platform/groups"}]},{"group":"Audit Logs","pages":[{"title":"Overview","description":"Track evert event action performed within Infisical projects.","href":"/documentation/platform/audit-logs"},{"title":"Audit Log Streams","description":"Learn how to stream Infisical Audit Logs to external logging providers.","href":"/documentation/platform/audit-log-streams/audit-log-streams"},{"title":"Stream to Non-HTTP providers","description":"How to stream Infisical Audit Logs to Non-HTTP log providers","href":"/documentation/platform/audit-log-streams/audit-log-streams-with-fluentbit"}]},{"group":"Secret Rotation","pages":[{"title":"Secret Rotation","description":"Learn how to set up automated secret rotation in Infisical.","sidebarTitle":"Overview","href":"/documentation/platform/secret-rotation/overview"},{"title":"Twilio SendGrid","description":"Find out how to rotate Twilio SendGrid API keys.","href":"/documentation/platform/secret-rotation/sendgrid"},{"title":"PostgreSQL/CockroachDB","description":"Learn how to automatically rotate PostgreSQL/CockroachDB user passwords.","href":"/documentation/platform/secret-rotation/postgres"},{"title":"MySQL/MariaDB","description":"Learn how to automatically rotate MySQL/MariaDB user passwords.","href":"/documentation/platform/secret-rotation/mysql"},{"title":"Microsoft SQL Server","description":"Learn how to automatically rotate Microsoft SQL Server user passwords.","href":"/documentation/platform/secret-rotation/mssql"},{"title":"AWS IAM User","description":"Learn how to automatically rotate Access Key Id and Secret Key of AWS IAM Users.","href":"/documentation/platform/secret-rotation/aws-iam"}]},{"group":"Dynamic Secrets","pages":[{"title":"Dynamic Secrets","description":"Learn how to generate secrets dynamically on-demand.","sidebarTitle":"Overview","href":"/documentation/platform/dynamic-secrets/overview"},{"title":"PostgreSQL","description":"Learn how to dynamically generate PostgreSQL database users.","href":"/documentation/platform/dynamic-secrets/postgresql"},{"title":"MySQL","description":"Learn how to dynamically generate MySQL Database user credentials.","href":"/documentation/platform/dynamic-secrets/mysql"},{"title":"MS SQL","description":"Learn how to dynamically generate MS SQL database user credentials.","href":"/documentation/platform/dynamic-secrets/mssql"},{"title":"Oracle","description":"Learn how to dynamically generate Oracle Database user credentials.","href":"/documentation/platform/dynamic-secrets/oracle"},{"title":"Cassandra","description":"Learn how to dynamically generate Cassandra database user credentials","href":"/documentation/platform/dynamic-secrets/cassandra"},{"title":"Redis","description":"Learn how to dynamically generate Redis Database user credentials.","href":"/documentation/platform/dynamic-secrets/redis"},{"title":"AWS ElastiCache","description":"Learn how to dynamically generate AWS ElastiCache user credentials.","href":"/documentation/platform/dynamic-secrets/aws-elasticache"},{"title":"Elasticsearch","description":"Learn how to dynamically generate Elasticsearch user credentials.","href":"/documentation/platform/dynamic-secrets/elastic-search"},{"title":"RabbitMQ","description":"Learn how to dynamically generate RabbitMQ user credentials.","href":"/documentation/platform/dynamic-secrets/rabbit-mq"},{"title":"AWS IAM","description":"Learn how to dynamically generate AWS IAM Users.","href":"/documentation/platform/dynamic-secrets/aws-iam"},{"title":"Mongo Atlas","description":"Learn how to dynamically generate Mongo Atlas Database user credentials.","href":"/documentation/platform/dynamic-secrets/mongo-atlas"},{"title":"Mongo DB","description":"Learn how to dynamically generate Mongo DB Database user credentials.","href":"/documentation/platform/dynamic-secrets/mongo-db"},{"title":"Azure Entra Id","description":"Learn how to dynamically generate Azure Entra Id user credentials.","href":"/documentation/platform/dynamic-secrets/azure-entra-id"},{"title":"LDAP","description":"Learn how to dynamically generate user credentials via LDAP.","href":"/documentation/platform/dynamic-secrets/ldap"},{"title":"SAP ASE","description":"Learn how to dynamically generate SAP ASE database account credentials.","href":"/documentation/platform/dynamic-secrets/sap-ase"},{"title":"SAP HANA","description":"Learn how to dynamically generate SAP HANA database account credentials.","href":"/documentation/platform/dynamic-secrets/sap-hana"},{"title":"Snowflake","description":"Learn how to dynamically generate Snowflake user credentials.","href":"/documentation/platform/dynamic-secrets/snowflake"},{"title":"TOTP","description":"Learn how to dynamically generate time-based one-time passwords.","href":"/documentation/platform/dynamic-secrets/totp"}]},{"title":"Project Templates","description":"Learn how to manage and apply project templates","sidebarTitle":"Project Templates","href":"/documentation/platform/project-templates"},{"group":"Workflow Integrations","pages":[{"title":"Slack integration","description":"Learn how to setup Slack integration","href":"/documentation/platform/workflow-integrations/slack-integration"}]},{"group":"Admin Consoles","pages":[{"title":null,"description":"Learn about Infisical's Admin Consoles","href":"/documentation/platform/admin-panel/overview"},{"title":"Server Admin Console","description":"Configure and manage server related features","href":"/documentation/platform/admin-panel/server-admin"},{"title":"Organization Admin Console","description":"View and manage resources across your organization","href":"/documentation/platform/admin-panel/org-admin-console"}]},{"title":"Secret Sharing","description":"Learn how to share time \u0026 view-count bound secrets securely with anyone on the internet.","sidebarTitle":"Secret Sharing","href":"/documentation/platform/secret-sharing"}]},{"group":"Authentication Methods","pages":[{"title":"Email and Password","description":"Learn how to authenticate into Infisical with email and password.","href":"/documentation/platform/auth-methods/email-password"},{"title":"Service Token","description":"Infisical service tokens allow users to programmatically interact with Infisical.","href":"/documentation/platform/token"},{"title":"Token Auth","description":"Learn how to authenticate to Infisical from any platform or environment using an access token.","href":"/documentation/platform/identities/token-auth"},{"title":"Universal Auth","description":"Learn how to authenticate to Infisical from any platform or environment.","href":"/documentation/platform/identities/universal-auth"},{"title":"Kubernetes Auth","description":"Learn how to authenticate with Infisical in Kubernetes","href":"/documentation/platform/identities/kubernetes-auth"},{"title":"GCP Auth","description":"Learn how to authenticate with Infisical for services on Google Cloud Platform","href":"/documentation/platform/identities/gcp-auth"},{"title":"Azure Auth","description":"Learn how to authenticate with Infisical for services on Azure","href":"/documentation/platform/identities/azure-auth"},{"title":"AWS Auth","description":"Learn how to authenticate with Infisical for EC2 instances, Lambda functions, and other IAM principals.","href":"/documentation/platform/identities/aws-auth"},{"title":"JWT Auth","description":"Learn how to authenticate with Infisical using JWT-based authentication.","href":"/documentation/platform/identities/jwt-auth"},{"group":"OIDC Auth","pages":[{"title":"General","description":"Learn how to authenticate with Infisical from any platform or environment using OpenID Connect (OIDC).","href":"/documentation/platform/identities/oidc-auth/general"},{"title":"Github","description":"Learn how to authenticate Github workflows with Infisical using OpenID Connect (OIDC).","href":"/documentation/platform/identities/oidc-auth/github"},{"title":"CircleCI","description":"Learn how to authenticate CircleCI jobs with Infisical using OpenID Connect (OIDC).","href":"/documentation/platform/identities/oidc-auth/circleci"},{"title":"GitLab","description":"Learn how to authenticate GitLab pipelines with Infisical using OpenID Connect (OIDC).","href":"/documentation/platform/identities/oidc-auth/gitlab"}]},{"title":"Multi-factor Authentication","description":"Learn how to secure your Infisical account with MFA.","sidebarTitle":"MFA","href":"/documentation/platform/mfa"},{"group":"SSO","pages":[{"title":"SSO Overview","description":"Learn how to log in to Infisical via SSO protocols.","sidebarTitle":"Overview","href":"/documentation/platform/sso/overview"},{"title":"Google SSO","description":"Learn how to configure Google SSO for Infisical.","href":"/documentation/platform/sso/google"},{"title":"GitHub SSO","description":"Learn how to configure GitHub SSO for Infisical.","href":"/documentation/platform/sso/github"},{"title":"GitLab SSO","description":"Learn how to configure GitLab SSO for Infisical.","href":"/documentation/platform/sso/gitlab"},{"title":"Okta SAML","description":"Learn how to configure Okta SAML 2.0 for Infisical SSO.","href":"/documentation/platform/sso/okta"},{"title":"Entra ID / Azure AD SAML","description":"Learn how to configure Microsoft Entra ID for Infisical SSO.","href":"/documentation/platform/sso/azure"},{"title":"JumpCloud SAML","description":"Learn how to configure JumpCloud SAML for Infisical SSO.","href":"/documentation/platform/sso/jumpcloud"},{"title":"Keycloak SAML","description":"Learn how to configure Keycloak SAML for Infisical SSO.","href":"/documentation/platform/sso/keycloak-saml"},{"title":"Google SAML","description":"Learn how to configure Google SAML for Infisical SSO.","href":"/documentation/platform/sso/google-saml"},{"title":"Auth0 SAML","description":"Learn how to configure Auth0 SAML for Infisical SSO.","href":"/documentation/platform/sso/auth0-saml"},{"group":"Keycloak OIDC","pages":[{"title":"Keycloak OIDC Overview","description":"Learn how to configure Keycloak OIDC for Infisical SSO.","sidebarTitle":"Overview","href":"/documentation/platform/sso/keycloak-oidc/overview"},{"title":"Keycloak OIDC Group Membership Mapping","description":"Learn how to sync Keycloak group members to matching groups in Infisical.","sidebarTitle":"Group Membership Mapping","href":"/documentation/platform/sso/keycloak-oidc/group-membership-mapping"}]},{"title":"Auth0 OIDC","description":"Learn how to configure Auth0 OIDC for Infisical SSO.","href":"/documentation/platform/sso/auth0-oidc"},{"title":"General OIDC","description":"Learn how to configure OIDC for Infisical SSO with any OIDC-compliant identity provider","href":"/documentation/platform/sso/general-oidc"}]},{"group":"LDAP","pages":[{"title":"LDAP Overview","description":"Learn how to authenticate into Infisical with LDAP.","sidebarTitle":"Overview","href":"/documentation/platform/ldap/overview"},{"title":"JumpCloud LDAP","description":"Learn how to configure JumpCloud LDAP for authenticating into Infisical.","href":"/documentation/platform/ldap/jumpcloud"},{"title":"General LDAP","description":"Learn how to log in to Infisical with LDAP.","href":"/documentation/platform/ldap/general"}]},{"group":"SCIM","pages":[{"title":"SCIM Overview","description":"Learn how to provision users for Infisical via SCIM.","href":"/documentation/platform/scim/overview"},{"title":"Okta SCIM","description":"Learn how to configure SCIM provisioning with Okta for Infisical.","href":"/documentation/platform/scim/okta"},{"title":"Azure SCIM","description":"Learn how to configure SCIM provisioning with Azure for Infisical.","href":"/documentation/platform/scim/azure"},{"title":"JumpCloud SCIM","description":"Learn how to configure SCIM provisioning with JumpCloud for Infisical.","href":"/documentation/platform/scim/jumpcloud"},{"title":"SCIM Group Mappings","description":"Learn how to enhance your SCIM implementation using group mappings","href":"/documentation/platform/scim/group-mappings"}]}]},{"group":"Self-host Infisical","pages":[{"title":"","description":"Learn how to self-host Infisical on your own infrastructure.","sidebarTitle":"Introduction","href":"/self-hosting/overview"},{"group":"Installation methods","pages":[{"title":"Docker","description":"Learn how to run Infisical with Docker.","href":"/self-hosting/deployment-options/standalone-infisical"},{"title":"Docker Swarm","description":"How to self-host Infisical with Docker Swarm (HA).","href":"/self-hosting/deployment-options/docker-swarm"},{"title":"Docker Compose","description":"Read how to run Infisical with Docker Compose template.","href":"/self-hosting/deployment-options/docker-compose"},{"title":"Kubernetes via Helm Chart","description":"Learn how to use Helm chart to install Infisical on your Kubernetes cluster.","href":"/self-hosting/deployment-options/kubernetes-helm"}]},{"title":"Upgrade Infisical Instance","description":"How to upgrade Infisical self-hosted instance","href":"/self-hosting/guides/upgrading-infisical"},{"title":"Configurations","description":"Read how to configure environment variables for self-hosted Infisical.","href":"/self-hosting/configuration/envars"},{"title":"Hardware requirements","description":"Find out the minimal requirements for operating Infisical.","href":"/self-hosting/configuration/requirements"},{"group":"Guides","pages":[{"title":"Migrate Mongo to Postgres","description":"Learn how to migrate Infisical from MongoDB to PostgreSQL.","href":"/self-hosting/guides/mongo-to-postgres"},{"title":"Adding Custom Certificates","description":"Learn how to configure Infisical with custom certificates","href":"/self-hosting/guides/custom-certificates"}]},{"group":"Reference architectures","pages":[{"title":"AWS ECS (HA)","description":"Reference architecture for self-hosting Infisical on AWS ECS","href":"/self-hosting/reference-architectures/aws-ecs"},{"title":"Linux (HA)","description":"Infisical High Availability Deployment architecture for Linux","href":"/self-hosting/reference-architectures/linux-deployment-ha"},{"title":"Kubernetes (HA)","description":"Reference architecture for self-hosting Infisical on Kubernetes (HA)","href":"/self-hosting/reference-architectures/on-prem-k8s-ha"}]},{"title":"Infisical Enterprise","description":"Find out how to activate Infisical Enterprise edition (EE) features.","href":"/self-hosting/ee"},{"title":"FAQ","description":"Frequently Asked Questions about self-hosting Infisical.","href":"/self-hosting/faq"}]},{"group":"Internals","pages":[{"title":"Overview","description":"Read how Infisical works under the hood.","href":"/internals/overview"},{"title":"Permissions","description":"Infisical's permissions system provides granular access control.","href":"/internals/permissions"},{"title":"Components","description":"Understand Infisical's core architectural components and how they work together.","href":"/internals/components"},{"title":"Security","description":"Infisical's security model includes many considerations and initiatives.","href":"/internals/security"},{"title":"Service tokens","description":"Understanding service tokens and their best practices.","href":"/internals/service-tokens"}]},{"group":"Contributing","pages":[{"group":"Getting Started","pages":[{"title":"Overview","description":"Contributing to the Infisical ecosystem.","href":"/contributing/getting-started/overview"},{"title":"Code of Conduct","description":"What you should know before contributing to Infisical?","href":"/contributing/getting-started/code-of-conduct"},{"title":"Pull requests","description":"This guide walks through the code submission process for Infisical.","href":"/contributing/getting-started/pull-requests"},{"title":"FAQ","description":"Frequently Asked Questions about contributing to Infisical","href":"/contributing/getting-started/faq"}]},{"group":"Contributing to platform","pages":[{"title":"Local development","description":"This guide will help you set up and run the Infisical platform in local development.","href":"/contributing/platform/developing"},{"title":"Backend development guide","description":null,"href":"/contributing/platform/backend/how-to-create-a-feature"},{"title":"Backend folder structure","description":null,"href":"/contributing/platform/backend/folder-structure"}]},{"group":"Contributing to SDK","pages":[{"title":"Local development","description":"This guide will help you contribute to the Infisical SDK.","href":"/contributing/sdk/developing"}]}]}]},{"tab":"Integrations","groups":[{"group":"Infrastructure Integrations","pages":[{"group":"Container orchestrators","pages":[{"group":"Kubernetes","pages":[{"title":"Kubernetes Operator","description":"How to use Infisical to inject, push, and manage secrets within Kubernetes clusters","sidebarTitle":"Overview","href":"/integrations/platforms/kubernetes/overview"},{"title":"Using the InfisicalSecret CRD","description":"Learn how to use the InfisicalSecret CRD to fetch secrets from Infisical and store them as native Kubernetes secret resource","sidebarTitle":"InfisicalSecret CRD","href":"/integrations/platforms/kubernetes/infisical-secret-crd"},{"title":"Using the InfisicalPushSecret CRD","description":"Learn how to use the InfisicalPushSecret CRD to push and manage secrets in Infisical.","sidebarTitle":"InfisicalPushSecret CRD","href":"/integrations/platforms/kubernetes/infisical-push-secret-crd"},{"title":"Using the InfisicalDynamicSecret CRD","description":"Learn how to generate dynamic secret leases in Infisical and sync them to your Kubernetes cluster.","sidebarTitle":"InfisicalDynamicSecret CRD","href":"/integrations/platforms/kubernetes/infisical-dynamic-secret-crd"}]},{"title":"Kubernetes CSI","description":"How to use Infisical to inject secrets directly into Kubernetes pods.","href":"/integrations/platforms/kubernetes-csi"},{"title":"Docker Swarm","description":"Learn how to manage secrets in Docker Swarm services.","href":"/integrations/platforms/docker-swarm-with-agent"},{"title":"Amazon ECS","description":"Learn how to deliver secrets to Amazon Elastic Container Service.","href":"/integrations/platforms/ecs-with-agent"}]},{"title":"Infisical Agent","description":"This page describes how to manage secrets using Infisical Agent.","href":"/integrations/platforms/infisical-agent"},{"group":"Docker","pages":[{"title":"Docker","description":"Learn how to feed secrets from Infisical into your Docker application.","href":"/integrations/platforms/docker-intro"},{"title":"Docker Entrypoint","description":"Learn how to use Infisical to inject environment variables into a Docker container.","href":"/integrations/platforms/docker"},{"title":"Docker Run","description":"Learn how to pass secrets to your docker container at run time.","href":"/integrations/platforms/docker-pass-envs"},{"title":"Docker Compose","description":"Find out how to use Infisical to inject environment variables into services defined in your Docker Compose file.","href":"/integrations/platforms/docker-compose"}]},{"title":"Terraform Provider","description":"Learn how to fetch Secrets From Infisical With Terraform.","url":"https://registry.terraform.io/providers/Infisical/infisical/latest/docs","href":"/integrations/frameworks/terraform"},{"title":"Ansible","description":"Learn how to use Infisical for secret management in Ansible.","href":"/integrations/platforms/ansible"}]},{"group":"App Connections","pages":[{"title":null,"description":"Learn how to manage and configure third-party app connections with Infisical.","sidebarTitle":"Overview","href":"/integrations/app-connections/overview"},{"group":"Connections","pages":[{"title":"AWS Connection","description":"Learn how to configure an AWS Connection for Infisical.","href":"/integrations/app-connections/aws"},{"title":"Azure App Configuration Connection","description":"Learn how to configure a Azure App Configuration Connection for Infisical.","href":"/integrations/app-connections/azure-app-configuration"},{"title":"Azure Key Vault Connection","description":"Learn how to configure a Azure Key Vault Connection for Infisical.","href":"/integrations/app-connections/azure-key-vault"},{"title":"Databricks Connection","description":"Learn how to configure a Databricks Connection for Infisical.","href":"/integrations/app-connections/databricks"},{"title":"GCP Connection","description":"Learn how to configure a GCP Connection for Infisical.","href":"/integrations/app-connections/gcp"},{"title":"GitHub Connection","description":"Learn how to configure a GitHub Connection for Infisical.","href":"/integrations/app-connections/github"}]}]},{"group":"Secret Syncs","pages":[{"title":null,"description":"Learn how to sync secrets to third-party services with Infisical.","sidebarTitle":"Overview","href":"/integrations/secret-syncs/overview"},{"group":"Syncs","pages":[{"title":"AWS Parameter Store Sync","description":"Learn how to configure an AWS Parameter Store Sync for Infisical.","href":"/integrations/secret-syncs/aws-parameter-store"},{"title":"AWS Secrets Manager Sync","description":"Learn how to configure an AWS Secrets Manager Sync for Infisical.","href":"/integrations/secret-syncs/aws-secrets-manager"},{"title":"Azure App Configuration Sync","description":"Learn how to configure an Azure App Configuration Sync for Infisical.","href":"/integrations/secret-syncs/azure-app-configuration"},{"title":"Azure Key Vault Sync","description":"Learn how to configure a Azure Key Vault Sync for Infisical.","href":"/integrations/secret-syncs/azure-key-vault"},{"title":"Databricks Sync","description":"Learn how to configure a Databricks Sync for Infisical.","href":"/integrations/secret-syncs/databricks"},{"title":"GCP Secret Manager Sync","description":"Learn how to configure a GCP Secret Manager Sync for Infisical.","href":"/integrations/secret-syncs/gcp-secret-manager"},{"title":"GitHub Sync","description":"Learn how to configure a GitHub Sync for Infisical.","href":"/integrations/secret-syncs/github"}]}]},{"group":"Native Integrations","pages":[{"group":"AWS","pages":[{"title":"AWS Parameter Store","description":"Learn how to sync secrets from Infisical to AWS Parameter Store.","href":"/integrations/cloud/aws-parameter-store"},{"title":"AWS Secrets Manager","description":"Learn how to sync secrets from Infisical to AWS Secrets Manager.","href":"/integrations/cloud/aws-secret-manager"},{"title":"AWS Amplify","description":"Learn how to sync secrets from Infisical to AWS Amplify.","href":"/integrations/cloud/aws-amplify"}]},{"title":"Vercel","description":"How to sync secrets from Infisical to Vercel","href":"/integrations/cloud/vercel"},{"title":"Azure Key Vault","description":"How to sync secrets from Infisical to Azure Key Vault","href":"/integrations/cloud/azure-key-vault"},{"title":"Azure App Configuration","description":"How to sync secrets from Infisical to Azure App Configuration","href":"/integrations/cloud/azure-app-configuration"},{"title":"Azure DevOps","description":"How to sync secrets from Infisical to Azure DevOps","href":"/integrations/cloud/azure-devops"},{"title":"GCP Secret Manager","description":"How to sync secrets from Infisical to GCP Secret Manager","href":"/integrations/cloud/gcp-secret-manager"},{"group":"Cloudflare","pages":[{"title":"Cloudflare Pages","description":"How to sync secrets from Infisical to Cloudflare Pages","href":"/integrations/cloud/cloudflare-pages"},{"title":"Cloudflare Workers","description":"How to sync secrets from Infisical to Cloudflare Workers","href":"/integrations/cloud/cloudflare-workers"}]},{"title":"Terraform Cloud","description":"How to sync secrets from Infisical to Terraform Cloud","href":"/integrations/cloud/terraform-cloud"},{"title":"Databricks","description":"Learn how to sync secrets from Infisical to Databricks.","href":"/integrations/cloud/databricks"},{"group":"View more","pages":[{"title":"Digital Ocean App Platform","description":"How to sync secrets from Infisical to Digital Ocean App Platform","href":"/integrations/cloud/digital-ocean-app-platform"},{"title":"Heroku","description":"How to sync secrets from Infisical to Heroku","href":"/integrations/cloud/heroku"},{"title":"Netlify","description":"How to sync secrets from Infisical to Netlify","href":"/integrations/cloud/netlify"},{"title":"Railway","description":"How to sync secrets from Infisical to Railway","href":"/integrations/cloud/railway"},{"title":"Fly.io","description":"How to sync secrets from Infisical to Fly.io","href":"/integrations/cloud/flyio"},{"title":"Render","description":"How to sync secrets from Infisical to Render","href":"/integrations/cloud/render"},{"title":"Laravel Forge","description":"How to sync secrets from Infisical to Laravel Forge","href":"/integrations/cloud/laravel-forge"},{"title":"Supabase","description":"How to sync secrets from Infisical to Supabase","href":"/integrations/cloud/supabase"},{"title":"Northflank","description":"How to sync secrets from Infisical to Northflank","href":"/integrations/cloud/northflank"},{"title":"Hasura Cloud","description":"How to sync secrets from Infisical to Hasura Cloud","href":"/integrations/cloud/hasura-cloud"},{"title":"Qovery","description":"How to sync secrets from Infisical to Qovery","href":"/integrations/cloud/qovery"},{"title":"HashiCorp Vault","description":"How to sync secrets from Infisical to HashiCorp Vault","href":"/integrations/cloud/hashicorp-vault"},{"title":"Cloud 66","description":"How to sync secrets from Infisical to Cloud 66","href":"/integrations/cloud/cloud-66"},{"title":"Windmill","description":"How to sync secrets from Infisical to Windmill","href":"/integrations/cloud/windmill"}]}]},{"group":"CI/CD Integrations","pages":[{"title":"Jenkins Plugin","description":"How to effectively and securely manage secrets in Jenkins using Infisical","href":"/integrations/cicd/jenkins"},{"title":"GitHub Actions","description":"How to sync secrets from Infisical to GitHub Actions","href":"/integrations/cicd/githubactions"},{"title":"GitLab","description":"How to sync secrets from Infisical to GitLab","href":"/integrations/cicd/gitlab"},{"title":"Bitbucket","description":"How to sync secrets from Infisical to Bitbucket","href":"/integrations/cicd/bitbucket"},{"title":"TeamCity","description":"How to sync secrets from Infisical to TeamCity","href":"/integrations/cloud/teamcity"},{"group":"View more","pages":[{"title":"CircleCI","description":"How to sync secrets from Infisical to CircleCI","href":"/integrations/cicd/circleci"},{"title":"Travis CI","description":"How to sync secrets from Infisical to Travis CI","href":"/integrations/cicd/travisci"},{"title":"Rundeck","description":"How to sync secrets from Infisical to Rundeck","href":"/integrations/cicd/rundeck"},{"title":"Codefresh","description":"How to sync secrets from Infisical to Codefresh","href":"/integrations/cicd/codefresh"},{"title":"Checkly","description":"How to sync secrets from Infisical to Checkly","href":"/integrations/cloud/checkly"},{"title":"Octopus Deploy","description":"Learn how to sync secrets from Infisical to Octopus Deploy","href":"/integrations/cicd/octopus-deploy"}]}]},{"group":"Framework Integrations","pages":[{"title":"Spring Boot with Maven","description":"How to use Infisical to inject environment variables into Java Spring Boot","href":"/integrations/frameworks/spring-boot-maven"},{"title":"React","description":"How to use Infisical to inject environment variables and secrets into a React app.","href":"/integrations/frameworks/react"},{"title":"Vue","description":"How to use Infisical to inject environment variables and secrets into a Vue.js app.","href":"/integrations/frameworks/vue"},{"title":"Express, Fastify, Koa","description":"How to use Infisical to inject environment variables and secrets into an Express app.","href":"/integrations/frameworks/express"},{"group":"View more","pages":[{"title":"Next.js","description":"How to use Infisical to inject environment variables and secrets into a Next.js app.","href":"/integrations/frameworks/nextjs"},{"title":"NestJS","description":"How to use Infisical to inject environment variables and secrets into a NestJS app.","href":"/integrations/frameworks/nestjs"},{"title":"SvelteKit","description":"How to use Infisical to inject environment variables and secrets into a SvelteKit app.","href":"/integrations/frameworks/sveltekit"},{"title":"Nuxt","description":"How to use Infisical to inject environment variables and secrets into a Nuxt app.","href":"/integrations/frameworks/nuxt"},{"title":"Gatsby","description":"How to use Infisical to inject environment variables and secrets into a Gatsby app.","href":"/integrations/frameworks/gatsby"},{"title":"Remix","description":"How to use Infisical to inject environment variables and secrets into a Remix app.","href":"/integrations/frameworks/remix"},{"title":"Vite","description":"How to use Infisical to inject environment variables and secrets into a Vite app.","href":"/integrations/frameworks/vite"},{"title":"Fiber","description":"How to use Infisical to inject environment variables and secrets into a Fiber app.","href":"/integrations/frameworks/fiber"},{"title":"Django","description":"How to use Infisical to inject environment variables and secrets into a Django app.","href":"/integrations/frameworks/django"},{"title":"Flask","description":"How to use Infisical to inject environment variables and secrets into a Flask app.","href":"/integrations/frameworks/flask"},{"title":"Laravel","description":"How to use Infisical to inject environment variables and secrets into a Laravel app.","href":"/integrations/frameworks/laravel"},{"title":"Ruby on Rails","description":"How to use Infisical to inject environment variables and secrets into a Ruby on Rails app.","href":"/integrations/frameworks/rails"},{"title":".NET","description":"How to use Infisical to inject environment variables and secrets into a .NET app.","href":"/integrations/frameworks/dotnet"},{"title":"PM2","description":"How to use Infisical to inject environment variables and secrets with PM2 into a Node.js app","href":"/integrations/platforms/pm2"}]}]},{"group":"Build Tool Integrations","pages":[{"title":"Gradle","description":"How to use Infisical to inject environment variables with Gradle","href":"/integrations/build-tools/gradle"}]}]},{"tab":"CLI","groups":[{"group":"Command line","pages":[{"title":"Install","description":"Infisical's CLI is one of the best ways to manage environments and secrets. Install it here","href":"/cli/overview"},{"title":"Quickstart","description":"Manage secrets with Infisical CLI","href":"/cli/usage"},{"group":"Core commands","pages":[{"title":"infisical login","description":"Login into Infisical from the CLI","href":"/cli/commands/login"},{"title":"infisical init","description":"Switch between Infisical projects within CLI","href":"/cli/commands/init"},{"title":"infisical run","description":"The command that injects your secrets into local environment","href":"/cli/commands/run"},{"title":"infisical secrets","description":"Perform CRUD operations with Infisical secrets","href":"/cli/commands/secrets"},{"title":"infisical dynamic-secrets","description":"Perform dynamic secret operations directly with the CLI","href":"/cli/commands/dynamic-secrets"},{"title":"infisical ssh","description":"Generate SSH credentials with the CLI","href":"/cli/commands/ssh"},{"title":"infisical export","description":"Export Infisical secrets from CLI into different file formats","href":"/cli/commands/export"},{"title":"infisical token","description":"Manage your Infisical identity access tokens","href":"/cli/commands/token"},{"title":"infisical service-token","description":"Manage Infisical service tokens","href":"/cli/commands/service-token"},{"title":"infisical vault","description":"Change the vault type in Infisical","href":"/cli/commands/vault"},{"title":"infisical user","description":"Manage logged in users","href":"/cli/commands/user"},{"title":"infisical reset","description":"Reset Infisical","href":"/cli/commands/reset"},{"group":"infisical scan","pages":[{"title":"scan","description":"Scan git history, directories, and files for secrets","href":"/cli/commands/scan"},{"title":"scan git-changes","description":"Scan for secrets in your uncommitted code","href":"/cli/commands/scan-git-changes"},{"title":"scan install","description":"Add various scanning tools seamlessly into your development lifecycle","href":"/cli/commands/scan-install"}]}]},{"title":"Secret scanning","description":"Scan and prevent secret leaks in your code base","href":"/cli/scanning-overview"},{"title":"Project config file","description":"Project config file \u0026 customization options","href":"/cli/project-config"},{"title":"FAQ","description":"Frequently Asked Questions about Infisical CLI","href":"/cli/faq"}]}]},{"tab":"API Reference","groups":[{"group":"Overview","pages":[{"title":"API Reference","description":null,"sidebarTitle":"Introduction","href":"/api-reference/overview/introduction"},{"title":"Authentication","description":"Learn how to authenticate with the Infisical Public API.","href":"/api-reference/overview/authentication"},{"group":"Examples","pages":[{"title":"Configure native integrations via API","description":"How to use Infisical API to sync secrets to external secret managers","href":"/api-reference/overview/examples/integration"}]}]},{"group":"Endpoints","pages":[{"group":"Identities","pages":[{"title":"Create","description":"Create identity","openapi":"POST /api/v1/identities","href":"/api-reference/endpoints/identities/create"},{"title":"Update","description":"Update identity","openapi":"PATCH /api/v1/identities/{identityId}","href":"/api-reference/endpoints/identities/update"},{"title":"Delete","description":"Delete identity","openapi":"DELETE /api/v1/identities/{identityId}","href":"/api-reference/endpoints/identities/delete"},{"title":"Get By ID","description":"Get an identity by id","openapi":"GET /api/v1/identities/{identityId}","href":"/api-reference/endpoints/identities/get-by-id"},{"title":"List","description":"List identities","openapi":"GET /api/v1/identities","href":"/api-reference/endpoints/identities/list"}]},{"group":"Token Auth","pages":[{"title":"Attach","description":"Attach Token Auth configuration onto identity","openapi":"POST /api/v1/auth/token-auth/identities/{identityId}","href":"/api-reference/endpoints/token-auth/attach"},{"title":"Retrieve","description":"Retrieve Token Auth configuration on identity","openapi":"GET /api/v1/auth/token-auth/identities/{identityId}","href":"/api-reference/endpoints/token-auth/retrieve"},{"title":"Update","description":"Update Token Auth configuration on identity","openapi":"PATCH /api/v1/auth/token-auth/identities/{identityId}","href":"/api-reference/endpoints/token-auth/update"},{"title":"Revoke","description":"Delete Token Auth configuration on identity","openapi":"DELETE /api/v1/auth/token-auth/identities/{identityId}","href":"/api-reference/endpoints/token-auth/revoke"},{"title":"Get Tokens","description":"Get tokens for identity with Token Auth","openapi":"GET /api/v1/auth/token-auth/identities/{identityId}/tokens","href":"/api-reference/endpoints/token-auth/get-tokens"},{"title":"Create Token","description":"Create token for identity with Token Auth","openapi":"POST /api/v1/auth/token-auth/identities/{identityId}/tokens","href":"/api-reference/endpoints/token-auth/create-token"},{"title":"Update Token","description":"Update token for identity with Token Auth","openapi":"PATCH /api/v1/auth/token-auth/tokens/{tokenId}","href":"/api-reference/endpoints/token-auth/update-token"},{"title":"Revoke Token","description":"Revoke token for identity with Token Auth","openapi":"POST /api/v1/auth/token-auth/tokens/{tokenId}/revoke","href":"/api-reference/endpoints/token-auth/revoke-token"}]},{"group":"Universal Auth","pages":[{"title":"Login","description":"Login with Universal Auth","openapi":"POST /api/v1/auth/universal-auth/login","href":"/api-reference/endpoints/universal-auth/login"},{"title":"Attach","description":"Attach Universal Auth configuration onto identity","openapi":"POST /api/v1/auth/universal-auth/identities/{identityId}","href":"/api-reference/endpoints/universal-auth/attach"},{"title":"Retrieve","description":"Retrieve Universal Auth configuration on identity","openapi":"GET /api/v1/auth/universal-auth/identities/{identityId}","href":"/api-reference/endpoints/universal-auth/retrieve"},{"title":"Update","description":"Update Universal Auth configuration on identity","openapi":"PATCH /api/v1/auth/universal-auth/identities/{identityId}","href":"/api-reference/endpoints/universal-auth/update"},{"title":"Revoke","description":"Delete Universal Auth configuration on identity","openapi":"DELETE /api/v1/auth/universal-auth/identities/{identityId}","href":"/api-reference/endpoints/universal-auth/revoke"},{"title":"Create Client Secret","description":"Create Universal Auth Client Secret for identity","openapi":"POST /api/v1/auth/universal-auth/identities/{identityId}/client-secrets","href":"/api-reference/endpoints/universal-auth/create-client-secret"},{"title":"List Client Secrets","description":"List Universal Auth Client Secrets for identity","openapi":"GET /api/v1/auth/universal-auth/identities/{identityId}/client-secrets","href":"/api-reference/endpoints/universal-auth/list-client-secrets"},{"title":"Revoke Client Secret","description":"Revoke Universal Auth Client Secrets for identity","openapi":"POST /api/v1/auth/universal-auth/identities/{identityId}/client-secrets/{clientSecretId}/revoke","href":"/api-reference/endpoints/universal-auth/revoke-client-secret"},{"title":"Get Client Secret By ID","description":"Get Universal Auth Client Secret for identity","openapi":"GET /api/v1/auth/universal-auth/identities/{identityId}/client-secrets/{clientSecretId}","href":"/api-reference/endpoints/universal-auth/get-client-secret-by-id"},{"title":"Renew Access Token","description":"Renew access token","openapi":"POST /api/v1/auth/token/renew","href":"/api-reference/endpoints/universal-auth/renew-access-token"},{"title":"Revoke Access Token","description":"Revoke access token","openapi":"POST /api/v1/auth/token/revoke","href":"/api-reference/endpoints/universal-auth/revoke-access-token"}]},{"group":"GCP Auth","pages":[{"title":"Login","description":"Login with GCP Auth","openapi":"POST /api/v1/auth/gcp-auth/login","href":"/api-reference/endpoints/gcp-auth/login"},{"title":"Attach","description":"Attach GCP Auth configuration onto identity","openapi":"POST /api/v1/auth/gcp-auth/identities/{identityId}","href":"/api-reference/endpoints/gcp-auth/attach"},{"title":"Retrieve","description":"Retrieve GCP Auth configuration on identity","openapi":"GET /api/v1/auth/gcp-auth/identities/{identityId}","href":"/api-reference/endpoints/gcp-auth/retrieve"},{"title":"Update","description":"Update GCP Auth configuration on identity","openapi":"PATCH /api/v1/auth/gcp-auth/identities/{identityId}","href":"/api-reference/endpoints/gcp-auth/update"},{"title":"Revoke","description":"Delete GCP Auth configuration on identity","openapi":"DELETE /api/v1/auth/gcp-auth/identities/{identityId}","href":"/api-reference/endpoints/gcp-auth/revoke"}]},{"group":"AWS Auth","pages":[{"title":"Login","description":"Login with AWS Auth","openapi":"POST /api/v1/auth/aws-auth/login","href":"/api-reference/endpoints/aws-auth/login"},{"title":"Attach","description":"Attach AWS Auth configuration onto identity","openapi":"POST /api/v1/auth/aws-auth/identities/{identityId}","href":"/api-reference/endpoints/aws-auth/attach"},{"title":"Retrieve","description":"Retrieve AWS Auth configuration on identity","openapi":"GET /api/v1/auth/aws-auth/identities/{identityId}","href":"/api-reference/endpoints/aws-auth/retrieve"},{"title":"Update","description":"Update AWS Auth configuration on identity","openapi":"PATCH /api/v1/auth/aws-auth/identities/{identityId}","href":"/api-reference/endpoints/aws-auth/update"},{"title":"Revoke","description":"Delete AWS Auth configuration on identity","openapi":"DELETE /api/v1/auth/aws-auth/identities/{identityId}","href":"/api-reference/endpoints/aws-auth/revoke"}]},{"group":"Azure Auth","pages":[{"title":"Login","description":"Login with Azure Auth","openapi":"POST /api/v1/auth/azure-auth/login","href":"/api-reference/endpoints/azure-auth/login"},{"title":"Attach","description":"Attach Azure Auth configuration onto identity","openapi":"POST /api/v1/auth/azure-auth/identities/{identityId}","href":"/api-reference/endpoints/azure-auth/attach"},{"title":"Retrieve","description":"Retrieve Azure Auth configuration on identity","openapi":"GET /api/v1/auth/azure-auth/identities/{identityId}","href":"/api-reference/endpoints/azure-auth/retrieve"},{"title":"Update","description":"Update Azure Auth configuration on identity","openapi":"PATCH /api/v1/auth/azure-auth/identities/{identityId}","href":"/api-reference/endpoints/azure-auth/update"},{"title":"Revoke","description":"Delete Azure Auth configuration on identity","openapi":"DELETE /api/v1/auth/azure-auth/identities/{identityId}","href":"/api-reference/endpoints/azure-auth/revoke"}]},{"group":"Kubernetes Auth","pages":[{"title":"Login","description":"Login with Kubernetes Auth","openapi":"POST /api/v1/auth/kubernetes-auth/login","href":"/api-reference/endpoints/kubernetes-auth/login"},{"title":"Attach","description":"Attach Kubernetes Auth configuration onto identity","openapi":"POST /api/v1/auth/kubernetes-auth/identities/{identityId}","href":"/api-reference/endpoints/kubernetes-auth/attach"},{"title":"Retrieve","description":"Retrieve Kubernetes Auth configuration on identity","openapi":"GET /api/v1/auth/kubernetes-auth/identities/{identityId}","href":"/api-reference/endpoints/kubernetes-auth/retrieve"},{"title":"Update","description":"Update Kubernetes Auth configuration on identity","openapi":"PATCH /api/v1/auth/kubernetes-auth/identities/{identityId}","href":"/api-reference/endpoints/kubernetes-auth/update"},{"title":"Revoke","description":"Delete Kubernetes Auth configuration on identity","openapi":"DELETE /api/v1/auth/kubernetes-auth/identities/{identityId}","href":"/api-reference/endpoints/kubernetes-auth/revoke"}]},{"group":"OIDC Auth","pages":[{"title":"Login","description":"Login with OIDC Auth","openapi":"POST /api/v1/auth/oidc-auth/login","href":"/api-reference/endpoints/oidc-auth/login"},{"title":"Attach","description":"Attach OIDC Auth configuration onto identity","openapi":"POST /api/v1/auth/oidc-auth/identities/{identityId}","href":"/api-reference/endpoints/oidc-auth/attach"},{"title":"Retrieve","description":"Retrieve OIDC Auth configuration on identity","openapi":"GET /api/v1/auth/oidc-auth/identities/{identityId}","href":"/api-reference/endpoints/oidc-auth/retrieve"},{"title":"Update","description":"Update OIDC Auth configuration on identity","openapi":"PATCH /api/v1/auth/oidc-auth/identities/{identityId}","href":"/api-reference/endpoints/oidc-auth/update"},{"title":"Revoke","description":"Delete OIDC Auth configuration on identity","openapi":"DELETE /api/v1/auth/oidc-auth/identities/{identityId}","href":"/api-reference/endpoints/oidc-auth/revoke"}]},{"group":"JWT Auth","pages":[{"title":"Login","description":"Login with JWT Auth","openapi":"POST /api/v1/auth/jwt-auth/login","href":"/api-reference/endpoints/jwt-auth/login"},{"title":"Attach","description":"Attach JWT Auth configuration onto identity","openapi":"POST /api/v1/auth/jwt-auth/identities/{identityId}","href":"/api-reference/endpoints/jwt-auth/attach"},{"title":"Retrieve","description":"Retrieve JWT Auth configuration on identity","openapi":"GET /api/v1/auth/jwt-auth/identities/{identityId}","href":"/api-reference/endpoints/jwt-auth/retrieve"},{"title":"Update","description":"Update JWT Auth configuration on identity","openapi":"PATCH /api/v1/auth/jwt-auth/identities/{identityId}","href":"/api-reference/endpoints/jwt-auth/update"},{"title":"Revoke","description":"Delete JWT Auth configuration on identity","openapi":"DELETE /api/v1/auth/jwt-auth/identities/{identityId}","href":"/api-reference/endpoints/jwt-auth/revoke"}]},{"group":"Groups","pages":[{"title":"Create","description":null,"openapi":"POST /api/v1/groups","href":"/api-reference/endpoints/groups/create"},{"title":"Update","description":null,"openapi":"PATCH /api/v1/groups/{id}","href":"/api-reference/endpoints/groups/update"},{"title":"Delete","description":null,"openapi":"DELETE /api/v1/groups/{id}","href":"/api-reference/endpoints/groups/delete"},{"title":"Get Groups in Organization","description":null,"openapi":"GET /api/v1/groups","href":"/api-reference/endpoints/groups/get"},{"title":"Get By ID","description":null,"openapi":"GET /api/v1/groups/{id}","href":"/api-reference/endpoints/groups/get-by-id"},{"title":"Add Group User","description":null,"openapi":"POST /api/v1/groups/{id}/users/{username}","href":"/api-reference/endpoints/groups/add-group-user"},{"title":"Remove Group User","description":null,"openapi":"DELETE /api/v1/groups/{id}/users/{username}","href":"/api-reference/endpoints/groups/remove-group-user"},{"title":"List Group Users","description":null,"openapi":"GET /api/v1/groups/{id}/users","href":"/api-reference/endpoints/groups/list-group-users"}]},{"group":"Organizations","pages":[{"title":"Get User Memberships","description":"Return organization user memberships","openapi":"GET /api/v2/organizations/{organizationId}/memberships","href":"/api-reference/endpoints/organizations/memberships"},{"title":"Update User Membership","description":"Update organization user memberships","openapi":"PATCH /api/v2/organizations/{organizationId}/memberships/{membershipId}","href":"/api-reference/endpoints/organizations/update-membership"},{"title":"Delete User Membership","description":"Delete organization user memberships","openapi":"DELETE /api/v2/organizations/{organizationId}/memberships/{membershipId}","href":"/api-reference/endpoints/organizations/delete-membership"},{"title":"List Identity Memberships","description":"Return organization identity memberships","openapi":"GET /api/v2/organizations/{orgId}/identity-memberships","href":"/api-reference/endpoints/organizations/list-identity-memberships"},{"title":"Get Projects","description":"Return projects in organization that user is apart of","openapi":"GET /api/v2/organizations/{organizationId}/workspaces","href":"/api-reference/endpoints/organizations/workspaces"}]},{"group":"Projects","pages":[{"title":"Create Project","description":"Create a new project","openapi":"POST /api/v2/workspace","href":"/api-reference/endpoints/workspaces/create-workspace"},{"title":"Delete Project","description":"Delete project","openapi":"DELETE /api/v1/workspace/{workspaceId}","href":"/api-reference/endpoints/workspaces/delete-workspace"},{"title":"Get Project","description":"Get project","openapi":"GET /api/v1/workspace/{workspaceId}","href":"/api-reference/endpoints/workspaces/get-workspace"},{"title":"Update Project","description":"Update project","openapi":"PATCH /api/v1/workspace/{workspaceId}","href":"/api-reference/endpoints/workspaces/update-workspace"},{"title":"Get Snapshots","description":"Return project secret snapshots ids","openapi":"GET /api/v1/workspace/{workspaceId}/secret-snapshots","href":"/api-reference/endpoints/workspaces/secret-snapshots"},{"title":"Roll Back to Snapshot","description":"Roll back project secrets to those captured in a secret snapshot version.","openapi":"POST /api/v1/secret-snapshot/{secretSnapshotId}/rollback","href":"/api-reference/endpoints/workspaces/rollback-snapshot"}]},{"group":"Project Users","pages":[{"title":"Invite Member","description":"Invite members to project","openapi":"POST /api/v2/workspace/{projectId}/memberships","href":"/api-reference/endpoints/project-users/invite-member-to-workspace"},{"title":"Remove Member","description":"Remove members from project","openapi":"DELETE /api/v2/workspace/{projectId}/memberships","href":"/api-reference/endpoints/project-users/remove-member-from-workspace"},{"title":"Get User Memberships","description":"Return project user memberships","openapi":"GET /api/v1/workspace/{workspaceId}/memberships","href":"/api-reference/endpoints/project-users/memberships"},{"title":"Get By Username","description":"Return project user memberships","openapi":"POST /api/v1/workspace/{workspaceId}/memberships/details","href":"/api-reference/endpoints/project-users/get-by-username"},{"title":"Update User Membership","description":"Update project user membership","openapi":"PATCH /api/v1/workspace/{workspaceId}/memberships/{membershipId}","href":"/api-reference/endpoints/project-users/update-membership"}]},{"group":"Project Groups","pages":[{"title":"Create Project Membership","description":null,"openapi":"POST /api/v2/workspace/{projectId}/groups/{groupId}","href":"/api-reference/endpoints/project-groups/create"},{"title":"Delete Project Membership","description":"Remove group from project","openapi":"DELETE /api/v2/workspace/{projectId}/groups/{groupId}","href":"/api-reference/endpoints/project-groups/delete"},{"title":"Get Project Membership","description":"Return project group","openapi":"GET /api/v2/workspace/{projectId}/groups/{groupId}","href":"/api-reference/endpoints/project-groups/get-by-id"},{"title":"List Project Memberships","description":"Return list of groups in project","openapi":"GET /api/v2/workspace/{projectId}/groups","href":"/api-reference/endpoints/project-groups/list"},{"title":"Update Project Membership","description":"Update group in project","openapi":"PATCH /api/v2/workspace/{projectId}/groups/{groupId}","href":"/api-reference/endpoints/project-groups/update"}]},{"group":"Project Identities","pages":[{"title":"Create Identity Membership","description":"Create project identity membership","openapi":"POST /api/v2/workspace/{projectId}/identity-memberships/{identityId}","href":"/api-reference/endpoints/project-identities/add-identity-membership"},{"title":"List Identity Memberships","description":"Return project identity memberships","openapi":"GET /api/v2/workspace/{projectId}/identity-memberships","href":"/api-reference/endpoints/project-identities/list-identity-memberships"},{"title":"Get Identity by ID","description":"Return project identity membership","openapi":"GET /api/v2/workspace/{projectId}/identity-memberships/{identityId}","href":"/api-reference/endpoints/project-identities/get-by-id"},{"title":"Update Identity Membership","description":"Update project identity memberships","openapi":"PATCH /api/v2/workspace/{projectId}/identity-memberships/{identityId}","href":"/api-reference/endpoints/project-identities/update-identity-membership"},{"title":"Delete Identity Membership","description":"Delete project identity memberships","openapi":"DELETE /api/v2/workspace/{projectId}/identity-memberships/{identityId}","href":"/api-reference/endpoints/project-identities/delete-identity-membership"}]},{"group":"Project Roles","pages":[{"title":"Create","description":"Create a project role","openapi":"POST /api/v1/workspace/{projectSlug}/roles","href":"/api-reference/endpoints/project-roles/create"},{"title":"Update","description":"Update a project role","openapi":"PATCH /api/v1/workspace/{projectSlug}/roles/{roleId}","href":"/api-reference/endpoints/project-roles/update"},{"title":"Delete","description":"Delete a project role","openapi":"DELETE /api/v1/workspace/{projectSlug}/roles/{roleId}","href":"/api-reference/endpoints/project-roles/delete"},{"title":"Get By Slug","description":null,"openapi":"GET /api/v1/workspace/{projectSlug}/roles/slug/{slug}","href":"/api-reference/endpoints/project-roles/get-by-slug"},{"title":"List","description":"List project role","openapi":"GET /api/v1/workspace/{projectSlug}/roles","href":"/api-reference/endpoints/project-roles/list"}]},{"group":"Project Templates","pages":[{"title":"Create","description":"Create a project template.","openapi":"POST /api/v1/project-templates","href":"/api-reference/endpoints/project-templates/create"},{"title":"Update","description":"Update a project template.","openapi":"PATCH /api/v1/project-templates/{templateId}","href":"/api-reference/endpoints/project-templates/update"},{"title":"Delete","description":"Delete a project template.","openapi":"DELETE /api/v1/project-templates/{templateId}","href":"/api-reference/endpoints/project-templates/delete"},{"title":"Get By ID","description":"Get a project template by ID.","openapi":"GET /api/v1/project-templates/{templateId}","href":"/api-reference/endpoints/project-templates/get-by-id"},{"title":"List","description":"List project templates for the current organization.","openapi":"GET /api/v1/project-templates","href":"/api-reference/endpoints/project-templates/list"}]},{"group":"Environments","pages":[{"title":"Create","description":"Create environment","openapi":"POST /api/v1/workspace/{workspaceId}/environments","href":"/api-reference/endpoints/environments/create"},{"title":"Update","description":"Update environment","openapi":"PATCH /api/v1/workspace/{workspaceId}/environments/{id}","href":"/api-reference/endpoints/environments/update"},{"title":"Delete","description":"Delete environment","openapi":"DELETE /api/v1/workspace/{workspaceId}/environments/{id}","href":"/api-reference/endpoints/environments/delete"}]},{"group":"Folders","pages":[{"title":"List","description":"Get folders","openapi":"GET /api/v1/folders","href":"/api-reference/endpoints/folders/list"},{"title":"Get by ID","description":"Get folder by id","openapi":"GET /api/v1/folders/{id}","href":"/api-reference/endpoints/folders/get-by-id"},{"title":"Create","description":"Create folders","openapi":"POST /api/v1/folders","href":"/api-reference/endpoints/folders/create"},{"title":"Update","description":"Update folder","openapi":"PATCH /api/v1/folders/{folderId}","href":"/api-reference/endpoints/folders/update"},{"title":"Delete","description":"Delete a folder","openapi":"DELETE /api/v1/folders/{folderIdOrName}","href":"/api-reference/endpoints/folders/delete"}]},{"group":"Secret Tags","pages":[{"title":"List","description":null,"openapi":"GET /api/v1/workspace/{projectId}/tags","href":"/api-reference/endpoints/secret-tags/list"},{"title":"Get By ID","description":null,"openapi":"GET /api/v1/workspace/{projectId}/tags/{tagId}","href":"/api-reference/endpoints/secret-tags/get-by-id"},{"title":"Get By Slug","description":null,"openapi":"GET /api/v1/workspace/{projectId}/tags/slug/{tagSlug}","href":"/api-reference/endpoints/secret-tags/get-by-slug"},{"title":"Create","description":null,"openapi":"POST /api/v1/workspace/{projectId}/tags","href":"/api-reference/endpoints/secret-tags/create"},{"title":"Update","description":null,"openapi":"PATCH /api/v1/workspace/{projectId}/tags/{tagId}","href":"/api-reference/endpoints/secret-tags/update"},{"title":"Delete","description":null,"openapi":"DELETE /api/v1/workspace/{projectId}/tags/{tagId}","href":"/api-reference/endpoints/secret-tags/delete"}]},{"group":"Secrets","pages":[{"title":"List","description":"List secrets","openapi":"GET /api/v3/secrets/raw","href":"/api-reference/endpoints/secrets/list"},{"title":"Create","description":"Create secret","openapi":"POST /api/v3/secrets/raw/{secretName}","href":"/api-reference/endpoints/secrets/create"},{"title":"Retrieve","description":"Get a secret by name","openapi":"GET /api/v3/secrets/raw/{secretName}","href":"/api-reference/endpoints/secrets/read"},{"title":"Update","description":"Update secret","openapi":"PATCH /api/v3/secrets/raw/{secretName}","href":"/api-reference/endpoints/secrets/update"},{"title":"Delete","description":"Delete secret","openapi":"DELETE /api/v3/secrets/raw/{secretName}","href":"/api-reference/endpoints/secrets/delete"},{"title":"Bulk Create","description":"Create many secrets","openapi":"POST /api/v3/secrets/batch/raw","href":"/api-reference/endpoints/secrets/create-many"},{"title":"Bulk Update","description":"Update many secrets","openapi":"PATCH /api/v3/secrets/batch/raw","href":"/api-reference/endpoints/secrets/update-many"},{"title":"Bulk Delete","description":"Delete many secrets","openapi":"DELETE /api/v3/secrets/batch/raw","href":"/api-reference/endpoints/secrets/delete-many"},{"title":"Attach tags","description":"Attach tags to a secret","openapi":"POST /api/v3/secrets/tags/{secretName}","href":"/api-reference/endpoints/secrets/attach-tags"},{"title":"Detach tags","description":"Detach tags from a secret","openapi":"DELETE /api/v3/secrets/tags/{secretName}","href":"/api-reference/endpoints/secrets/detach-tags"}]},{"group":"Dynamic Secrets","pages":[{"title":"Create","description":null,"openapi":"POST /api/v1/dynamic-secrets","href":"/api-reference/endpoints/dynamic-secrets/create"},{"title":"Update","description":null,"openapi":"PATCH /api/v1/dynamic-secrets/{name}","href":"/api-reference/endpoints/dynamic-secrets/update"},{"title":"Delete","description":null,"openapi":"DELETE /api/v1/dynamic-secrets/{name}","href":"/api-reference/endpoints/dynamic-secrets/delete"},{"title":"Get","description":null,"openapi":"GET /api/v1/dynamic-secrets/{name}","href":"/api-reference/endpoints/dynamic-secrets/get"},{"title":"List","description":null,"openapi":"GET /api/v1/dynamic-secrets","href":"/api-reference/endpoints/dynamic-secrets/list"},{"title":"List Leases","description":null,"openapi":"GET /api/v1/dynamic-secrets/{name}/leases","href":"/api-reference/endpoints/dynamic-secrets/list-leases"},{"title":"Create Lease","description":null,"openapi":"POST /api/v1/dynamic-secrets/leases","href":"/api-reference/endpoints/dynamic-secrets/create-lease"},{"title":"Delete Lease","description":null,"openapi":"DELETE /api/v1/dynamic-secrets/leases/{leaseId}","href":"/api-reference/endpoints/dynamic-secrets/delete-lease"},{"title":"Renew Lease","description":null,"openapi":"POST /api/v1/dynamic-secrets/leases/{leaseId}/renew","href":"/api-reference/endpoints/dynamic-secrets/renew-lease"},{"title":"Get Lease","description":null,"openapi":"GET /api/v1/dynamic-secrets/leases/{leaseId}","href":"/api-reference/endpoints/dynamic-secrets/get-lease"}]},{"group":"Secret Imports","pages":[{"title":"List","description":"Get secret imports","openapi":"GET /api/v1/secret-imports","href":"/api-reference/endpoints/secret-imports/list"},{"title":"Create","description":"Create secret imports","openapi":"POST /api/v1/secret-imports","href":"/api-reference/endpoints/secret-imports/create"},{"title":"Update","description":"Update secret imports","openapi":"PATCH /api/v1/secret-imports/{secretImportId}","href":"/api-reference/endpoints/secret-imports/update"},{"title":"Delete","description":"Delete secret imports","openapi":"DELETE /api/v1/secret-imports/{secretImportId}","href":"/api-reference/endpoints/secret-imports/delete"}]},{"group":"Identity Specific Privilege","pages":[{"title":"Create Permanent","description":"Create a permanent or a non expiry specific privilege for identity.","openapi":"POST /api/v1/additional-privilege/identity/permanent","href":"/api-reference/endpoints/identity-specific-privilege/create-permanent"},{"title":"Create Temporary","description":"Create a temporary or a expiring specific privilege for identity.","openapi":"POST /api/v1/additional-privilege/identity/temporary","href":"/api-reference/endpoints/identity-specific-privilege/create-temporary"},{"title":"Update","description":"Update a specific privilege of an identity.","openapi":"PATCH /api/v1/additional-privilege/identity","href":"/api-reference/endpoints/identity-specific-privilege/update"},{"title":"Delete","description":"Delete a specific privilege of an identity.","openapi":"DELETE /api/v1/additional-privilege/identity","href":"/api-reference/endpoints/identity-specific-privilege/delete"},{"title":"Find By Privilege Slug","description":"Retrieve details of a specific privilege by privilege slug.","openapi":"GET /api/v1/additional-privilege/identity/{privilegeSlug}","href":"/api-reference/endpoints/identity-specific-privilege/find-by-slug"},{"title":"List","description":"List of a specific privilege of an identity in a project.","openapi":"GET /api/v1/additional-privilege/identity","href":"/api-reference/endpoints/identity-specific-privilege/list"}]},{"group":"App Connections","pages":[{"title":"List","description":"List all the App Connections for the current organization.","openapi":"GET /api/v1/app-connections","href":"/api-reference/endpoints/app-connections/list"},{"title":"Options","description":"List the available App Connection Options.","openapi":"GET /api/v1/app-connections/options","href":"/api-reference/endpoints/app-connections/options"},{"group":"AWS","pages":[{"title":"List","description":"List the AWS Connections for the current organization.","openapi":"GET /api/v1/app-connections/aws","href":"/api-reference/endpoints/app-connections/aws/list"},{"title":"Available","description":"List the AWS Connections the current user has permission to establish connections with.","openapi":"GET /api/v1/app-connections/aws/available","href":"/api-reference/endpoints/app-connections/aws/available"},{"title":"Get by ID","description":"Get the specified AWS Connection by ID.","openapi":"GET /api/v1/app-connections/aws/{connectionId}","href":"/api-reference/endpoints/app-connections/aws/get-by-id"},{"title":"Get by Name","description":"Get the specified AWS Connection by name.","openapi":"GET /api/v1/app-connections/aws/connection-name/{connectionName}","href":"/api-reference/endpoints/app-connections/aws/get-by-name"},{"title":"Create","description":"Create an AWS Connection for the current organization.","openapi":"POST /api/v1/app-connections/aws","href":"/api-reference/endpoints/app-connections/aws/create"},{"title":"Update","description":"Update the specified AWS Connection.","openapi":"PATCH /api/v1/app-connections/aws/{connectionId}","href":"/api-reference/endpoints/app-connections/aws/update"},{"title":"Delete","description":"Delete the specified AWS Connection.","openapi":"DELETE /api/v1/app-connections/aws/{connectionId}","href":"/api-reference/endpoints/app-connections/aws/delete"}]},{"group":"Azure App Configuration","pages":[{"title":"List","description":"List the Azure App Configuration Connections for the current organization.","openapi":"GET /api/v1/app-connections/azure-app-configuration","href":"/api-reference/endpoints/app-connections/azure-app-configuration/list"},{"title":"Available","description":"List the Azure App Configuration Connections the current user has permission to establish connections with.","openapi":"GET /api/v1/app-connections/azure-app-configuration/available","href":"/api-reference/endpoints/app-connections/azure-app-configuration/available"},{"title":"Get by ID","description":"Get the specified Azure App Configuration Connection by ID.","openapi":"GET /api/v1/app-connections/azure-app-configuration/{connectionId}","href":"/api-reference/endpoints/app-connections/azure-app-configuration/get-by-id"},{"title":"Get by Name","description":"Get the specified Azure App Configuration Connection by name.","openapi":"GET /api/v1/app-connections/azure-app-configuration/connection-name/{connectionName}","href":"/api-reference/endpoints/app-connections/azure-app-configuration/get-by-name"},{"title":"Create","description":"Create an Azure App Configuration Connection for the current organization.","openapi":"POST /api/v1/app-connections/azure-app-configuration","href":"/api-reference/endpoints/app-connections/azure-app-configuration/create"},{"title":"Update","description":"Update the specified Azure App Configuration Connection.","openapi":"PATCH /api/v1/app-connections/azure-app-configuration/{connectionId}","href":"/api-reference/endpoints/app-connections/azure-app-configuration/update"},{"title":"Delete","description":"Delete the specified Azure App Configuration Connection.","openapi":"DELETE /api/v1/app-connections/azure-app-configuration/{connectionId}","href":"/api-reference/endpoints/app-connections/azure-app-configuration/delete"}]},{"group":"Azure Key Vault","pages":[{"title":"List","description":"List the Azure Key Vault Connections for the current organization.","openapi":"GET /api/v1/app-connections/azure-key-vault","href":"/api-reference/endpoints/app-connections/azure-key-vault/list"},{"title":"Available","description":"List the Azure Key Vault Connections the current user has permission to establish connections with.","openapi":"GET /api/v1/app-connections/azure-key-vault/available","href":"/api-reference/endpoints/app-connections/azure-key-vault/available"},{"title":"Get by ID","description":"Get the specified Azure Key Vault Connection by ID.","openapi":"GET /api/v1/app-connections/azure-key-vault/{connectionId}","href":"/api-reference/endpoints/app-connections/azure-key-vault/get-by-id"},{"title":"Get by Name","description":"Get the specified Azure Key Vault Connection by name.","openapi":"GET /api/v1/app-connections/azure-key-vault/connection-name/{connectionName}","href":"/api-reference/endpoints/app-connections/azure-key-vault/get-by-name"},{"title":"Create","description":"Create an Azure Key Vault Connection for the current organization.","openapi":"POST /api/v1/app-connections/azure-key-vault","href":"/api-reference/endpoints/app-connections/azure-key-vault/create"},{"title":"Update","description":"Update the specified Azure Key Vault Connection.","openapi":"PATCH /api/v1/app-connections/azure-key-vault/{connectionId}","href":"/api-reference/endpoints/app-connections/azure-key-vault/update"},{"title":"Delete","description":"Delete the specified Azure Key Vault Connection.","openapi":"DELETE /api/v1/app-connections/azure-key-vault/{connectionId}","href":"/api-reference/endpoints/app-connections/azure-key-vault/delete"}]},{"group":"Databricks","pages":[{"title":"List","description":"List the Databricks Connections for the current organization.","openapi":"GET /api/v1/app-connections/databricks","href":"/api-reference/endpoints/app-connections/databricks/list"},{"title":"Available","description":"List the Databricks Connections the current user has permission to establish connections with.","openapi":"GET /api/v1/app-connections/databricks/available","href":"/api-reference/endpoints/app-connections/databricks/available"},{"title":"Get by ID","description":"Get the specified Databricks Connection by ID.","openapi":"GET /api/v1/app-connections/databricks/{connectionId}","href":"/api-reference/endpoints/app-connections/databricks/get-by-id"},{"title":"Get by Name","description":"Get the specified Databricks Connection by name.","openapi":"GET /api/v1/app-connections/databricks/connection-name/{connectionName}","href":"/api-reference/endpoints/app-connections/databricks/get-by-name"},{"title":"Create","description":"Create a Databricks Connection for the current organization.","openapi":"POST /api/v1/app-connections/databricks","href":"/api-reference/endpoints/app-connections/databricks/create"},{"title":"Update","description":"Update the specified Databricks Connection.","openapi":"PATCH /api/v1/app-connections/databricks/{connectionId}","href":"/api-reference/endpoints/app-connections/databricks/update"},{"title":"Delete","description":"Delete the specified Databricks Connection.","openapi":"DELETE /api/v1/app-connections/databricks/{connectionId}","href":"/api-reference/endpoints/app-connections/databricks/delete"}]},{"group":"GCP","pages":[{"title":"List","description":"List the GCP Connections for the current organization.","openapi":"GET /api/v1/app-connections/gcp","href":"/api-reference/endpoints/app-connections/gcp/list"},{"title":"Available","description":"List the GCP Connections the current user has permission to establish connections with.","openapi":"GET /api/v1/app-connections/gcp/available","href":"/api-reference/endpoints/app-connections/gcp/available"},{"title":"Get by ID","description":"Get the specified GCP Connection by ID.","openapi":"GET /api/v1/app-connections/gcp/{connectionId}","href":"/api-reference/endpoints/app-connections/gcp/get-by-id"},{"title":"Get by Name","description":"Get the specified GCP Connection by name.","openapi":"GET /api/v1/app-connections/gcp/connection-name/{connectionName}","href":"/api-reference/endpoints/app-connections/gcp/get-by-name"},{"title":"Create","description":"Create a GCP Connection for the current organization.","openapi":"POST /api/v1/app-connections/gcp","href":"/api-reference/endpoints/app-connections/gcp/create"},{"title":"Update","description":"Update the specified GCP Connection.","openapi":"PATCH /api/v1/app-connections/gcp/{connectionId}","href":"/api-reference/endpoints/app-connections/gcp/update"},{"title":"Delete","description":"Delete the specified GCP Connection.","openapi":"DELETE /api/v1/app-connections/gcp/{connectionId}","href":"/api-reference/endpoints/app-connections/gcp/delete"}]},{"group":"GitHub","pages":[{"title":"List","description":"List the GitHub Connections for the current organization.","openapi":"GET /api/v1/app-connections/github","href":"/api-reference/endpoints/app-connections/github/list"},{"title":"Available","description":"List the GitHub Connections the current user has permission to establish connections with.","openapi":"GET /api/v1/app-connections/github/available","href":"/api-reference/endpoints/app-connections/github/available"},{"title":"Get by ID","description":"Get the specified GitHub Connection by ID.","openapi":"GET /api/v1/app-connections/github/{connectionId}","href":"/api-reference/endpoints/app-connections/github/get-by-id"},{"title":"Get by Name","description":"Get the specified GitHub Connection by name.","openapi":"GET /api/v1/app-connections/github/connection-name/{connectionName}","href":"/api-reference/endpoints/app-connections/github/get-by-name"},{"title":"Create","description":"Create a GitHub Connection for the current organization.","openapi":"POST /api/v1/app-connections/github","href":"/api-reference/endpoints/app-connections/github/create"},{"title":"Update","description":"Update the specified GitHub Connection.","openapi":"PATCH /api/v1/app-connections/github/{connectionId}","href":"/api-reference/endpoints/app-connections/github/update"},{"title":"Delete","description":"Delete the specified GitHub Connection.","openapi":"DELETE /api/v1/app-connections/github/{connectionId}","href":"/api-reference/endpoints/app-connections/github/delete"}]}]},{"group":"Secret Syncs","pages":[{"title":"List","description":"List all the Secret Syncs for the specified project.","openapi":"GET /api/v1/secret-syncs","href":"/api-reference/endpoints/secret-syncs/list"},{"title":"Options","description":"List the available Secret Sync Options.","openapi":"GET /api/v1/secret-syncs/options","href":"/api-reference/endpoints/secret-syncs/options"},{"group":"AWS Parameter Store","pages":[{"title":"List","description":"List the AWS Parameter Store Syncs for the specified project.","openapi":"GET /api/v1/secret-syncs/aws-parameter-store","href":"/api-reference/endpoints/secret-syncs/aws-parameter-store/list"},{"title":"Get by ID","description":"Get the specified AWS Parameter Store Sync by ID.","openapi":"GET /api/v1/secret-syncs/aws-parameter-store/{syncId}","href":"/api-reference/endpoints/secret-syncs/aws-parameter-store/get-by-id"},{"title":"Get by Name","description":"Get the specified AWS Parameter Store Sync by name and project ID.","openapi":"GET /api/v1/secret-syncs/aws-parameter-store/sync-name/{syncName}","href":"/api-reference/endpoints/secret-syncs/aws-parameter-store/get-by-name"},{"title":"Create","description":"Create an AWS Parameter Store Sync for the specified project environment.","openapi":"POST /api/v1/secret-syncs/aws-parameter-store","href":"/api-reference/endpoints/secret-syncs/aws-parameter-store/create"},{"title":"Update","description":"Update the specified AWS Parameter Store Sync.","openapi":"PATCH /api/v1/secret-syncs/aws-parameter-store/{syncId}","href":"/api-reference/endpoints/secret-syncs/aws-parameter-store/update"},{"title":"Delete","description":"Delete the specified AWS Parameter Store Sync.","openapi":"DELETE /api/v1/secret-syncs/aws-parameter-store/{syncId}","href":"/api-reference/endpoints/secret-syncs/aws-parameter-store/delete"},{"title":"Sync Secrets","description":"Trigger a sync for the specified AWS Parameter Store Sync.","openapi":"POST /api/v1/secret-syncs/aws-parameter-store/{syncId}/sync-secrets","href":"/api-reference/endpoints/secret-syncs/aws-parameter-store/sync-secrets"},{"title":"Import Secrets","description":"Import secrets from the specified AWS Parameter Store Sync destination.","openapi":"POST /api/v1/secret-syncs/aws-parameter-store/{syncId}/import-secrets","href":"/api-reference/endpoints/secret-syncs/aws-parameter-store/import-secrets"},{"title":"Remove Secrets","description":"Remove previously synced secrets from the specified AWS Parameter Store Sync destination.","openapi":"POST /api/v1/secret-syncs/aws-parameter-store/{syncId}/remove-secrets","href":"/api-reference/endpoints/secret-syncs/aws-parameter-store/remove-secrets"}]},{"group":"AWS Secrets Manager","pages":[{"title":"List","description":"List the AWS Secrets Manager Syncs for the specified project.","openapi":"GET /api/v1/secret-syncs/aws-secrets-manager","href":"/api-reference/endpoints/secret-syncs/aws-secrets-manager/list"},{"title":"Get by ID","description":"Get the specified AWS Secrets Manager Sync by ID.","openapi":"GET /api/v1/secret-syncs/aws-secrets-manager/{syncId}","href":"/api-reference/endpoints/secret-syncs/aws-secrets-manager/get-by-id"},{"title":"Get by Name","description":"Get the specified AWS Secrets Manager Sync by name and project ID.","openapi":"GET /api/v1/secret-syncs/aws-secrets-manager/sync-name/{syncName}","href":"/api-reference/endpoints/secret-syncs/aws-secrets-manager/get-by-name"},{"title":"Create","description":"Create an AWS Secrets Manager Sync for the specified project environment.","openapi":"POST /api/v1/secret-syncs/aws-secrets-manager","href":"/api-reference/endpoints/secret-syncs/aws-secrets-manager/create"},{"title":"Update","description":"Update the specified AWS Secrets Manager Sync.","openapi":"PATCH /api/v1/secret-syncs/aws-secrets-manager/{syncId}","href":"/api-reference/endpoints/secret-syncs/aws-secrets-manager/update"},{"title":"Delete","description":"Delete the specified AWS Secrets Manager Sync.","openapi":"DELETE /api/v1/secret-syncs/aws-secrets-manager/{syncId}","href":"/api-reference/endpoints/secret-syncs/aws-secrets-manager/delete"},{"title":"Sync Secrets","description":"Trigger a sync for the specified AWS Secrets Manager Sync.","openapi":"POST /api/v1/secret-syncs/aws-secrets-manager/{syncId}/sync-secrets","href":"/api-reference/endpoints/secret-syncs/aws-secrets-manager/sync-secrets"},{"title":"Import Secrets","description":"Import secrets from the specified AWS Secrets Manager Sync destination.","openapi":"POST /api/v1/secret-syncs/aws-secrets-manager/{syncId}/import-secrets","href":"/api-reference/endpoints/secret-syncs/aws-secrets-manager/import-secrets"},{"title":"Remove Secrets","description":"Remove previously synced secrets from the specified AWS Secrets Manager Sync destination.","openapi":"POST /api/v1/secret-syncs/aws-secrets-manager/{syncId}/remove-secrets","href":"/api-reference/endpoints/secret-syncs/aws-secrets-manager/remove-secrets"}]},{"group":"Azure App Configuration","pages":[{"title":"List","description":"List the Azure App Configuration Syncs for the specified project.","openapi":"GET /api/v1/secret-syncs/azure-app-configuration","href":"/api-reference/endpoints/secret-syncs/azure-app-configuration/list"},{"title":"Get by ID","description":"Get the specified Azure App Configuration Sync by ID.","openapi":"GET /api/v1/secret-syncs/azure-app-configuration/{syncId}","href":"/api-reference/endpoints/secret-syncs/azure-app-configuration/get-by-id"},{"title":"Get by Name","description":"Get the specified Azure App Configuration Sync by name and project ID.","openapi":"GET /api/v1/secret-syncs/azure-app-configuration/sync-name/{syncName}","href":"/api-reference/endpoints/secret-syncs/azure-app-configuration/get-by-name"},{"title":"Create","description":"Create an Azure App Configuration Sync for the specified project environment.","openapi":"POST /api/v1/secret-syncs/azure-app-configuration","href":"/api-reference/endpoints/secret-syncs/azure-app-configuration/create"},{"title":"Update","description":"Update the specified Azure App Configuration Sync.","openapi":"PATCH /api/v1/secret-syncs/azure-app-configuration/{syncId}","href":"/api-reference/endpoints/secret-syncs/azure-app-configuration/update"},{"title":"Delete","description":"Delete the specified Azure App Configuration Sync.","openapi":"DELETE /api/v1/secret-syncs/azure-app-configuration/{syncId}","href":"/api-reference/endpoints/secret-syncs/azure-app-configuration/delete"},{"title":"Sync Secrets","description":"Trigger a sync for the specified Azure App Configuration Sync.","openapi":"POST /api/v1/secret-syncs/azure-app-configuration/{syncId}/sync-secrets","href":"/api-reference/endpoints/secret-syncs/azure-app-configuration/sync-secrets"},{"title":"Import Secrets","description":"Import secrets from the specified Azure App Configuration Sync destination.","openapi":"POST /api/v1/secret-syncs/azure-app-configuration/{syncId}/import-secrets","href":"/api-reference/endpoints/secret-syncs/azure-app-configuration/import-secrets"},{"title":"Remove Secrets","description":"Remove previously synced secrets from the specified Azure App Configuration Sync destination.","openapi":"POST /api/v1/secret-syncs/azure-app-configuration/{syncId}/remove-secrets","href":"/api-reference/endpoints/secret-syncs/azure-app-configuration/remove-secrets"}]},{"group":"Azure Key Vault","pages":[{"title":"List","description":"List the Azure Key Vault Syncs for the specified project.","openapi":"GET /api/v1/secret-syncs/azure-key-vault","href":"/api-reference/endpoints/secret-syncs/azure-key-vault/list"},{"title":"Get by ID","description":"Get the specified Azure Key Vault Sync by ID.","openapi":"GET /api/v1/secret-syncs/azure-key-vault/{syncId}","href":"/api-reference/endpoints/secret-syncs/azure-key-vault/get-by-id"},{"title":"Get by Name","description":"Get the specified Azure Key Vault Sync by name and project ID.","openapi":"GET /api/v1/secret-syncs/azure-key-vault/sync-name/{syncName}","href":"/api-reference/endpoints/secret-syncs/azure-key-vault/get-by-name"},{"title":"Create","description":"Create an Azure Key Vault Sync for the specified project environment.","openapi":"POST /api/v1/secret-syncs/azure-key-vault","href":"/api-reference/endpoints/secret-syncs/azure-key-vault/create"},{"title":"Update","description":"Update the specified Azure Key Vault Sync.","openapi":"PATCH /api/v1/secret-syncs/azure-key-vault/{syncId}","href":"/api-reference/endpoints/secret-syncs/azure-key-vault/update"},{"title":"Delete","description":"Delete the specified Azure Key Vault Sync.","openapi":"DELETE /api/v1/secret-syncs/azure-key-vault/{syncId}","href":"/api-reference/endpoints/secret-syncs/azure-key-vault/delete"},{"title":"Sync Secrets","description":"Trigger a sync for the specified Azure Key Vault Sync.","openapi":"POST /api/v1/secret-syncs/azure-key-vault/{syncId}/sync-secrets","href":"/api-reference/endpoints/secret-syncs/azure-key-vault/sync-secrets"},{"title":"Import Secrets","description":"Import secrets from the specified Azure Key Vault Sync destination.","openapi":"POST /api/v1/secret-syncs/azure-key-vault/{syncId}/import-secrets","href":"/api-reference/endpoints/secret-syncs/azure-key-vault/import-secrets"},{"title":"Remove Secrets","description":"Remove previously synced secrets from the specified Azure Key Vault Sync destination.","openapi":"POST /api/v1/secret-syncs/azure-key-vault/{syncId}/remove-secrets","href":"/api-reference/endpoints/secret-syncs/azure-key-vault/remove-secrets"}]},{"group":"Databricks","pages":[{"title":"List","description":"List the Databricks Syncs for the specified project.","openapi":"GET /api/v1/secret-syncs/databricks","href":"/api-reference/endpoints/secret-syncs/databricks/list"},{"title":"Get by ID","description":"Get the specified Databricks Sync by ID.","openapi":"GET /api/v1/secret-syncs/databricks/{syncId}","href":"/api-reference/endpoints/secret-syncs/databricks/get-by-id"},{"title":"Get by Name","description":"Get the specified Databricks Sync by name and project ID.","openapi":"GET /api/v1/secret-syncs/databricks/sync-name/{syncName}","href":"/api-reference/endpoints/secret-syncs/databricks/get-by-name"},{"title":"Create","description":"Create a Databricks Sync for the specified project environment.","openapi":"POST /api/v1/secret-syncs/databricks","href":"/api-reference/endpoints/secret-syncs/databricks/create"},{"title":"Update","description":"Update the specified Databricks Sync.","openapi":"PATCH /api/v1/secret-syncs/databricks/{syncId}","href":"/api-reference/endpoints/secret-syncs/databricks/update"},{"title":"Delete","description":"Delete the specified Databricks Sync.","openapi":"DELETE /api/v1/secret-syncs/databricks/{syncId}","href":"/api-reference/endpoints/secret-syncs/databricks/delete"},{"title":"Sync Secrets","description":"Trigger a sync for the specified Databricks Sync.","openapi":"POST /api/v1/secret-syncs/databricks/{syncId}/sync-secrets","href":"/api-reference/endpoints/secret-syncs/databricks/sync-secrets"},{"title":"Remove Secrets","description":"Remove previously synced secrets from the specified Databricks Sync destination.","openapi":"POST /api/v1/secret-syncs/databricks/{syncId}/remove-secrets","href":"/api-reference/endpoints/secret-syncs/databricks/remove-secrets"}]},{"group":"GCP Secret Manager","pages":[{"title":"List","description":"List the GCP Secret Manager Syncs for the specified project.","openapi":"GET /api/v1/secret-syncs/gcp-secret-manager","href":"/api-reference/endpoints/secret-syncs/gcp-secret-manager/list"},{"title":"Get by ID","description":"Get the specified GCP Secret Manager Sync by ID.","openapi":"GET /api/v1/secret-syncs/gcp-secret-manager/{syncId}","href":"/api-reference/endpoints/secret-syncs/gcp-secret-manager/get-by-id"},{"title":"Get by Name","description":"Get the specified GCP Secret Manager Sync by name and project ID.","openapi":"GET /api/v1/secret-syncs/gcp-secret-manager/sync-name/{syncName}","href":"/api-reference/endpoints/secret-syncs/gcp-secret-manager/get-by-name"},{"title":"Create","description":"Create a GCP Secret Manager Sync for the specified project environment.","openapi":"POST /api/v1/secret-syncs/gcp-secret-manager","href":"/api-reference/endpoints/secret-syncs/gcp-secret-manager/create"},{"title":"Update","description":"Update the specified GCP Secret Manager Sync.","openapi":"PATCH /api/v1/secret-syncs/gcp-secret-manager/{syncId}","href":"/api-reference/endpoints/secret-syncs/gcp-secret-manager/update"},{"title":"Delete","description":"Delete the specified GCP Secret Manager Sync.","openapi":"DELETE /api/v1/secret-syncs/gcp-secret-manager/{syncId}","href":"/api-reference/endpoints/secret-syncs/gcp-secret-manager/delete"},{"title":"Sync Secrets","description":"Trigger a sync for the specified GCP Secret Manager Sync.","openapi":"POST /api/v1/secret-syncs/gcp-secret-manager/{syncId}/sync-secrets","href":"/api-reference/endpoints/secret-syncs/gcp-secret-manager/sync-secrets"},{"title":"Import Secrets","description":"Import secrets from the specified GCP Secret Manager Sync destination.","openapi":"POST /api/v1/secret-syncs/gcp-secret-manager/{syncId}/import-secrets","href":"/api-reference/endpoints/secret-syncs/gcp-secret-manager/import-secrets"},{"title":"Remove Secrets","description":"Remove previously synced secrets from the specified GCP Secret Manager Sync destination.","openapi":"POST /api/v1/secret-syncs/gcp-secret-manager/{syncId}/remove-secrets","href":"/api-reference/endpoints/secret-syncs/gcp-secret-manager/remove-secrets"}]},{"group":"GitHub","pages":[{"title":"List","description":"List the GitHub Syncs for the specified project.","openapi":"GET /api/v1/secret-syncs/github","href":"/api-reference/endpoints/secret-syncs/github/list"},{"title":"Get by ID","description":"Get the specified GitHub Sync by ID.","openapi":"GET /api/v1/secret-syncs/github/{syncId}","href":"/api-reference/endpoints/secret-syncs/github/get-by-id"},{"title":"Get by Name","description":"Get the specified GitHub Sync by name and project ID.","openapi":"GET /api/v1/secret-syncs/github/sync-name/{syncName}","href":"/api-reference/endpoints/secret-syncs/github/get-by-name"},{"title":"Create","description":"Create a GitHub Sync for the specified project environment.","openapi":"POST /api/v1/secret-syncs/github","href":"/api-reference/endpoints/secret-syncs/github/create"},{"title":"Update","description":"Update the specified GitHub Sync.","openapi":"PATCH /api/v1/secret-syncs/github/{syncId}","href":"/api-reference/endpoints/secret-syncs/github/update"},{"title":"Delete","description":"Delete the specified GitHub Sync.","openapi":"DELETE /api/v1/secret-syncs/github/{syncId}","href":"/api-reference/endpoints/secret-syncs/github/delete"},{"title":"Sync Secrets","description":"Trigger a sync for the specified GitHub Sync.","openapi":"POST /api/v1/secret-syncs/github/{syncId}/sync-secrets","href":"/api-reference/endpoints/secret-syncs/github/sync-secrets"},{"title":"Remove Secrets","description":"Remove previously synced secrets from the specified GitHub Sync destination.","openapi":"POST /api/v1/secret-syncs/github/{syncId}/remove-secrets","href":"/api-reference/endpoints/secret-syncs/github/remove-secrets"}]}]},{"group":"Integrations","pages":[{"title":"Create Auth","description":"Create the integration authentication object required for syncing secrets.","openapi":"POST /api/v1/integration-auth/access-token","href":"/api-reference/endpoints/integrations/create-auth"},{"title":"List Auth","description":"List integration auth objects for a workspace.","openapi":"GET /api/v1/workspace/{workspaceId}/authorizations","href":"/api-reference/endpoints/integrations/list-auth"},{"title":"Get Auth By ID","description":"Get details of an integration authorization by auth object id.","openapi":"GET /api/v1/integration-auth/{integrationAuthId}","href":"/api-reference/endpoints/integrations/find-auth"},{"title":"Delete Auth","description":"Remove all integration's auth object from the project.","openapi":"DELETE /api/v1/integration-auth","href":"/api-reference/endpoints/integrations/delete-auth"},{"title":"Delete Auth By ID","description":"Remove an integration auth object by object id.","openapi":"DELETE /api/v1/integration-auth/{integrationAuthId}","href":"/api-reference/endpoints/integrations/delete-auth-by-id"},{"title":"Create","description":"Create an integration to sync secrets.","openapi":"POST /api/v1/integration","href":"/api-reference/endpoints/integrations/create"},{"title":"Update","description":"Update an integration by integration id","openapi":"PATCH /api/v1/integration/{integrationId}","href":"/api-reference/endpoints/integrations/update"},{"title":"Delete","description":"Remove an integration using the integration object ID","openapi":"DELETE /api/v1/integration/{integrationId}","href":"/api-reference/endpoints/integrations/delete"},{"title":"List Project Integrations","description":"List integrations for a project.","openapi":"GET /api/v1/workspace/{workspaceId}/integrations","href":"/api-reference/endpoints/integrations/list-project-integrations"}]},{"group":"Service Tokens","pages":[{"title":"Get","description":"Return Infisical Token data","openapi":"GET /api/v2/service-token","href":"/api-reference/endpoints/service-tokens/get"}]},{"group":"Audit Logs","pages":[{"title":"Export","description":"Get all audit logs for an organization","openapi":"GET /api/v1/organization/audit-logs","href":"/api-reference/endpoints/audit-logs/export-audit-log"}]}]},{"group":"Infisical PKI","pages":[{"group":"Certificate Authorities","pages":[{"title":"List","description":null,"openapi":"GET /api/v2/workspace/{slug}/cas","href":"/api-reference/endpoints/certificate-authorities/list"},{"title":"Create","description":"Create CA","openapi":"POST /api/v1/pki/ca","href":"/api-reference/endpoints/certificate-authorities/create"},{"title":"Retrieve","description":"Get CA","openapi":"GET /api/v1/pki/ca/{caId}","href":"/api-reference/endpoints/certificate-authorities/read"},{"title":"Update","description":"Update CA","openapi":"PATCH /api/v1/pki/ca/{caId}","href":"/api-reference/endpoints/certificate-authorities/update"},{"title":"Delete","description":"Delete CA","openapi":"DELETE /api/v1/pki/ca/{caId}","href":"/api-reference/endpoints/certificate-authorities/delete"},{"title":"Renew","description":"Perform CA certificate renewal","openapi":"POST /api/v1/pki/ca/{caId}/renew","href":"/api-reference/endpoints/certificate-authorities/renew"},{"title":"List CA certificates","description":"Get list of past and current CA certificates for a CA","openapi":"GET /api/v1/pki/ca/{caId}/ca-certificates","href":"/api-reference/endpoints/certificate-authorities/list-ca-certs"},{"title":"Get CSR","description":"Get CA CSR","openapi":"GET /api/v1/pki/ca/{caId}/csr","href":"/api-reference/endpoints/certificate-authorities/csr"},{"title":"Retrieve certificate / chain","description":"Get current CA cert and cert chain of a CA","openapi":"GET /api/v1/pki/ca/{caId}/certificate","href":"/api-reference/endpoints/certificate-authorities/cert"},{"title":"Sign intermediate certificate","description":"Create intermediate CA certificate from parent CA","openapi":"POST /api/v1/pki/ca/{caId}/sign-intermediate","href":"/api-reference/endpoints/certificate-authorities/sign-intermediate"},{"title":"Import certificate","description":"Import certificate and chain to CA","openapi":"POST /api/v1/pki/ca/{caId}/import-certificate","href":"/api-reference/endpoints/certificate-authorities/import-cert"},{"title":"Issue certificate","description":"Issue certificate from CA","openapi":"POST /api/v1/pki/ca/{caId}/issue-certificate","href":"/api-reference/endpoints/certificate-authorities/issue-cert"},{"title":"Sign certificate","description":"Sign certificate from CA","openapi":"POST /api/v1/pki/ca/{caId}/sign-certificate","href":"/api-reference/endpoints/certificate-authorities/sign-cert"},{"title":"List CRLs","description":"Get list of CRLs of the CA","openapi":"GET /api/v1/pki/ca/{caId}/crls","href":"/api-reference/endpoints/certificate-authorities/crl"}]},{"group":"Certificates","pages":[{"title":"List","description":null,"openapi":"GET /api/v2/workspace/{slug}/certificates","href":"/api-reference/endpoints/certificates/list"},{"title":"Retrieve","description":"Get certificate","openapi":"GET /api/v1/pki/certificates/{serialNumber}","href":"/api-reference/endpoints/certificates/read"},{"title":"Revoke","description":"Revoke","openapi":"POST /api/v1/pki/certificates/{serialNumber}/revoke","href":"/api-reference/endpoints/certificates/revoke"},{"title":"Delete","description":"Delete certificate","openapi":"DELETE /api/v1/pki/certificates/{serialNumber}","href":"/api-reference/endpoints/certificates/delete"},{"title":"Get Certificate Body / Chain","description":"Get certificate body of certificate","openapi":"GET /api/v1/pki/certificates/{serialNumber}/certificate","href":"/api-reference/endpoints/certificates/cert-body"},{"title":"Issue Certificate","description":"Issue certificate","openapi":"POST /api/v1/pki/certificates/issue-certificate","href":"/api-reference/endpoints/certificates/issue-certificate"},{"title":"Sign Certificate","description":"Sign certificate","openapi":"POST /api/v1/pki/certificates/sign-certificate","href":"/api-reference/endpoints/certificates/sign-certificate"}]},{"group":"Certificate Templates","pages":[{"title":"Create","description":null,"openapi":"POST /api/v1/pki/certificate-templates","href":"/api-reference/endpoints/certificate-templates/create"},{"title":"Update","description":null,"openapi":"PATCH /api/v1/pki/certificate-templates/{certificateTemplateId}","href":"/api-reference/endpoints/certificate-templates/update"},{"title":"Get by ID","description":null,"openapi":"GET /api/v1/pki/certificate-templates/{certificateTemplateId}","href":"/api-reference/endpoints/certificate-templates/get-by-id"},{"title":"Delete","description":null,"openapi":"DELETE /api/v1/pki/certificate-templates/{certificateTemplateId}","href":"/api-reference/endpoints/certificate-templates/delete"}]},{"group":"Certificate Collections","pages":[{"title":"Create","description":"Create PKI collection","openapi":"POST /api/v1/pki/collections","href":"/api-reference/endpoints/pki-collections/create"},{"title":"Retrieve","description":"Get PKI collection","openapi":"GET /api/v1/pki/collections/{collectionId}","href":"/api-reference/endpoints/pki-collections/read"},{"title":"Update","description":"Update PKI collection","openapi":"PATCH /api/v1/pki/collections/{collectionId}","href":"/api-reference/endpoints/pki-collections/update"},{"title":"Delete","description":"Delete PKI collection","openapi":"DELETE /api/v1/pki/collections/{collectionId}","href":"/api-reference/endpoints/pki-collections/delete"},{"title":"Add Collection Item","description":"Add item to PKI collection","openapi":"POST /api/v1/pki/collections/{collectionId}/items","href":"/api-reference/endpoints/pki-collections/add-item"},{"title":"Retrieve","description":"Get items in PKI collection","openapi":"GET /api/v1/pki/collections/{collectionId}/items","href":"/api-reference/endpoints/pki-collections/list-items"},{"title":"Delete Collection Item","description":"Remove item from PKI collection","openapi":"DELETE /api/v1/pki/collections/{collectionId}/items/{collectionItemId}","href":"/api-reference/endpoints/pki-collections/delete-item"}]},{"group":"PKI Alerting","pages":[{"title":"Create","description":"Create PKI alert","openapi":"POST /api/v1/pki/alerts","href":"/api-reference/endpoints/pki-alerts/create"},{"title":"Retrieve","description":"Get PKI alert","openapi":"GET /api/v1/pki/alerts/{alertId}","href":"/api-reference/endpoints/pki-alerts/read"},{"title":"Update","description":"Update PKI alert","openapi":"PATCH /api/v1/pki/alerts/{alertId}","href":"/api-reference/endpoints/pki-alerts/update"},{"title":"Delete","description":"Delete PKI alert","openapi":"DELETE /api/v1/pki/alerts/{alertId}","href":"/api-reference/endpoints/pki-alerts/delete"}]}]},{"group":"Infisical SSH","pages":[{"group":"Certificates","pages":[{"title":"Issue SSH Credentials","description":"Issue SSH credentials (certificate + key)","openapi":"POST /api/v1/ssh/certificates/issue","href":"/api-reference/endpoints/ssh/certificates/issue-credentials"},{"title":"Sign SSH Public Key","description":"Sign SSH public key","openapi":"POST /api/v1/ssh/certificates/sign","href":"/api-reference/endpoints/ssh/certificates/sign-key"}]},{"group":"Certificate Authorities","pages":[{"title":"List","description":null,"openapi":"GET /api/v2/workspace/{projectId}/ssh-cas","href":"/api-reference/endpoints/ssh/ca/list"},{"title":"Create","description":"Create SSH CA","openapi":"POST /api/v1/ssh/ca","href":"/api-reference/endpoints/ssh/ca/create"},{"title":"Retrieve","description":"Get SSH CA","openapi":"GET /api/v1/ssh/ca/{sshCaId}","href":"/api-reference/endpoints/ssh/ca/read"},{"title":"Update","description":"Update SSH CA","openapi":"PATCH /api/v1/ssh/ca/{sshCaId}","href":"/api-reference/endpoints/ssh/ca/update"},{"title":"Delete","description":"Delete SSH CA","openapi":"DELETE /api/v1/ssh/ca/{sshCaId}","href":"/api-reference/endpoints/ssh/ca/delete"},{"title":"Retrieve public key","description":"Get public key of SSH CA","openapi":"GET /api/v1/ssh/ca/{sshCaId}/public-key","href":"/api-reference/endpoints/ssh/ca/public-key"},{"title":"List templates","description":"Get list of certificate templates for the SSH CA","openapi":"GET /api/v1/ssh/ca/{sshCaId}/certificate-templates","href":"/api-reference/endpoints/ssh/ca/list-certificate-templates"}]},{"group":"Certificate Templates","pages":[{"title":"List","description":null,"openapi":"GET /api/v2/workspace/{projectId}/ssh-certificate-templates","href":"/api-reference/endpoints/ssh/certificate-templates/list"},{"title":"Create","description":null,"openapi":"POST /api/v1/ssh/certificate-templates","href":"/api-reference/endpoints/ssh/certificate-templates/create"},{"title":"Retrieve","description":null,"openapi":"GET /api/v1/ssh/certificate-templates/{certificateTemplateId}","href":"/api-reference/endpoints/ssh/certificate-templates/read"},{"title":"Update","description":null,"openapi":"PATCH /api/v1/ssh/certificate-templates/{certificateTemplateId}","href":"/api-reference/endpoints/ssh/certificate-templates/update"},{"title":"Delete","description":null,"openapi":"DELETE /api/v1/ssh/certificate-templates/{certificateTemplateId}","href":"/api-reference/endpoints/ssh/certificate-templates/delete"}]}]},{"group":"Infisical KMS","pages":[{"group":"Keys","pages":[{"title":"List Keys","description":"List KMS keys","openapi":"Get /api/v1/kms/keys","href":"/api-reference/endpoints/kms/keys/list"},{"title":"Get Key by ID","description":"Get KMS key by ID","openapi":"Get /api/v1/kms/keys/{keyId}","href":"/api-reference/endpoints/kms/keys/get-by-id"},{"title":"Get Key by Name","description":"Get KMS key by Name","openapi":"Get /api/v1/kms/keys/key-name/{keyName}","href":"/api-reference/endpoints/kms/keys/get-by-name"},{"title":"Create Key","description":"Create KMS key","openapi":"POST /api/v1/kms/keys","href":"/api-reference/endpoints/kms/keys/create"},{"title":"Update Key","description":"Update KMS key","openapi":"PATCH /api/v1/kms/keys/{keyId}","href":"/api-reference/endpoints/kms/keys/update"},{"title":"Delete Key","description":"Delete KMS key","openapi":"DELETE /api/v1/kms/keys/{keyId}","href":"/api-reference/endpoints/kms/keys/delete"},{"title":"Encrypt Data","description":"Encrypt data with KMS key","openapi":"POST /api/v1/kms/keys/{keyId}/encrypt","href":"/api-reference/endpoints/kms/keys/encrypt"},{"title":"Decrypt Data","description":"Decrypt data with KMS key","openapi":"POST /api/v1/kms/keys/{keyId}/decrypt","href":"/api-reference/endpoints/kms/keys/decrypt"}]}]}]},{"tab":"SDKs","groups":[{"group":"","pages":[{"title":"SDKs","description":null,"sidebarTitle":"Introduction","href":"/sdks/overview"}]},{"group":"SDK's","pages":[{"title":"Infisical Node.js SDK","description":null,"sidebarTitle":"Node.js","url":"https://github.com/Infisical/node-sdk-v2","icon":"node","href":"/sdks/languages/node"},{"title":"Infisical Python SDK","description":null,"sidebarTitle":"Python","url":"https://github.com/Infisical/python-sdk-official?tab=readme-ov-file#infisical-python-sdk","icon":"python","href":"/sdks/languages/python"},{"title":"Infisical Java SDK","description":null,"sidebarTitle":"Java","url":"https://github.com/Infisical/java-sdk?tab=readme-ov-file#infisical-nodejs-sdk","icon":"java","href":"/sdks/languages/java"},{"title":"Infisical Go SDK","description":null,"sidebarTitle":"Go","icon":"golang","href":"/sdks/languages/go"},{"title":"Infisical Ruby SDK","description":null,"sidebarTitle":"Ruby","icon":"diamond","href":"/sdks/languages/ruby"},{"title":"Infisical .NET SDK","description":null,"sidebarTitle":".NET","icon":"bars","href":"/sdks/languages/csharp"}]}]},{"tab":"Changelog","groups":[{"group":"","pages":[{"title":"Changelog","description":null,"href":"/changelog/overview"}]}]}]},"pageMetadata":{"title":"AWS Auth","description":"Learn how to authenticate with Infisical for EC2 instances, Lambda functions, and other IAM principals.","href":"/documentation/platform/identities/aws-auth"},"mintConfig":{"layout":"topnav","sidebar":{"items":"container"},"topbar":{"style":"default"},"search":{"location":"top"},"rounded":"default","codeBlock":{"mode":"dark"},"topbarCtaButton":{"name":"Start for Free","url":"https://app.infisical.com/signup","style":"pill","arrow":true},"$schema":"https://mintlify.com/schema.json","name":"Infisical","logo":{"light":"https://mintlify.s3.us-west-1.amazonaws.com/infisical/logo/light.svg","dark":"https://mintlify.s3.us-west-1.amazonaws.com/infisical/logo/dark.svg","href":"https://infisical.com"},"favicon":"/favicon.png","openapi":"https://app.infisical.com/api/docs/json","api":{"baseUrl":["https://app.infisical.com","http://localhost:8080"]},"modeToggle":{"default":"light","isHidden":true},"colors":{"primary":"#26272b","light":"#97b31d","dark":"#A1B659","background":{"light":"#ffffff","dark":"#0D1117"},"anchors":{"from":"#000000","to":"#707174"},"ultraLight":"#E7F256","ultraDark":"#8D9F4C"},"topbarLinks":[{"url":"https://app.infisical.com/login","name":"Log In","_id":"67b01b6dc9f41d26988c29bb"}],"navigation":[{"group":"Getting Started","pages":["documentation/getting-started/introduction",{"group":"Quickstart","pages":["documentation/guides/local-development"]},{"group":"Guides","pages":["documentation/guides/introduction","documentation/guides/node","documentation/guides/python","documentation/guides/nextjs-vercel","documentation/guides/microsoft-power-apps","documentation/guides/organization-structure"]}]},{"group":"Platform","pages":["documentation/platform/organization","documentation/platform/project","documentation/platform/folder",{"group":"Secrets","pages":["documentation/platform/secret-versioning","documentation/platform/pit-recovery","documentation/platform/secret-reference","documentation/platform/webhooks"]},{"group":"Internal PKI","pages":["documentation/platform/pki/overview","documentation/platform/pki/private-ca","documentation/platform/pki/certificates","documentation/platform/pki/pki-issuer","documentation/platform/pki/est","documentation/platform/pki/alerting"]},"documentation/platform/ssh",{"group":"Key Management (KMS)","pages":["documentation/platform/kms/overview","documentation/platform/kms/hsm-integration","documentation/platform/kms/kubernetes-encryption"]},{"group":"KMS Configuration","pages":["documentation/platform/kms-configuration/overview","documentation/platform/kms-configuration/aws-kms","documentation/platform/kms-configuration/aws-hsm","documentation/platform/kms-configuration/gcp-kms"]},{"group":"Identities","pages":["documentation/platform/identities/overview","documentation/platform/identities/user-identities","documentation/platform/identities/machine-identities"]},{"group":"Access Control","pages":["documentation/platform/access-controls/overview","documentation/platform/access-controls/role-based-access-controls","documentation/platform/access-controls/attribute-based-access-controls","documentation/platform/access-controls/additional-privileges","documentation/platform/access-controls/temporary-access","documentation/platform/access-controls/access-requests","documentation/platform/pr-workflows","documentation/platform/groups"]},{"group":"Audit Logs","pages":["documentation/platform/audit-logs","documentation/platform/audit-log-streams/audit-log-streams","documentation/platform/audit-log-streams/audit-log-streams-with-fluentbit"]},{"group":"Secret Rotation","pages":["documentation/platform/secret-rotation/overview","documentation/platform/secret-rotation/sendgrid","documentation/platform/secret-rotation/postgres","documentation/platform/secret-rotation/mysql","documentation/platform/secret-rotation/mssql","documentation/platform/secret-rotation/aws-iam"]},{"group":"Dynamic Secrets","pages":["documentation/platform/dynamic-secrets/overview","documentation/platform/dynamic-secrets/postgresql","documentation/platform/dynamic-secrets/mysql","documentation/platform/dynamic-secrets/mssql","documentation/platform/dynamic-secrets/oracle","documentation/platform/dynamic-secrets/cassandra","documentation/platform/dynamic-secrets/redis","documentation/platform/dynamic-secrets/aws-elasticache","documentation/platform/dynamic-secrets/elastic-search","documentation/platform/dynamic-secrets/rabbit-mq","documentation/platform/dynamic-secrets/aws-iam","documentation/platform/dynamic-secrets/mongo-atlas","documentation/platform/dynamic-secrets/mongo-db","documentation/platform/dynamic-secrets/azure-entra-id","documentation/platform/dynamic-secrets/ldap","documentation/platform/dynamic-secrets/sap-ase","documentation/platform/dynamic-secrets/sap-hana","documentation/platform/dynamic-secrets/snowflake","documentation/platform/dynamic-secrets/totp"]},"documentation/platform/project-templates",{"group":"Workflow Integrations","pages":["documentation/platform/workflow-integrations/slack-integration"]},{"group":"Admin Consoles","pages":["documentation/platform/admin-panel/overview","documentation/platform/admin-panel/server-admin","documentation/platform/admin-panel/org-admin-console"]},"documentation/platform/secret-sharing"]},{"group":"Authentication Methods","pages":["documentation/platform/auth-methods/email-password","documentation/platform/token","documentation/platform/identities/token-auth","documentation/platform/identities/universal-auth","documentation/platform/identities/kubernetes-auth","documentation/platform/identities/gcp-auth","documentation/platform/identities/azure-auth","documentation/platform/identities/aws-auth","documentation/platform/identities/jwt-auth",{"group":"OIDC Auth","pages":["documentation/platform/identities/oidc-auth/general","documentation/platform/identities/oidc-auth/github","documentation/platform/identities/oidc-auth/circleci","documentation/platform/identities/oidc-auth/gitlab"]},"documentation/platform/mfa",{"group":"SSO","pages":["documentation/platform/sso/overview","documentation/platform/sso/google","documentation/platform/sso/github","documentation/platform/sso/gitlab","documentation/platform/sso/okta","documentation/platform/sso/azure","documentation/platform/sso/jumpcloud","documentation/platform/sso/keycloak-saml","documentation/platform/sso/google-saml","documentation/platform/sso/auth0-saml",{"group":"Keycloak OIDC","pages":["documentation/platform/sso/keycloak-oidc/overview","documentation/platform/sso/keycloak-oidc/group-membership-mapping"]},"documentation/platform/sso/auth0-oidc","documentation/platform/sso/general-oidc"]},{"group":"LDAP","pages":["documentation/platform/ldap/overview","documentation/platform/ldap/jumpcloud","documentation/platform/ldap/general"]},{"group":"SCIM","pages":["documentation/platform/scim/overview","documentation/platform/scim/okta","documentation/platform/scim/azure","documentation/platform/scim/jumpcloud","documentation/platform/scim/group-mappings"]}]},{"group":"Self-host Infisical","pages":["self-hosting/overview",{"group":"Installation methods","pages":["self-hosting/deployment-options/standalone-infisical","self-hosting/deployment-options/docker-swarm","self-hosting/deployment-options/docker-compose","self-hosting/deployment-options/kubernetes-helm"]},"self-hosting/guides/upgrading-infisical","self-hosting/configuration/envars","self-hosting/configuration/requirements",{"group":"Guides","pages":["self-hosting/guides/mongo-to-postgres","self-hosting/guides/custom-certificates"]},{"group":"Reference architectures","pages":["self-hosting/reference-architectures/aws-ecs","self-hosting/reference-architectures/linux-deployment-ha","self-hosting/reference-architectures/on-prem-k8s-ha"]},"self-hosting/ee","self-hosting/faq"]},{"group":"Command line","pages":["cli/overview","cli/usage",{"group":"Core commands","pages":["cli/commands/login","cli/commands/init","cli/commands/run","cli/commands/secrets","cli/commands/dynamic-secrets","cli/commands/ssh","cli/commands/export","cli/commands/token","cli/commands/service-token","cli/commands/vault","cli/commands/user","cli/commands/reset",{"group":"infisical scan","pages":["cli/commands/scan","cli/commands/scan-git-changes","cli/commands/scan-install"]}]},"cli/scanning-overview","cli/project-config","cli/faq"]},{"group":"Infrastructure Integrations","pages":[{"group":"Container orchestrators","pages":[{"group":"Kubernetes","pages":["integrations/platforms/kubernetes/overview","integrations/platforms/kubernetes/infisical-secret-crd","integrations/platforms/kubernetes/infisical-push-secret-crd","integrations/platforms/kubernetes/infisical-dynamic-secret-crd"]},"integrations/platforms/kubernetes-csi","integrations/platforms/docker-swarm-with-agent","integrations/platforms/ecs-with-agent"]},"integrations/platforms/infisical-agent",{"group":"Docker","pages":["integrations/platforms/docker-intro","integrations/platforms/docker","integrations/platforms/docker-pass-envs","integrations/platforms/docker-compose"]},"integrations/frameworks/terraform","integrations/platforms/ansible"]},{"group":"App Connections","pages":["integrations/app-connections/overview",{"group":"Connections","pages":["integrations/app-connections/aws","integrations/app-connections/azure-app-configuration","integrations/app-connections/azure-key-vault","integrations/app-connections/databricks","integrations/app-connections/gcp","integrations/app-connections/github"]}]},{"group":"Secret Syncs","pages":["integrations/secret-syncs/overview",{"group":"Syncs","pages":["integrations/secret-syncs/aws-parameter-store","integrations/secret-syncs/aws-secrets-manager","integrations/secret-syncs/azure-app-configuration","integrations/secret-syncs/azure-key-vault","integrations/secret-syncs/databricks","integrations/secret-syncs/gcp-secret-manager","integrations/secret-syncs/github"]}]},{"group":"Native Integrations","pages":[{"group":"AWS","pages":["integrations/cloud/aws-parameter-store","integrations/cloud/aws-secret-manager","integrations/cloud/aws-amplify"]},"integrations/cloud/vercel","integrations/cloud/azure-key-vault","integrations/cloud/azure-app-configuration","integrations/cloud/azure-devops","integrations/cloud/gcp-secret-manager",{"group":"Cloudflare","pages":["integrations/cloud/cloudflare-pages","integrations/cloud/cloudflare-workers"]},"integrations/cloud/terraform-cloud","integrations/cloud/databricks",{"group":"View more","pages":["integrations/cloud/digital-ocean-app-platform","integrations/cloud/heroku","integrations/cloud/netlify","integrations/cloud/railway","integrations/cloud/flyio","integrations/cloud/render","integrations/cloud/laravel-forge","integrations/cloud/supabase","integrations/cloud/northflank","integrations/cloud/hasura-cloud","integrations/cloud/qovery","integrations/cloud/hashicorp-vault","integrations/cloud/cloud-66","integrations/cloud/windmill"]}]},{"group":"CI/CD Integrations","pages":["integrations/cicd/jenkins","integrations/cicd/githubactions","integrations/cicd/gitlab","integrations/cicd/bitbucket","integrations/cloud/teamcity",{"group":"View more","pages":["integrations/cicd/circleci","integrations/cicd/travisci","integrations/cicd/rundeck","integrations/cicd/codefresh","integrations/cloud/checkly","integrations/cicd/octopus-deploy"]}]},{"group":"Framework Integrations","pages":["integrations/frameworks/spring-boot-maven","integrations/frameworks/react","integrations/frameworks/vue","integrations/frameworks/express",{"group":"View more","pages":["integrations/frameworks/nextjs","integrations/frameworks/nestjs","integrations/frameworks/sveltekit","integrations/frameworks/nuxt","integrations/frameworks/gatsby","integrations/frameworks/remix","integrations/frameworks/vite","integrations/frameworks/fiber","integrations/frameworks/django","integrations/frameworks/flask","integrations/frameworks/laravel","integrations/frameworks/rails","integrations/frameworks/dotnet","integrations/platforms/pm2"]}]},{"group":"Build Tool Integrations","pages":["integrations/build-tools/gradle"]},{"group":"","pages":["sdks/overview"]},{"group":"SDK's","pages":["sdks/languages/node","sdks/languages/python","sdks/languages/java","sdks/languages/go","sdks/languages/ruby","sdks/languages/csharp"]},{"group":"Overview","pages":["api-reference/overview/introduction","api-reference/overview/authentication",{"group":"Examples","pages":["api-reference/overview/examples/integration"]}]},{"group":"Endpoints","pages":[{"group":"Identities","pages":["api-reference/endpoints/identities/create","api-reference/endpoints/identities/update","api-reference/endpoints/identities/delete","api-reference/endpoints/identities/get-by-id","api-reference/endpoints/identities/list"]},{"group":"Token Auth","pages":["api-reference/endpoints/token-auth/attach","api-reference/endpoints/token-auth/retrieve","api-reference/endpoints/token-auth/update","api-reference/endpoints/token-auth/revoke","api-reference/endpoints/token-auth/get-tokens","api-reference/endpoints/token-auth/create-token","api-reference/endpoints/token-auth/update-token","api-reference/endpoints/token-auth/revoke-token"]},{"group":"Universal Auth","pages":["api-reference/endpoints/universal-auth/login","api-reference/endpoints/universal-auth/attach","api-reference/endpoints/universal-auth/retrieve","api-reference/endpoints/universal-auth/update","api-reference/endpoints/universal-auth/revoke","api-reference/endpoints/universal-auth/create-client-secret","api-reference/endpoints/universal-auth/list-client-secrets","api-reference/endpoints/universal-auth/revoke-client-secret","api-reference/endpoints/universal-auth/get-client-secret-by-id","api-reference/endpoints/universal-auth/renew-access-token","api-reference/endpoints/universal-auth/revoke-access-token"]},{"group":"GCP Auth","pages":["api-reference/endpoints/gcp-auth/login","api-reference/endpoints/gcp-auth/attach","api-reference/endpoints/gcp-auth/retrieve","api-reference/endpoints/gcp-auth/update","api-reference/endpoints/gcp-auth/revoke"]},{"group":"AWS Auth","pages":["api-reference/endpoints/aws-auth/login","api-reference/endpoints/aws-auth/attach","api-reference/endpoints/aws-auth/retrieve","api-reference/endpoints/aws-auth/update","api-reference/endpoints/aws-auth/revoke"]},{"group":"Azure Auth","pages":["api-reference/endpoints/azure-auth/login","api-reference/endpoints/azure-auth/attach","api-reference/endpoints/azure-auth/retrieve","api-reference/endpoints/azure-auth/update","api-reference/endpoints/azure-auth/revoke"]},{"group":"Kubernetes Auth","pages":["api-reference/endpoints/kubernetes-auth/login","api-reference/endpoints/kubernetes-auth/attach","api-reference/endpoints/kubernetes-auth/retrieve","api-reference/endpoints/kubernetes-auth/update","api-reference/endpoints/kubernetes-auth/revoke"]},{"group":"OIDC Auth","pages":["api-reference/endpoints/oidc-auth/login","api-reference/endpoints/oidc-auth/attach","api-reference/endpoints/oidc-auth/retrieve","api-reference/endpoints/oidc-auth/update","api-reference/endpoints/oidc-auth/revoke"]},{"group":"JWT Auth","pages":["api-reference/endpoints/jwt-auth/login","api-reference/endpoints/jwt-auth/attach","api-reference/endpoints/jwt-auth/retrieve","api-reference/endpoints/jwt-auth/update","api-reference/endpoints/jwt-auth/revoke"]},{"group":"Groups","pages":["api-reference/endpoints/groups/create","api-reference/endpoints/groups/update","api-reference/endpoints/groups/delete","api-reference/endpoints/groups/get","api-reference/endpoints/groups/get-by-id","api-reference/endpoints/groups/add-group-user","api-reference/endpoints/groups/remove-group-user","api-reference/endpoints/groups/list-group-users"]},{"group":"Organizations","pages":["api-reference/endpoints/organizations/memberships","api-reference/endpoints/organizations/update-membership","api-reference/endpoints/organizations/delete-membership","api-reference/endpoints/organizations/list-identity-memberships","api-reference/endpoints/organizations/workspaces"]},{"group":"Projects","pages":["api-reference/endpoints/workspaces/create-workspace","api-reference/endpoints/workspaces/delete-workspace","api-reference/endpoints/workspaces/get-workspace","api-reference/endpoints/workspaces/update-workspace","api-reference/endpoints/workspaces/secret-snapshots","api-reference/endpoints/workspaces/rollback-snapshot"]},{"group":"Project Users","pages":["api-reference/endpoints/project-users/invite-member-to-workspace","api-reference/endpoints/project-users/remove-member-from-workspace","api-reference/endpoints/project-users/memberships","api-reference/endpoints/project-users/get-by-username","api-reference/endpoints/project-users/update-membership"]},{"group":"Project Groups","pages":["api-reference/endpoints/project-groups/create","api-reference/endpoints/project-groups/delete","api-reference/endpoints/project-groups/get-by-id","api-reference/endpoints/project-groups/list","api-reference/endpoints/project-groups/update"]},{"group":"Project Identities","pages":["api-reference/endpoints/project-identities/add-identity-membership","api-reference/endpoints/project-identities/list-identity-memberships","api-reference/endpoints/project-identities/get-by-id","api-reference/endpoints/project-identities/update-identity-membership","api-reference/endpoints/project-identities/delete-identity-membership"]},{"group":"Project Roles","pages":["api-reference/endpoints/project-roles/create","api-reference/endpoints/project-roles/update","api-reference/endpoints/project-roles/delete","api-reference/endpoints/project-roles/get-by-slug","api-reference/endpoints/project-roles/list"]},{"group":"Project Templates","pages":["api-reference/endpoints/project-templates/create","api-reference/endpoints/project-templates/update","api-reference/endpoints/project-templates/delete","api-reference/endpoints/project-templates/get-by-id","api-reference/endpoints/project-templates/list"]},{"group":"Environments","pages":["api-reference/endpoints/environments/create","api-reference/endpoints/environments/update","api-reference/endpoints/environments/delete"]},{"group":"Folders","pages":["api-reference/endpoints/folders/list","api-reference/endpoints/folders/get-by-id","api-reference/endpoints/folders/create","api-reference/endpoints/folders/update","api-reference/endpoints/folders/delete"]},{"group":"Secret Tags","pages":["api-reference/endpoints/secret-tags/list","api-reference/endpoints/secret-tags/get-by-id","api-reference/endpoints/secret-tags/get-by-slug","api-reference/endpoints/secret-tags/create","api-reference/endpoints/secret-tags/update","api-reference/endpoints/secret-tags/delete"]},{"group":"Secrets","pages":["api-reference/endpoints/secrets/list","api-reference/endpoints/secrets/create","api-reference/endpoints/secrets/read","api-reference/endpoints/secrets/update","api-reference/endpoints/secrets/delete","api-reference/endpoints/secrets/create-many","api-reference/endpoints/secrets/update-many","api-reference/endpoints/secrets/delete-many","api-reference/endpoints/secrets/attach-tags","api-reference/endpoints/secrets/detach-tags"]},{"group":"Dynamic Secrets","pages":["api-reference/endpoints/dynamic-secrets/create","api-reference/endpoints/dynamic-secrets/update","api-reference/endpoints/dynamic-secrets/delete","api-reference/endpoints/dynamic-secrets/get","api-reference/endpoints/dynamic-secrets/list","api-reference/endpoints/dynamic-secrets/list-leases","api-reference/endpoints/dynamic-secrets/create-lease","api-reference/endpoints/dynamic-secrets/delete-lease","api-reference/endpoints/dynamic-secrets/renew-lease","api-reference/endpoints/dynamic-secrets/get-lease"]},{"group":"Secret Imports","pages":["api-reference/endpoints/secret-imports/list","api-reference/endpoints/secret-imports/create","api-reference/endpoints/secret-imports/update","api-reference/endpoints/secret-imports/delete"]},{"group":"Identity Specific Privilege","pages":["api-reference/endpoints/identity-specific-privilege/create-permanent","api-reference/endpoints/identity-specific-privilege/create-temporary","api-reference/endpoints/identity-specific-privilege/update","api-reference/endpoints/identity-specific-privilege/delete","api-reference/endpoints/identity-specific-privilege/find-by-slug","api-reference/endpoints/identity-specific-privilege/list"]},{"group":"App Connections","pages":["api-reference/endpoints/app-connections/list","api-reference/endpoints/app-connections/options",{"group":"AWS","pages":["api-reference/endpoints/app-connections/aws/list","api-reference/endpoints/app-connections/aws/available","api-reference/endpoints/app-connections/aws/get-by-id","api-reference/endpoints/app-connections/aws/get-by-name","api-reference/endpoints/app-connections/aws/create","api-reference/endpoints/app-connections/aws/update","api-reference/endpoints/app-connections/aws/delete"]},{"group":"Azure App Configuration","pages":["api-reference/endpoints/app-connections/azure-app-configuration/list","api-reference/endpoints/app-connections/azure-app-configuration/available","api-reference/endpoints/app-connections/azure-app-configuration/get-by-id","api-reference/endpoints/app-connections/azure-app-configuration/get-by-name","api-reference/endpoints/app-connections/azure-app-configuration/create","api-reference/endpoints/app-connections/azure-app-configuration/update","api-reference/endpoints/app-connections/azure-app-configuration/delete"]},{"group":"Azure Key Vault","pages":["api-reference/endpoints/app-connections/azure-key-vault/list","api-reference/endpoints/app-connections/azure-key-vault/available","api-reference/endpoints/app-connections/azure-key-vault/get-by-id","api-reference/endpoints/app-connections/azure-key-vault/get-by-name","api-reference/endpoints/app-connections/azure-key-vault/create","api-reference/endpoints/app-connections/azure-key-vault/update","api-reference/endpoints/app-connections/azure-key-vault/delete"]},{"group":"Databricks","pages":["api-reference/endpoints/app-connections/databricks/list","api-reference/endpoints/app-connections/databricks/available","api-reference/endpoints/app-connections/databricks/get-by-id","api-reference/endpoints/app-connections/databricks/get-by-name","api-reference/endpoints/app-connections/databricks/create","api-reference/endpoints/app-connections/databricks/update","api-reference/endpoints/app-connections/databricks/delete"]},{"group":"GCP","pages":["api-reference/endpoints/app-connections/gcp/list","api-reference/endpoints/app-connections/gcp/available","api-reference/endpoints/app-connections/gcp/get-by-id","api-reference/endpoints/app-connections/gcp/get-by-name","api-reference/endpoints/app-connections/gcp/create","api-reference/endpoints/app-connections/gcp/update","api-reference/endpoints/app-connections/gcp/delete"]},{"group":"GitHub","pages":["api-reference/endpoints/app-connections/github/list","api-reference/endpoints/app-connections/github/available","api-reference/endpoints/app-connections/github/get-by-id","api-reference/endpoints/app-connections/github/get-by-name","api-reference/endpoints/app-connections/github/create","api-reference/endpoints/app-connections/github/update","api-reference/endpoints/app-connections/github/delete"]}]},{"group":"Secret Syncs","pages":["api-reference/endpoints/secret-syncs/list","api-reference/endpoints/secret-syncs/options",{"group":"AWS Parameter Store","pages":["api-reference/endpoints/secret-syncs/aws-parameter-store/list","api-reference/endpoints/secret-syncs/aws-parameter-store/get-by-id","api-reference/endpoints/secret-syncs/aws-parameter-store/get-by-name","api-reference/endpoints/secret-syncs/aws-parameter-store/create","api-reference/endpoints/secret-syncs/aws-parameter-store/update","api-reference/endpoints/secret-syncs/aws-parameter-store/delete","api-reference/endpoints/secret-syncs/aws-parameter-store/sync-secrets","api-reference/endpoints/secret-syncs/aws-parameter-store/import-secrets","api-reference/endpoints/secret-syncs/aws-parameter-store/remove-secrets"]},{"group":"AWS Secrets Manager","pages":["api-reference/endpoints/secret-syncs/aws-secrets-manager/list","api-reference/endpoints/secret-syncs/aws-secrets-manager/get-by-id","api-reference/endpoints/secret-syncs/aws-secrets-manager/get-by-name","api-reference/endpoints/secret-syncs/aws-secrets-manager/create","api-reference/endpoints/secret-syncs/aws-secrets-manager/update","api-reference/endpoints/secret-syncs/aws-secrets-manager/delete","api-reference/endpoints/secret-syncs/aws-secrets-manager/sync-secrets","api-reference/endpoints/secret-syncs/aws-secrets-manager/import-secrets","api-reference/endpoints/secret-syncs/aws-secrets-manager/remove-secrets"]},{"group":"Azure App Configuration","pages":["api-reference/endpoints/secret-syncs/azure-app-configuration/list","api-reference/endpoints/secret-syncs/azure-app-configuration/get-by-id","api-reference/endpoints/secret-syncs/azure-app-configuration/get-by-name","api-reference/endpoints/secret-syncs/azure-app-configuration/create","api-reference/endpoints/secret-syncs/azure-app-configuration/update","api-reference/endpoints/secret-syncs/azure-app-configuration/delete","api-reference/endpoints/secret-syncs/azure-app-configuration/sync-secrets","api-reference/endpoints/secret-syncs/azure-app-configuration/import-secrets","api-reference/endpoints/secret-syncs/azure-app-configuration/remove-secrets"]},{"group":"Azure Key Vault","pages":["api-reference/endpoints/secret-syncs/azure-key-vault/list","api-reference/endpoints/secret-syncs/azure-key-vault/get-by-id","api-reference/endpoints/secret-syncs/azure-key-vault/get-by-name","api-reference/endpoints/secret-syncs/azure-key-vault/create","api-reference/endpoints/secret-syncs/azure-key-vault/update","api-reference/endpoints/secret-syncs/azure-key-vault/delete","api-reference/endpoints/secret-syncs/azure-key-vault/sync-secrets","api-reference/endpoints/secret-syncs/azure-key-vault/import-secrets","api-reference/endpoints/secret-syncs/azure-key-vault/remove-secrets"]},{"group":"Databricks","pages":["api-reference/endpoints/secret-syncs/databricks/list","api-reference/endpoints/secret-syncs/databricks/get-by-id","api-reference/endpoints/secret-syncs/databricks/get-by-name","api-reference/endpoints/secret-syncs/databricks/create","api-reference/endpoints/secret-syncs/databricks/update","api-reference/endpoints/secret-syncs/databricks/delete","api-reference/endpoints/secret-syncs/databricks/sync-secrets","api-reference/endpoints/secret-syncs/databricks/remove-secrets"]},{"group":"GCP Secret Manager","pages":["api-reference/endpoints/secret-syncs/gcp-secret-manager/list","api-reference/endpoints/secret-syncs/gcp-secret-manager/get-by-id","api-reference/endpoints/secret-syncs/gcp-secret-manager/get-by-name","api-reference/endpoints/secret-syncs/gcp-secret-manager/create","api-reference/endpoints/secret-syncs/gcp-secret-manager/update","api-reference/endpoints/secret-syncs/gcp-secret-manager/delete","api-reference/endpoints/secret-syncs/gcp-secret-manager/sync-secrets","api-reference/endpoints/secret-syncs/gcp-secret-manager/import-secrets","api-reference/endpoints/secret-syncs/gcp-secret-manager/remove-secrets"]},{"group":"GitHub","pages":["api-reference/endpoints/secret-syncs/github/list","api-reference/endpoints/secret-syncs/github/get-by-id","api-reference/endpoints/secret-syncs/github/get-by-name","api-reference/endpoints/secret-syncs/github/create","api-reference/endpoints/secret-syncs/github/update","api-reference/endpoints/secret-syncs/github/delete","api-reference/endpoints/secret-syncs/github/sync-secrets","api-reference/endpoints/secret-syncs/github/remove-secrets"]}]},{"group":"Integrations","pages":["api-reference/endpoints/integrations/create-auth","api-reference/endpoints/integrations/list-auth","api-reference/endpoints/integrations/find-auth","api-reference/endpoints/integrations/delete-auth","api-reference/endpoints/integrations/delete-auth-by-id","api-reference/endpoints/integrations/create","api-reference/endpoints/integrations/update","api-reference/endpoints/integrations/delete","api-reference/endpoints/integrations/list-project-integrations"]},{"group":"Service Tokens","pages":["api-reference/endpoints/service-tokens/get"]},{"group":"Audit Logs","pages":["api-reference/endpoints/audit-logs/export-audit-log"]}]},{"group":"Infisical PKI","pages":[{"group":"Certificate Authorities","pages":["api-reference/endpoints/certificate-authorities/list","api-reference/endpoints/certificate-authorities/create","api-reference/endpoints/certificate-authorities/read","api-reference/endpoints/certificate-authorities/update","api-reference/endpoints/certificate-authorities/delete","api-reference/endpoints/certificate-authorities/renew","api-reference/endpoints/certificate-authorities/list-ca-certs","api-reference/endpoints/certificate-authorities/csr","api-reference/endpoints/certificate-authorities/cert","api-reference/endpoints/certificate-authorities/sign-intermediate","api-reference/endpoints/certificate-authorities/import-cert","api-reference/endpoints/certificate-authorities/issue-cert","api-reference/endpoints/certificate-authorities/sign-cert","api-reference/endpoints/certificate-authorities/crl"]},{"group":"Certificates","pages":["api-reference/endpoints/certificates/list","api-reference/endpoints/certificates/read","api-reference/endpoints/certificates/revoke","api-reference/endpoints/certificates/delete","api-reference/endpoints/certificates/cert-body","api-reference/endpoints/certificates/issue-certificate","api-reference/endpoints/certificates/sign-certificate"]},{"group":"Certificate Templates","pages":["api-reference/endpoints/certificate-templates/create","api-reference/endpoints/certificate-templates/update","api-reference/endpoints/certificate-templates/get-by-id","api-reference/endpoints/certificate-templates/delete"]},{"group":"Certificate Collections","pages":["api-reference/endpoints/pki-collections/create","api-reference/endpoints/pki-collections/read","api-reference/endpoints/pki-collections/update","api-reference/endpoints/pki-collections/delete","api-reference/endpoints/pki-collections/add-item","api-reference/endpoints/pki-collections/list-items","api-reference/endpoints/pki-collections/delete-item"]},{"group":"PKI Alerting","pages":["api-reference/endpoints/pki-alerts/create","api-reference/endpoints/pki-alerts/read","api-reference/endpoints/pki-alerts/update","api-reference/endpoints/pki-alerts/delete"]}]},{"group":"Infisical SSH","pages":[{"group":"Certificates","pages":["api-reference/endpoints/ssh/certificates/issue-credentials","api-reference/endpoints/ssh/certificates/sign-key"]},{"group":"Certificate Authorities","pages":["api-reference/endpoints/ssh/ca/list","api-reference/endpoints/ssh/ca/create","api-reference/endpoints/ssh/ca/read","api-reference/endpoints/ssh/ca/update","api-reference/endpoints/ssh/ca/delete","api-reference/endpoints/ssh/ca/public-key","api-reference/endpoints/ssh/ca/list-certificate-templates"]},{"group":"Certificate Templates","pages":["api-reference/endpoints/ssh/certificate-templates/list","api-reference/endpoints/ssh/certificate-templates/create","api-reference/endpoints/ssh/certificate-templates/read","api-reference/endpoints/ssh/certificate-templates/update","api-reference/endpoints/ssh/certificate-templates/delete"]}]},{"group":"Infisical KMS","pages":[{"group":"Keys","pages":["api-reference/endpoints/kms/keys/list","api-reference/endpoints/kms/keys/get-by-id","api-reference/endpoints/kms/keys/get-by-name","api-reference/endpoints/kms/keys/create","api-reference/endpoints/kms/keys/update","api-reference/endpoints/kms/keys/delete","api-reference/endpoints/kms/keys/encrypt","api-reference/endpoints/kms/keys/decrypt"]}]},{"group":"Internals","pages":["internals/overview","internals/permissions","internals/components","internals/security","internals/service-tokens"]},{"group":"","pages":["changelog/overview"]},{"group":"Contributing","pages":[{"group":"Getting Started","pages":["contributing/getting-started/overview","contributing/getting-started/code-of-conduct","contributing/getting-started/pull-requests","contributing/getting-started/faq"]},{"group":"Contributing to platform","pages":["contributing/platform/developing","contributing/platform/backend/how-to-create-a-feature","contributing/platform/backend/folder-structure"]},{"group":"Contributing to SDK","pages":["contributing/sdk/developing"]}]}],"tabs":[{"name":"Integrations","url":"integrations","_id":"67b01b6dc9f41d26988c29b6"},{"name":"CLI","url":"cli","_id":"67b01b6dc9f41d26988c29b7"},{"name":"API Reference","url":"api-reference","_id":"67b01b6dc9f41d26988c29b8"},{"name":"SDKs","url":"sdks","_id":"67b01b6dc9f41d26988c29b9"},{"name":"Changelog","url":"changelog","_id":"67b01b6dc9f41d26988c29ba"}],"footer":{"socials":{"x":"https://www.twitter.com/infisical/","linkedin":"https://www.linkedin.com/company/infisical/","github":"https://github.com/Infisical/infisical-cli","slack":"https://infisical.com/slack"},"links":[{"title":"PRODUCT","links":[{"label":"Secret Management","url":"https://infisical.com/"},{"label":"Secret Scanning","url":"https://infisical.com/radar"},{"label":"Share Secrets","url":"https://app.infisical.com/share-secret"},{"label":"Pricing","url":"https://infisical.com/pricing"},{"label":"Security","url":"https://infisical.com/docs/internals/security"},{"label":"Blog","url":"https://infisical.com/blog"},{"label":"Infisical vs Vault","url":"https://infisical.com/infisical-vs-hashicorp-vault"},{"label":"Forum","url":"https://questions.infisical.com/"}]},{"title":"USE CASES","links":[{"label":"Infisical Agent","url":"https://infisical.com/docs/documentation/getting-started/introduction"},{"label":"Kubernetes","url":"https://infisical.com/docs/integrations/platforms/kubernetes"},{"label":"Dynamic Secrets","url":"https://infisical.com/docs/documentation/platform/dynamic-secrets/overview"},{"label":"Terraform","url":"https://infisical.com/docs/integrations/frameworks/terraform"},{"label":"Ansible","url":"https://infisical.com/docs/integrations/platforms/ansible"},{"label":"Jenkins","url":"https://infisical.com/docs/integrations/cicd/jenkins"},{"label":"Docker","url":"https://infisical.com/docs/integrations/platforms/docker-intro"},{"label":"AWS ECS","url":"https://infisical.com/docs/integrations/platforms/ecs-with-agent"},{"label":"GitLab","url":"https://infisical.com/docs/integrations/cicd/gitlab"},{"label":"GitHub","url":"https://infisical.com/docs/integrations/cicd/githubactions"},{"label":"SDK","url":"https://infisical.com/docs/sdks/overview"}]},{"title":"DEVELOPERS","links":[{"label":"Changelog","url":"https://www.infisical.com/docs/changelog"},{"label":"Status","url":"https://status.infisical.com/"},{"label":"Feedback \u0026 Requests","url":"https://github.com/Infisical/infisical/issues"},{"label":"Trust of Center","url":"https://app.vanta.com/infisical.com/trust/hoop8cr78cuarxo9sztvs"},{"label":"Open Source Friends","url":"https://infisical.com/infisical-friends"},{"label":"How to contribute","url":"https://www.infisical.com/infisical-heroes"}]},{"title":"OTHERS","links":[{"label":"Customers","url":"https://infisical.com/customers/traba"},{"label":"Company Handbook","url":"https://infisical.com/wiki/handbook/overview"},{"label":"Careers","url":"https://infisical.com/careers"},{"label":"Terms of Service","url":"https://infisical.com/terms"},{"label":"Privacy Policy","url":"https://infisical.com/privacy"},{"label":"Subprocessors","url":"https://infisical.com/subprocessors"},{"label":"SLA","url":"https://infisical.com/sla"},{"label":"Team Email","url":"mailto:team@infisical.com"},{"label":"Sales","url":"mailto:sales@infisical.com"},{"label":"Support","url":"https://infisical.com/slack"}]}]},"feedback":{"thumbsRating":true,"suggestEdit":true,"raiseIssue":true},"analytics":{"posthog":{"apiKey":"phc_Q0xfB3LeOqo7ySk4DE6zLNwDzHFesKcmigknCy4fTdV"},"koala":{"publicApiKey":"pk_b50d7184e0e39ddd5cdb43cf6abeadd9b97d"}}},"docsConfig":{"$schema":"https://mintlify.com/docs.json","theme":"mint","name":"Infisical","colors":{"primary":"#26272b","light":"#97b31d","dark":"#A1B659"},"favicon":"/favicon.png","navigation":{"tabs":[{"tab":"Documentation","groups":[{"group":"Getting Started","pages":["documentation/getting-started/introduction",{"group":"Quickstart","pages":["documentation/guides/local-development"]},{"group":"Guides","pages":["documentation/guides/introduction","documentation/guides/node","documentation/guides/python","documentation/guides/nextjs-vercel","documentation/guides/microsoft-power-apps","documentation/guides/organization-structure"]}]},{"group":"Platform","pages":["documentation/platform/organization","documentation/platform/project","documentation/platform/folder",{"group":"Secrets","pages":["documentation/platform/secret-versioning","documentation/platform/pit-recovery","documentation/platform/secret-reference","documentation/platform/webhooks"]},{"group":"Internal PKI","pages":["documentation/platform/pki/overview","documentation/platform/pki/private-ca","documentation/platform/pki/certificates","documentation/platform/pki/pki-issuer","documentation/platform/pki/est","documentation/platform/pki/alerting"]},"documentation/platform/ssh",{"group":"Key Management (KMS)","pages":["documentation/platform/kms/overview","documentation/platform/kms/hsm-integration","documentation/platform/kms/kubernetes-encryption"]},{"group":"KMS Configuration","pages":["documentation/platform/kms-configuration/overview","documentation/platform/kms-configuration/aws-kms","documentation/platform/kms-configuration/aws-hsm","documentation/platform/kms-configuration/gcp-kms"]},{"group":"Identities","pages":["documentation/platform/identities/overview","documentation/platform/identities/user-identities","documentation/platform/identities/machine-identities"]},{"group":"Access Control","pages":["documentation/platform/access-controls/overview","documentation/platform/access-controls/role-based-access-controls","documentation/platform/access-controls/attribute-based-access-controls","documentation/platform/access-controls/additional-privileges","documentation/platform/access-controls/temporary-access","documentation/platform/access-controls/access-requests","documentation/platform/pr-workflows","documentation/platform/groups"]},{"group":"Audit Logs","pages":["documentation/platform/audit-logs","documentation/platform/audit-log-streams/audit-log-streams","documentation/platform/audit-log-streams/audit-log-streams-with-fluentbit"]},{"group":"Secret Rotation","pages":["documentation/platform/secret-rotation/overview","documentation/platform/secret-rotation/sendgrid","documentation/platform/secret-rotation/postgres","documentation/platform/secret-rotation/mysql","documentation/platform/secret-rotation/mssql","documentation/platform/secret-rotation/aws-iam"]},{"group":"Dynamic Secrets","pages":["documentation/platform/dynamic-secrets/overview","documentation/platform/dynamic-secrets/postgresql","documentation/platform/dynamic-secrets/mysql","documentation/platform/dynamic-secrets/mssql","documentation/platform/dynamic-secrets/oracle","documentation/platform/dynamic-secrets/cassandra","documentation/platform/dynamic-secrets/redis","documentation/platform/dynamic-secrets/aws-elasticache","documentation/platform/dynamic-secrets/elastic-search","documentation/platform/dynamic-secrets/rabbit-mq","documentation/platform/dynamic-secrets/aws-iam","documentation/platform/dynamic-secrets/mongo-atlas","documentation/platform/dynamic-secrets/mongo-db","documentation/platform/dynamic-secrets/azure-entra-id","documentation/platform/dynamic-secrets/ldap","documentation/platform/dynamic-secrets/sap-ase","documentation/platform/dynamic-secrets/sap-hana","documentation/platform/dynamic-secrets/snowflake","documentation/platform/dynamic-secrets/totp"]},"documentation/platform/project-templates",{"group":"Workflow Integrations","pages":["documentation/platform/workflow-integrations/slack-integration"]},{"group":"Admin Consoles","pages":["documentation/platform/admin-panel/overview","documentation/platform/admin-panel/server-admin","documentation/platform/admin-panel/org-admin-console"]},"documentation/platform/secret-sharing"]},{"group":"Authentication Methods","pages":["documentation/platform/auth-methods/email-password","documentation/platform/token","documentation/platform/identities/token-auth","documentation/platform/identities/universal-auth","documentation/platform/identities/kubernetes-auth","documentation/platform/identities/gcp-auth","documentation/platform/identities/azure-auth","documentation/platform/identities/aws-auth","documentation/platform/identities/jwt-auth",{"group":"OIDC Auth","pages":["documentation/platform/identities/oidc-auth/general","documentation/platform/identities/oidc-auth/github","documentation/platform/identities/oidc-auth/circleci","documentation/platform/identities/oidc-auth/gitlab"]},"documentation/platform/mfa",{"group":"SSO","pages":["documentation/platform/sso/overview","documentation/platform/sso/google","documentation/platform/sso/github","documentation/platform/sso/gitlab","documentation/platform/sso/okta","documentation/platform/sso/azure","documentation/platform/sso/jumpcloud","documentation/platform/sso/keycloak-saml","documentation/platform/sso/google-saml","documentation/platform/sso/auth0-saml",{"group":"Keycloak OIDC","pages":["documentation/platform/sso/keycloak-oidc/overview","documentation/platform/sso/keycloak-oidc/group-membership-mapping"]},"documentation/platform/sso/auth0-oidc","documentation/platform/sso/general-oidc"]},{"group":"LDAP","pages":["documentation/platform/ldap/overview","documentation/platform/ldap/jumpcloud","documentation/platform/ldap/general"]},{"group":"SCIM","pages":["documentation/platform/scim/overview","documentation/platform/scim/okta","documentation/platform/scim/azure","documentation/platform/scim/jumpcloud","documentation/platform/scim/group-mappings"]}]},{"group":"Self-host Infisical","pages":["self-hosting/overview",{"group":"Installation methods","pages":["self-hosting/deployment-options/standalone-infisical","self-hosting/deployment-options/docker-swarm","self-hosting/deployment-options/docker-compose","self-hosting/deployment-options/kubernetes-helm"]},"self-hosting/guides/upgrading-infisical","self-hosting/configuration/envars","self-hosting/configuration/requirements",{"group":"Guides","pages":["self-hosting/guides/mongo-to-postgres","self-hosting/guides/custom-certificates"]},{"group":"Reference architectures","pages":["self-hosting/reference-architectures/aws-ecs","self-hosting/reference-architectures/linux-deployment-ha","self-hosting/reference-architectures/on-prem-k8s-ha"]},"self-hosting/ee","self-hosting/faq"]},{"group":"Internals","pages":["internals/overview","internals/permissions","internals/components","internals/security","internals/service-tokens"]},{"group":"Contributing","pages":[{"group":"Getting Started","pages":["contributing/getting-started/overview","contributing/getting-started/code-of-conduct","contributing/getting-started/pull-requests","contributing/getting-started/faq"]},{"group":"Contributing to platform","pages":["contributing/platform/developing","contributing/platform/backend/how-to-create-a-feature","contributing/platform/backend/folder-structure"]},{"group":"Contributing to SDK","pages":["contributing/sdk/developing"]}]}]},{"tab":"Integrations","groups":[{"group":"Infrastructure Integrations","pages":[{"group":"Container orchestrators","pages":[{"group":"Kubernetes","pages":["integrations/platforms/kubernetes/overview","integrations/platforms/kubernetes/infisical-secret-crd","integrations/platforms/kubernetes/infisical-push-secret-crd","integrations/platforms/kubernetes/infisical-dynamic-secret-crd"]},"integrations/platforms/kubernetes-csi","integrations/platforms/docker-swarm-with-agent","integrations/platforms/ecs-with-agent"]},"integrations/platforms/infisical-agent",{"group":"Docker","pages":["integrations/platforms/docker-intro","integrations/platforms/docker","integrations/platforms/docker-pass-envs","integrations/platforms/docker-compose"]},"integrations/frameworks/terraform","integrations/platforms/ansible"]},{"group":"App Connections","pages":["integrations/app-connections/overview",{"group":"Connections","pages":["integrations/app-connections/aws","integrations/app-connections/azure-app-configuration","integrations/app-connections/azure-key-vault","integrations/app-connections/databricks","integrations/app-connections/gcp","integrations/app-connections/github"]}]},{"group":"Secret Syncs","pages":["integrations/secret-syncs/overview",{"group":"Syncs","pages":["integrations/secret-syncs/aws-parameter-store","integrations/secret-syncs/aws-secrets-manager","integrations/secret-syncs/azure-app-configuration","integrations/secret-syncs/azure-key-vault","integrations/secret-syncs/databricks","integrations/secret-syncs/gcp-secret-manager","integrations/secret-syncs/github"]}]},{"group":"Native Integrations","pages":[{"group":"AWS","pages":["integrations/cloud/aws-parameter-store","integrations/cloud/aws-secret-manager","integrations/cloud/aws-amplify"]},"integrations/cloud/vercel","integrations/cloud/azure-key-vault","integrations/cloud/azure-app-configuration","integrations/cloud/azure-devops","integrations/cloud/gcp-secret-manager",{"group":"Cloudflare","pages":["integrations/cloud/cloudflare-pages","integrations/cloud/cloudflare-workers"]},"integrations/cloud/terraform-cloud","integrations/cloud/databricks",{"group":"View more","pages":["integrations/cloud/digital-ocean-app-platform","integrations/cloud/heroku","integrations/cloud/netlify","integrations/cloud/railway","integrations/cloud/flyio","integrations/cloud/render","integrations/cloud/laravel-forge","integrations/cloud/supabase","integrations/cloud/northflank","integrations/cloud/hasura-cloud","integrations/cloud/qovery","integrations/cloud/hashicorp-vault","integrations/cloud/cloud-66","integrations/cloud/windmill"]}]},{"group":"CI/CD Integrations","pages":["integrations/cicd/jenkins","integrations/cicd/githubactions","integrations/cicd/gitlab","integrations/cicd/bitbucket","integrations/cloud/teamcity",{"group":"View more","pages":["integrations/cicd/circleci","integrations/cicd/travisci","integrations/cicd/rundeck","integrations/cicd/codefresh","integrations/cloud/checkly","integrations/cicd/octopus-deploy"]}]},{"group":"Framework Integrations","pages":["integrations/frameworks/spring-boot-maven","integrations/frameworks/react","integrations/frameworks/vue","integrations/frameworks/express",{"group":"View more","pages":["integrations/frameworks/nextjs","integrations/frameworks/nestjs","integrations/frameworks/sveltekit","integrations/frameworks/nuxt","integrations/frameworks/gatsby","integrations/frameworks/remix","integrations/frameworks/vite","integrations/frameworks/fiber","integrations/frameworks/django","integrations/frameworks/flask","integrations/frameworks/laravel","integrations/frameworks/rails","integrations/frameworks/dotnet","integrations/platforms/pm2"]}]},{"group":"Build Tool Integrations","pages":["integrations/build-tools/gradle"]}]},{"tab":"CLI","groups":[{"group":"Command line","pages":["cli/overview","cli/usage",{"group":"Core commands","pages":["cli/commands/login","cli/commands/init","cli/commands/run","cli/commands/secrets","cli/commands/dynamic-secrets","cli/commands/ssh","cli/commands/export","cli/commands/token","cli/commands/service-token","cli/commands/vault","cli/commands/user","cli/commands/reset",{"group":"infisical scan","pages":["cli/commands/scan","cli/commands/scan-git-changes","cli/commands/scan-install"]}]},"cli/scanning-overview","cli/project-config","cli/faq"]}]},{"tab":"API Reference","groups":[{"group":"Overview","pages":["api-reference/overview/introduction","api-reference/overview/authentication",{"group":"Examples","pages":["api-reference/overview/examples/integration"]}]},{"group":"Endpoints","pages":[{"group":"Identities","pages":["api-reference/endpoints/identities/create","api-reference/endpoints/identities/update","api-reference/endpoints/identities/delete","api-reference/endpoints/identities/get-by-id","api-reference/endpoints/identities/list"]},{"group":"Token Auth","pages":["api-reference/endpoints/token-auth/attach","api-reference/endpoints/token-auth/retrieve","api-reference/endpoints/token-auth/update","api-reference/endpoints/token-auth/revoke","api-reference/endpoints/token-auth/get-tokens","api-reference/endpoints/token-auth/create-token","api-reference/endpoints/token-auth/update-token","api-reference/endpoints/token-auth/revoke-token"]},{"group":"Universal Auth","pages":["api-reference/endpoints/universal-auth/login","api-reference/endpoints/universal-auth/attach","api-reference/endpoints/universal-auth/retrieve","api-reference/endpoints/universal-auth/update","api-reference/endpoints/universal-auth/revoke","api-reference/endpoints/universal-auth/create-client-secret","api-reference/endpoints/universal-auth/list-client-secrets","api-reference/endpoints/universal-auth/revoke-client-secret","api-reference/endpoints/universal-auth/get-client-secret-by-id","api-reference/endpoints/universal-auth/renew-access-token","api-reference/endpoints/universal-auth/revoke-access-token"]},{"group":"GCP Auth","pages":["api-reference/endpoints/gcp-auth/login","api-reference/endpoints/gcp-auth/attach","api-reference/endpoints/gcp-auth/retrieve","api-reference/endpoints/gcp-auth/update","api-reference/endpoints/gcp-auth/revoke"]},{"group":"AWS Auth","pages":["api-reference/endpoints/aws-auth/login","api-reference/endpoints/aws-auth/attach","api-reference/endpoints/aws-auth/retrieve","api-reference/endpoints/aws-auth/update","api-reference/endpoints/aws-auth/revoke"]},{"group":"Azure Auth","pages":["api-reference/endpoints/azure-auth/login","api-reference/endpoints/azure-auth/attach","api-reference/endpoints/azure-auth/retrieve","api-reference/endpoints/azure-auth/update","api-reference/endpoints/azure-auth/revoke"]},{"group":"Kubernetes Auth","pages":["api-reference/endpoints/kubernetes-auth/login","api-reference/endpoints/kubernetes-auth/attach","api-reference/endpoints/kubernetes-auth/retrieve","api-reference/endpoints/kubernetes-auth/update","api-reference/endpoints/kubernetes-auth/revoke"]},{"group":"OIDC Auth","pages":["api-reference/endpoints/oidc-auth/login","api-reference/endpoints/oidc-auth/attach","api-reference/endpoints/oidc-auth/retrieve","api-reference/endpoints/oidc-auth/update","api-reference/endpoints/oidc-auth/revoke"]},{"group":"JWT Auth","pages":["api-reference/endpoints/jwt-auth/login","api-reference/endpoints/jwt-auth/attach","api-reference/endpoints/jwt-auth/retrieve","api-reference/endpoints/jwt-auth/update","api-reference/endpoints/jwt-auth/revoke"]},{"group":"Groups","pages":["api-reference/endpoints/groups/create","api-reference/endpoints/groups/update","api-reference/endpoints/groups/delete","api-reference/endpoints/groups/get","api-reference/endpoints/groups/get-by-id","api-reference/endpoints/groups/add-group-user","api-reference/endpoints/groups/remove-group-user","api-reference/endpoints/groups/list-group-users"]},{"group":"Organizations","pages":["api-reference/endpoints/organizations/memberships","api-reference/endpoints/organizations/update-membership","api-reference/endpoints/organizations/delete-membership","api-reference/endpoints/organizations/list-identity-memberships","api-reference/endpoints/organizations/workspaces"]},{"group":"Projects","pages":["api-reference/endpoints/workspaces/create-workspace","api-reference/endpoints/workspaces/delete-workspace","api-reference/endpoints/workspaces/get-workspace","api-reference/endpoints/workspaces/update-workspace","api-reference/endpoints/workspaces/secret-snapshots","api-reference/endpoints/workspaces/rollback-snapshot"]},{"group":"Project Users","pages":["api-reference/endpoints/project-users/invite-member-to-workspace","api-reference/endpoints/project-users/remove-member-from-workspace","api-reference/endpoints/project-users/memberships","api-reference/endpoints/project-users/get-by-username","api-reference/endpoints/project-users/update-membership"]},{"group":"Project Groups","pages":["api-reference/endpoints/project-groups/create","api-reference/endpoints/project-groups/delete","api-reference/endpoints/project-groups/get-by-id","api-reference/endpoints/project-groups/list","api-reference/endpoints/project-groups/update"]},{"group":"Project Identities","pages":["api-reference/endpoints/project-identities/add-identity-membership","api-reference/endpoints/project-identities/list-identity-memberships","api-reference/endpoints/project-identities/get-by-id","api-reference/endpoints/project-identities/update-identity-membership","api-reference/endpoints/project-identities/delete-identity-membership"]},{"group":"Project Roles","pages":["api-reference/endpoints/project-roles/create","api-reference/endpoints/project-roles/update","api-reference/endpoints/project-roles/delete","api-reference/endpoints/project-roles/get-by-slug","api-reference/endpoints/project-roles/list"]},{"group":"Project Templates","pages":["api-reference/endpoints/project-templates/create","api-reference/endpoints/project-templates/update","api-reference/endpoints/project-templates/delete","api-reference/endpoints/project-templates/get-by-id","api-reference/endpoints/project-templates/list"]},{"group":"Environments","pages":["api-reference/endpoints/environments/create","api-reference/endpoints/environments/update","api-reference/endpoints/environments/delete"]},{"group":"Folders","pages":["api-reference/endpoints/folders/list","api-reference/endpoints/folders/get-by-id","api-reference/endpoints/folders/create","api-reference/endpoints/folders/update","api-reference/endpoints/folders/delete"]},{"group":"Secret Tags","pages":["api-reference/endpoints/secret-tags/list","api-reference/endpoints/secret-tags/get-by-id","api-reference/endpoints/secret-tags/get-by-slug","api-reference/endpoints/secret-tags/create","api-reference/endpoints/secret-tags/update","api-reference/endpoints/secret-tags/delete"]},{"group":"Secrets","pages":["api-reference/endpoints/secrets/list","api-reference/endpoints/secrets/create","api-reference/endpoints/secrets/read","api-reference/endpoints/secrets/update","api-reference/endpoints/secrets/delete","api-reference/endpoints/secrets/create-many","api-reference/endpoints/secrets/update-many","api-reference/endpoints/secrets/delete-many","api-reference/endpoints/secrets/attach-tags","api-reference/endpoints/secrets/detach-tags"]},{"group":"Dynamic Secrets","pages":["api-reference/endpoints/dynamic-secrets/create","api-reference/endpoints/dynamic-secrets/update","api-reference/endpoints/dynamic-secrets/delete","api-reference/endpoints/dynamic-secrets/get","api-reference/endpoints/dynamic-secrets/list","api-reference/endpoints/dynamic-secrets/list-leases","api-reference/endpoints/dynamic-secrets/create-lease","api-reference/endpoints/dynamic-secrets/delete-lease","api-reference/endpoints/dynamic-secrets/renew-lease","api-reference/endpoints/dynamic-secrets/get-lease"]},{"group":"Secret Imports","pages":["api-reference/endpoints/secret-imports/list","api-reference/endpoints/secret-imports/create","api-reference/endpoints/secret-imports/update","api-reference/endpoints/secret-imports/delete"]},{"group":"Identity Specific Privilege","pages":["api-reference/endpoints/identity-specific-privilege/create-permanent","api-reference/endpoints/identity-specific-privilege/create-temporary","api-reference/endpoints/identity-specific-privilege/update","api-reference/endpoints/identity-specific-privilege/delete","api-reference/endpoints/identity-specific-privilege/find-by-slug","api-reference/endpoints/identity-specific-privilege/list"]},{"group":"App Connections","pages":["api-reference/endpoints/app-connections/list","api-reference/endpoints/app-connections/options",{"group":"AWS","pages":["api-reference/endpoints/app-connections/aws/list","api-reference/endpoints/app-connections/aws/available","api-reference/endpoints/app-connections/aws/get-by-id","api-reference/endpoints/app-connections/aws/get-by-name","api-reference/endpoints/app-connections/aws/create","api-reference/endpoints/app-connections/aws/update","api-reference/endpoints/app-connections/aws/delete"]},{"group":"Azure App Configuration","pages":["api-reference/endpoints/app-connections/azure-app-configuration/list","api-reference/endpoints/app-connections/azure-app-configuration/available","api-reference/endpoints/app-connections/azure-app-configuration/get-by-id","api-reference/endpoints/app-connections/azure-app-configuration/get-by-name","api-reference/endpoints/app-connections/azure-app-configuration/create","api-reference/endpoints/app-connections/azure-app-configuration/update","api-reference/endpoints/app-connections/azure-app-configuration/delete"]},{"group":"Azure Key Vault","pages":["api-reference/endpoints/app-connections/azure-key-vault/list","api-reference/endpoints/app-connections/azure-key-vault/available","api-reference/endpoints/app-connections/azure-key-vault/get-by-id","api-reference/endpoints/app-connections/azure-key-vault/get-by-name","api-reference/endpoints/app-connections/azure-key-vault/create","api-reference/endpoints/app-connections/azure-key-vault/update","api-reference/endpoints/app-connections/azure-key-vault/delete"]},{"group":"Databricks","pages":["api-reference/endpoints/app-connections/databricks/list","api-reference/endpoints/app-connections/databricks/available","api-reference/endpoints/app-connections/databricks/get-by-id","api-reference/endpoints/app-connections/databricks/get-by-name","api-reference/endpoints/app-connections/databricks/create","api-reference/endpoints/app-connections/databricks/update","api-reference/endpoints/app-connections/databricks/delete"]},{"group":"GCP","pages":["api-reference/endpoints/app-connections/gcp/list","api-reference/endpoints/app-connections/gcp/available","api-reference/endpoints/app-connections/gcp/get-by-id","api-reference/endpoints/app-connections/gcp/get-by-name","api-reference/endpoints/app-connections/gcp/create","api-reference/endpoints/app-connections/gcp/update","api-reference/endpoints/app-connections/gcp/delete"]},{"group":"GitHub","pages":["api-reference/endpoints/app-connections/github/list","api-reference/endpoints/app-connections/github/available","api-reference/endpoints/app-connections/github/get-by-id","api-reference/endpoints/app-connections/github/get-by-name","api-reference/endpoints/app-connections/github/create","api-reference/endpoints/app-connections/github/update","api-reference/endpoints/app-connections/github/delete"]}]},{"group":"Secret Syncs","pages":["api-reference/endpoints/secret-syncs/list","api-reference/endpoints/secret-syncs/options",{"group":"AWS Parameter Store","pages":["api-reference/endpoints/secret-syncs/aws-parameter-store/list","api-reference/endpoints/secret-syncs/aws-parameter-store/get-by-id","api-reference/endpoints/secret-syncs/aws-parameter-store/get-by-name","api-reference/endpoints/secret-syncs/aws-parameter-store/create","api-reference/endpoints/secret-syncs/aws-parameter-store/update","api-reference/endpoints/secret-syncs/aws-parameter-store/delete","api-reference/endpoints/secret-syncs/aws-parameter-store/sync-secrets","api-reference/endpoints/secret-syncs/aws-parameter-store/import-secrets","api-reference/endpoints/secret-syncs/aws-parameter-store/remove-secrets"]},{"group":"AWS Secrets Manager","pages":["api-reference/endpoints/secret-syncs/aws-secrets-manager/list","api-reference/endpoints/secret-syncs/aws-secrets-manager/get-by-id","api-reference/endpoints/secret-syncs/aws-secrets-manager/get-by-name","api-reference/endpoints/secret-syncs/aws-secrets-manager/create","api-reference/endpoints/secret-syncs/aws-secrets-manager/update","api-reference/endpoints/secret-syncs/aws-secrets-manager/delete","api-reference/endpoints/secret-syncs/aws-secrets-manager/sync-secrets","api-reference/endpoints/secret-syncs/aws-secrets-manager/import-secrets","api-reference/endpoints/secret-syncs/aws-secrets-manager/remove-secrets"]},{"group":"Azure App Configuration","pages":["api-reference/endpoints/secret-syncs/azure-app-configuration/list","api-reference/endpoints/secret-syncs/azure-app-configuration/get-by-id","api-reference/endpoints/secret-syncs/azure-app-configuration/get-by-name","api-reference/endpoints/secret-syncs/azure-app-configuration/create","api-reference/endpoints/secret-syncs/azure-app-configuration/update","api-reference/endpoints/secret-syncs/azure-app-configuration/delete","api-reference/endpoints/secret-syncs/azure-app-configuration/sync-secrets","api-reference/endpoints/secret-syncs/azure-app-configuration/import-secrets","api-reference/endpoints/secret-syncs/azure-app-configuration/remove-secrets"]},{"group":"Azure Key Vault","pages":["api-reference/endpoints/secret-syncs/azure-key-vault/list","api-reference/endpoints/secret-syncs/azure-key-vault/get-by-id","api-reference/endpoints/secret-syncs/azure-key-vault/get-by-name","api-reference/endpoints/secret-syncs/azure-key-vault/create","api-reference/endpoints/secret-syncs/azure-key-vault/update","api-reference/endpoints/secret-syncs/azure-key-vault/delete","api-reference/endpoints/secret-syncs/azure-key-vault/sync-secrets","api-reference/endpoints/secret-syncs/azure-key-vault/import-secrets","api-reference/endpoints/secret-syncs/azure-key-vault/remove-secrets"]},{"group":"Databricks","pages":["api-reference/endpoints/secret-syncs/databricks/list","api-reference/endpoints/secret-syncs/databricks/get-by-id","api-reference/endpoints/secret-syncs/databricks/get-by-name","api-reference/endpoints/secret-syncs/databricks/create","api-reference/endpoints/secret-syncs/databricks/update","api-reference/endpoints/secret-syncs/databricks/delete","api-reference/endpoints/secret-syncs/databricks/sync-secrets","api-reference/endpoints/secret-syncs/databricks/remove-secrets"]},{"group":"GCP Secret Manager","pages":["api-reference/endpoints/secret-syncs/gcp-secret-manager/list","api-reference/endpoints/secret-syncs/gcp-secret-manager/get-by-id","api-reference/endpoints/secret-syncs/gcp-secret-manager/get-by-name","api-reference/endpoints/secret-syncs/gcp-secret-manager/create","api-reference/endpoints/secret-syncs/gcp-secret-manager/update","api-reference/endpoints/secret-syncs/gcp-secret-manager/delete","api-reference/endpoints/secret-syncs/gcp-secret-manager/sync-secrets","api-reference/endpoints/secret-syncs/gcp-secret-manager/import-secrets","api-reference/endpoints/secret-syncs/gcp-secret-manager/remove-secrets"]},{"group":"GitHub","pages":["api-reference/endpoints/secret-syncs/github/list","api-reference/endpoints/secret-syncs/github/get-by-id","api-reference/endpoints/secret-syncs/github/get-by-name","api-reference/endpoints/secret-syncs/github/create","api-reference/endpoints/secret-syncs/github/update","api-reference/endpoints/secret-syncs/github/delete","api-reference/endpoints/secret-syncs/github/sync-secrets","api-reference/endpoints/secret-syncs/github/remove-secrets"]}]},{"group":"Integrations","pages":["api-reference/endpoints/integrations/create-auth","api-reference/endpoints/integrations/list-auth","api-reference/endpoints/integrations/find-auth","api-reference/endpoints/integrations/delete-auth","api-reference/endpoints/integrations/delete-auth-by-id","api-reference/endpoints/integrations/create","api-reference/endpoints/integrations/update","api-reference/endpoints/integrations/delete","api-reference/endpoints/integrations/list-project-integrations"]},{"group":"Service Tokens","pages":["api-reference/endpoints/service-tokens/get"]},{"group":"Audit Logs","pages":["api-reference/endpoints/audit-logs/export-audit-log"]}]},{"group":"Infisical PKI","pages":[{"group":"Certificate Authorities","pages":["api-reference/endpoints/certificate-authorities/list","api-reference/endpoints/certificate-authorities/create","api-reference/endpoints/certificate-authorities/read","api-reference/endpoints/certificate-authorities/update","api-reference/endpoints/certificate-authorities/delete","api-reference/endpoints/certificate-authorities/renew","api-reference/endpoints/certificate-authorities/list-ca-certs","api-reference/endpoints/certificate-authorities/csr","api-reference/endpoints/certificate-authorities/cert","api-reference/endpoints/certificate-authorities/sign-intermediate","api-reference/endpoints/certificate-authorities/import-cert","api-reference/endpoints/certificate-authorities/issue-cert","api-reference/endpoints/certificate-authorities/sign-cert","api-reference/endpoints/certificate-authorities/crl"]},{"group":"Certificates","pages":["api-reference/endpoints/certificates/list","api-reference/endpoints/certificates/read","api-reference/endpoints/certificates/revoke","api-reference/endpoints/certificates/delete","api-reference/endpoints/certificates/cert-body","api-reference/endpoints/certificates/issue-certificate","api-reference/endpoints/certificates/sign-certificate"]},{"group":"Certificate Templates","pages":["api-reference/endpoints/certificate-templates/create","api-reference/endpoints/certificate-templates/update","api-reference/endpoints/certificate-templates/get-by-id","api-reference/endpoints/certificate-templates/delete"]},{"group":"Certificate Collections","pages":["api-reference/endpoints/pki-collections/create","api-reference/endpoints/pki-collections/read","api-reference/endpoints/pki-collections/update","api-reference/endpoints/pki-collections/delete","api-reference/endpoints/pki-collections/add-item","api-reference/endpoints/pki-collections/list-items","api-reference/endpoints/pki-collections/delete-item"]},{"group":"PKI Alerting","pages":["api-reference/endpoints/pki-alerts/create","api-reference/endpoints/pki-alerts/read","api-reference/endpoints/pki-alerts/update","api-reference/endpoints/pki-alerts/delete"]}]},{"group":"Infisical SSH","pages":[{"group":"Certificates","pages":["api-reference/endpoints/ssh/certificates/issue-credentials","api-reference/endpoints/ssh/certificates/sign-key"]},{"group":"Certificate Authorities","pages":["api-reference/endpoints/ssh/ca/list","api-reference/endpoints/ssh/ca/create","api-reference/endpoints/ssh/ca/read","api-reference/endpoints/ssh/ca/update","api-reference/endpoints/ssh/ca/delete","api-reference/endpoints/ssh/ca/public-key","api-reference/endpoints/ssh/ca/list-certificate-templates"]},{"group":"Certificate Templates","pages":["api-reference/endpoints/ssh/certificate-templates/list","api-reference/endpoints/ssh/certificate-templates/create","api-reference/endpoints/ssh/certificate-templates/read","api-reference/endpoints/ssh/certificate-templates/update","api-reference/endpoints/ssh/certificate-templates/delete"]}]},{"group":"Infisical KMS","pages":[{"group":"Keys","pages":["api-reference/endpoints/kms/keys/list","api-reference/endpoints/kms/keys/get-by-id","api-reference/endpoints/kms/keys/get-by-name","api-reference/endpoints/kms/keys/create","api-reference/endpoints/kms/keys/update","api-reference/endpoints/kms/keys/delete","api-reference/endpoints/kms/keys/encrypt","api-reference/endpoints/kms/keys/decrypt"]}]}]},{"tab":"SDKs","groups":[{"group":"","pages":["sdks/overview"]},{"group":"SDK's","pages":["sdks/languages/node","sdks/languages/python","sdks/languages/java","sdks/languages/go","sdks/languages/ruby","sdks/languages/csharp"]}]},{"tab":"Changelog","groups":[{"group":"","pages":["changelog/overview"]}]}]},"logo":{"light":"https://mintlify.s3.us-west-1.amazonaws.com/infisical/logo/light.svg","dark":"https://mintlify.s3.us-west-1.amazonaws.com/infisical/logo/dark.svg","href":"https://infisical.com"},"api":{"openapi":"https://app.infisical.com/api/docs/json","mdx":{"server":["https://app.infisical.com","http://localhost:8080"]}},"appearance":{"default":"light","strict":true},"background":{"color":{"light":"#ffffff","dark":"#0D1117"}},"navbar":{"links":[{"label":"Log In","href":"https://app.infisical.com/login"}],"primary":{"type":"button","label":"Start for Free","href":"https://app.infisical.com/signup"}},"footer":{"socials":{"x":"https://www.twitter.com/infisical/","linkedin":"https://www.linkedin.com/company/infisical/","github":"https://github.com/Infisical/infisical-cli","slack":"https://infisical.com/slack"},"links":[{"header":"PRODUCT","items":[{"label":"Secret Management","href":"https://infisical.com/"},{"label":"Secret Scanning","href":"https://infisical.com/radar"},{"label":"Share Secrets","href":"https://app.infisical.com/share-secret"},{"label":"Pricing","href":"https://infisical.com/pricing"},{"label":"Security","href":"https://infisical.com/docs/internals/security"},{"label":"Blog","href":"https://infisical.com/blog"},{"label":"Infisical vs Vault","href":"https://infisical.com/infisical-vs-hashicorp-vault"},{"label":"Forum","href":"https://questions.infisical.com/"}]},{"header":"USE CASES","items":[{"label":"Infisical Agent","href":"https://infisical.com/docs/documentation/getting-started/introduction"},{"label":"Kubernetes","href":"https://infisical.com/docs/integrations/platforms/kubernetes"},{"label":"Dynamic Secrets","href":"https://infisical.com/docs/documentation/platform/dynamic-secrets/overview"},{"label":"Terraform","href":"https://infisical.com/docs/integrations/frameworks/terraform"},{"label":"Ansible","href":"https://infisical.com/docs/integrations/platforms/ansible"},{"label":"Jenkins","href":"https://infisical.com/docs/integrations/cicd/jenkins"},{"label":"Docker","href":"https://infisical.com/docs/integrations/platforms/docker-intro"},{"label":"AWS ECS","href":"https://infisical.com/docs/integrations/platforms/ecs-with-agent"},{"label":"GitLab","href":"https://infisical.com/docs/integrations/cicd/gitlab"},{"label":"GitHub","href":"https://infisical.com/docs/integrations/cicd/githubactions"},{"label":"SDK","href":"https://infisical.com/docs/sdks/overview"}]},{"header":"DEVELOPERS","items":[{"label":"Changelog","href":"https://www.infisical.com/docs/changelog"},{"label":"Status","href":"https://status.infisical.com/"},{"label":"Feedback \u0026 Requests","href":"https://github.com/Infisical/infisical/issues"},{"label":"Trust of Center","href":"https://app.vanta.com/infisical.com/trust/hoop8cr78cuarxo9sztvs"},{"label":"Open Source Friends","href":"https://infisical.com/infisical-friends"},{"label":"How to contribute","href":"https://www.infisical.com/infisical-heroes"}]},{"header":"OTHERS","items":[{"label":"Customers","href":"https://infisical.com/customers/traba"},{"label":"Company Handbook","href":"https://infisical.com/wiki/handbook/overview"},{"label":"Careers","href":"https://infisical.com/careers"},{"label":"Terms of Service","href":"https://infisical.com/terms"},{"label":"Privacy Policy","href":"https://infisical.com/privacy"},{"label":"Subprocessors","href":"https://infisical.com/subprocessors"},{"label":"SLA","href":"https://infisical.com/sla"},{"label":"Team Email","href":"mailto:team@infisical.com"},{"label":"Sales","href":"mailto:sales@infisical.com"},{"label":"Support","href":"https://infisical.com/slack"}]}]},"integrations":{"posthog":{"apiKey":"phc_Q0xfB3LeOqo7ySk4DE6zLNwDzHFesKcmigknCy4fTdV"},"koala":{"publicApiKey":"pk_b50d7184e0e39ddd5cdb43cf6abeadd9b97d"}}},"apiReferenceData":{}},"feedback":{"thumbs":true,"edits":true,"issues":true},"favicons":{"icons":[{"rel":"apple-touch-icon","sizes":"180x180","href":"https://mintlify.s3-us-west-1.amazonaws.com/infisical/_generated/favicon/apple-touch-icon.png?v=3","type":"image/png"},{"rel":"icon","sizes":"32x32","href":"https://mintlify.s3-us-west-1.amazonaws.com/infisical/_generated/favicon/favicon-32x32.png?v=3","type":"image/png"},{"rel":"icon","sizes":"16x16","href":"https://mintlify.s3-us-west-1.amazonaws.com/infisical/_generated/favicon/favicon-16x16.png?v=3","type":"image/png"},{"rel":"shortcut icon","href":"https://mintlify.s3-us-west-1.amazonaws.com/infisical/_generated/favicon/favicon.ico?v=3","type":"image/x-icon"}],"browserconfig":"https://mintlify.s3-us-west-1.amazonaws.com/infisical/_generated/favicon/browserconfig.xml?v=3"},"subdomain":"infisical","actualSubdomain":"infisical","internalAnalyticsWriteKey":"phc_TXdpocbGVeZVm5VJmAsHTMrCofBQu3e0kN8HGMNGTVW","inkeep":{"integrationApiKey":"a2e2846da1a227961e3519816ce2bfb868f7d86467d289de"},"trieve":{"chatEnabled":true,"datasetId":"cdc6f647-bdca-43d9-a3e5-f398c156d553"},"shouldIndex":true,"org":{"plan":"growth"},"cssFiles":[{"_id":"660a571a3a6c5022ffe07306","filePath":"style.css","subdomain":"infisical","__v":0,"content":"#navbar .max-w-8xl {\n max-width: 100%;\n border-bottom: 1px solid #ebebeb;\n background-color: #F4F3EF;\n}\n\n.max-w-8xl {\n /* background-color: #f5f5f5; */\n}\n\n#sidebar {\n left: 0;\n padding-right: 30px;\n border-right: 1px;\n border-color: #cdd64b;\n background-color: #F4F3EF;\n border-right: 1px solid #ebebeb;\n}\n\n#sidebar-content {\n padding-left: 2rem;\n}\n\n#sidebar .relative .sticky {\n opacity: 0;\n}\n\n#sidebar li \u003e div.mt-2 {\n border-radius: 0;\n padding: 5px;\n}\n\n#sidebar li \u003e a.text-primary {\n border-radius: 0;\n background-color: #FBFFCC;\n border-left: 4px solid #EFFF33;\n padding: 5px;\n}\n\n#sidebar li \u003e a.mt-2 {\n border-radius: 0;\n padding: 5px;\n}\n\n#sidebar li \u003e a.leading-6 {\n border-radius: 0;\n padding: 0px;\n}\n\n/* #sidebar ul \u003e div.mt-12 {\n padding-top: 30px;\n position: relative;\n}\n\n#sidebar ul \u003e div.mt-12 h5 {\n position: absolute;\n left: -12px;\n top: -0px;\n} */\n\n#header {\n border-left: 4px solid #EFFF33;\n padding-left: 16px;\n padding-right: 16px;\n background-color: #FDFFE5;\n padding-bottom: 10px;\n padding-top: 10px;\n}\n\n#content-area .mt-8 .block{\n border-radius: 0;\n border-width: 1px;\n background-color: #FCFBFA;\n border-color: #ebebeb;\n}\n\n/* #content-area:hover .mt-8 .block:hover{\n border-radius: 0;\n border-width: 1px;\n background-color: #FDFFE5;\n border-color: #EFFF33;\n} */\n\n#content-area .mt-8 .rounded-xl{\n border-radius: 0;\n}\n\n#content-area .mt-8 .rounded-lg{\n border-radius: 0;\n}\n\n#content-area .mt-6 .rounded-xl{\n border-radius: 0;\n}\n\n#content-area .mt-6 .rounded-lg{\n border-radius: 0;\n}\n\n#content-area .mt-6 .rounded-md{\n border-radius: 0;\n}\n\n#content-area .mt-8 .rounded-md{\n border-radius: 0;\n}\n\n#content-area div.my-4{\n border-radius: 0;\n border-width: 1px;\n}\n\n#content-area div.flex-1 {\n /* text-transform: uppercase; */\n opacity: 0.8;\n font-weight: 400;\n}\n\n#content-area button {\n border-radius: 0;\n}\n\n#content-area a {\n border-radius: 0;\n}\n\n#content-area .not-prose {\n border-radius: 0;\n}\n\n/* .eyebrow {\n text-transform: uppercase;\n font-weight: 400;\n color: red;\n} */\n\n#content-container {\n /* background-color: #f5f5f5; */\n margin-top: 2rem;\n}\n\n#topbar-cta-button .group .absolute {\n background-color: black;\n border-radius: 0px;\n}\n\n/* #topbar-cta-button .group .absolute:hover {\n background-color: white;\n border-radius: 0px;\n} */\n\n#topbar-cta-button .group .flex {\n margin-top: 5px;\n margin-bottom: 5px;\n font-size: medium;\n}\n\n.flex-1 .flex .items-center {\n /* background-color: #f5f5f5; */\n}\n"}],"jsFiles":[],"mdxSourceWithNoJs":{"compiledSource":"\"use strict\";\nconst {Fragment: _Fragment, jsx: _jsx, jsxs: _jsxs} = arguments[0];\nconst {useMDXComponents: _provideComponents} = arguments[0];\nfunction _createMdxContent(props) {\n const _components = {\n a: \"a\",\n code: \"code\",\n h4: \"h4\",\n img: \"img\",\n li: \"li\",\n ol: \"ol\",\n p: \"p\",\n pre: \"pre\",\n span: \"span\",\n strong: \"strong\",\n ul: \"ul\",\n ..._provideComponents(),\n ...props.components\n }, {Accordion, AccordionGroup, CodeBlock, Heading, Mermaid, Note, Step, Steps, Tip} = _components;\n if (!Accordion) _missingMdxReference(\"Accordion\", true);\n if (!AccordionGroup) _missingMdxReference(\"AccordionGroup\", true);\n if (!CodeBlock) _missingMdxReference(\"CodeBlock\", true);\n if (!Heading) _missingMdxReference(\"Heading\", true);\n if (!Mermaid) _missingMdxReference(\"Mermaid\", true);\n if (!Note) _missingMdxReference(\"Note\", true);\n if (!Step) _missingMdxReference(\"Step\", true);\n if (!Steps) _missingMdxReference(\"Steps\", true);\n if (!Tip) _missingMdxReference(\"Tip\", true);\n return _jsxs(_Fragment, {\n children: [_jsxs(_components.p, {\n children: [_jsx(_components.strong, {\n children: \"AWS Auth\"\n }), \" is an AWS-native authentication method for IAM principals like EC2 instances or Lambda functions to access Infisical.\"]\n }), \"\\n\", _jsx(Heading, {\n level: \"2\",\n id: \"diagram\",\n children: \"Diagram\"\n }), \"\\n\", _jsx(_components.p, {\n children: \"The following sequence diagram illustrates the AWS Auth workflow for authenticating AWS IAM principals with Infisical.\"\n }), \"\\n\", _jsx(Mermaid, {\n chart: `sequenceDiagram\n participant Client as Client\n participant Infis as Infisical\n participant AWS as AWS STS\n\n Note over Client,Client: Step 1: Sign GetCallerIdentityQuery\n\n Note over Client,Infis: Step 2: Login Operation\n Client-\u003e\u003eInfis: Send signed query details /api/v1/auth/aws-auth/login\n\n Note over Infis,AWS: Step 3: Query verification\n Infis-\u003e\u003eAWS: Forward signed GetCallerIdentity query\n AWS--\u003e\u003eInfis: Return IAM user/role details\n\n Note over Infis: Step 4: Identity Property Validation\n Infis-\u003e\u003eClient: Return short-lived access token\n\n Note over Client,Infis: Step 5: Access Infisical API with Token\n Client-\u003e\u003eInfis: Make authenticated requests using the short-lived access token`\n }), \"\\n\", _jsx(Heading, {\n level: \"2\",\n id: \"concept\",\n children: \"Concept\"\n }), \"\\n\", _jsxs(_components.p, {\n children: [\"At a high-level, Infisical authenticates an IAM principal by verifying its identity and checking that it meets specific requirements (e.g. it is an allowed IAM principal ARN) at the \", _jsx(_components.code, {\n children: \"/api/v1/auth/aws-auth/login\"\n }), \" endpoint. If successful,\\nthen Infisical returns a short-lived access token that can be used to make authenticated requests to the Infisical API.\"]\n }), \"\\n\", _jsx(_components.p, {\n children: \"To be more specific:\"\n }), \"\\n\", _jsxs(_components.ol, {\n children: [\"\\n\", _jsxs(_components.li, {\n children: [\"The client IAM principal signs a \", _jsx(_components.code, {\n children: \"GetCallerIdentity\"\n }), \" query using the \", _jsx(_components.a, {\n href: \"https://docs.aws.amazon.com/IAM/latest/UserGuide/create-signed-request.html\",\n children: \"AWS Signature v4 algorithm\"\n }), \"; this is done using the credentials from the AWS environment where the IAM principal is running.\"]\n }), \"\\n\", _jsxs(_components.li, {\n children: [\"The client sends the signed query data to Infisical including the request method, request body, and request headers at the \", _jsx(_components.code, {\n children: \"/api/v1/auth/aws-auth/login\"\n }), \" endpoint.\"]\n }), \"\\n\", _jsxs(_components.li, {\n children: [\"Infisical reconstructs the query and sends it to AWS STS API via the \", _jsx(_components.a, {\n href: \"https://docs.aws.amazon.com/STS/latest/APIReference/API_GetCallerIdentity.html\",\n children: \"sts:GetCallerIdentity\"\n }), \" method for verification and obtains the identity associated with the IAM principal.\"]\n }), \"\\n\", _jsxs(_components.li, {\n children: [\"Infisical checks the identity’s properties against set criteria such \", _jsx(_components.strong, {\n children: \"Allowed Principal ARNs\"\n }), \".\"]\n }), \"\\n\", _jsx(_components.li, {\n children: \"If all is well, Infisical returns a short-lived access token that the IAM principal can use to make authenticated requests to the Infisical API.\"\n }), \"\\n\"]\n }), \"\\n\", _jsxs(Note, {\n children: [_jsxs(_components.p, {\n children: [\"We recommend using one of Infisical’s clients like SDKs or the Infisical Agent\\nto authenticate with Infisical using AWS Auth as they handle the\\nauthentication process including the signed \", _jsx(_components.code, {\n children: \"GetCallerIdentity\"\n }), \" query\\nconstruction for you.\"]\n }), _jsx(_components.p, {\n children: \"Also, note that Infisical needs network-level access to send requests to the AWS STS API\\nas part of the AWS Auth workflow.\"\n })]\n }), \"\\n\", _jsx(Heading, {\n level: \"2\",\n id: \"guide\",\n children: \"Guide\"\n }), \"\\n\", _jsx(_components.p, {\n children: \"In the following steps, we explore how to create and use identities for your workloads and applications on AWS to\\naccess the Infisical API using the AWS Auth authentication method.\"\n }), \"\\n\", _jsxs(Steps, {\n children: [_jsxs(Step, {\n title: \"Creating an identity\",\n children: [_jsxs(_components.p, {\n children: [\"To create an identity, head to your Organization Settings \u003e Access Control \u003e Machine Identities and press \", _jsx(_components.strong, {\n children: \"Create identity\"\n }), \".\"]\n }), _jsx(_components.p, {\n children: _jsx(_components.img, {\n src: \"https://mintlify.s3.us-west-1.amazonaws.com/infisical/images/platform/identities/identities-org.png\",\n alt: \"identities organization\"\n })\n }), _jsxs(_components.p, {\n children: [\"When creating an identity, you specify an organization level \", _jsx(_components.a, {\n href: \"/documentation/platform/role-based-access-controls\",\n children: \"role\"\n }), \" for it to assume; you can configure roles in Organization Settings \u003e Access Control \u003e Organization Roles.\"]\n }), _jsx(_components.p, {\n children: _jsx(_components.img, {\n src: \"https://mintlify.s3.us-west-1.amazonaws.com/infisical/images/platform/identities/identities-org-create.png\",\n alt: \"identities organization create\"\n })\n }), _jsx(_components.p, {\n children: \"Now input a few details for your new identity. Here’s some guidance for each field:\"\n }), _jsxs(_components.ul, {\n children: [\"\\n\", _jsx(_components.li, {\n children: \"Name (required): A friendly name for the identity.\"\n }), \"\\n\", _jsxs(_components.li, {\n children: [\"Role (required): A role from the \", _jsx(_components.strong, {\n children: \"Organization Roles\"\n }), \" tab for the identity to assume. The organization role assigned will determine what organization level resources this identity can have access to.\"]\n }), \"\\n\"]\n }), _jsx(_components.p, {\n children: \"Once you’ve created an identity, you’ll be redirected to a page where you can manage the identity.\"\n }), _jsx(_components.p, {\n children: _jsx(_components.img, {\n src: \"https://mintlify.s3.us-west-1.amazonaws.com/infisical/images/platform/identities/identities-page.png\",\n alt: \"identities page\"\n })\n }), _jsxs(_components.p, {\n children: [\"Since the identity has been configured with Universal Auth by default, you should re-configure it to use AWS Auth instead. To do this, press to edit the \", _jsx(_components.strong, {\n children: \"Authentication\"\n }), \" section,\\nremove the existing Universal Auth configuration, and add a new AWS Auth configuration onto the identity.\"]\n }), _jsx(_components.p, {\n children: _jsx(_components.img, {\n src: \"https://mintlify.s3.us-west-1.amazonaws.com/infisical/images/platform/identities/identities-page-remove-default-auth.png\",\n alt: \"identities page remove default auth\"\n })\n }), _jsx(_components.p, {\n children: _jsx(_components.img, {\n src: \"https://mintlify.s3.us-west-1.amazonaws.com/infisical/images/platform/identities/identities-org-create-aws-auth-method.png\",\n alt: \"identities create aws auth method\"\n })\n }), _jsx(_components.p, {\n children: \"Here’s some more guidance on each field:\"\n }), _jsxs(_components.ul, {\n children: [\"\\n\", _jsxs(_components.li, {\n children: [\"Allowed Principal ARNs: A comma-separated list of trusted IAM principal ARNs that are allowed to authenticate with Infisical. The values should take one of three forms: \", _jsx(_components.code, {\n children: \"arn:aws:iam::123456789012:user/MyUserName\"\n }), \", \", _jsx(_components.code, {\n children: \"arn:aws:iam::123456789012:role/MyRoleName\"\n }), \", or \", _jsx(_components.code, {\n children: \"arn:aws:iam::123456789012:*\"\n }), \". Using a wildcard in this case allows any IAM principal in the account \", _jsx(_components.code, {\n children: \"123456789012\"\n }), \" to authenticate with Infisical under the identity.\"]\n }), \"\\n\", _jsx(_components.li, {\n children: \"Allowed Account IDs: A comma-separated list of trusted AWS account IDs that are allowed to authenticate with Infisical.\"\n }), \"\\n\", _jsxs(_components.li, {\n children: [\"STS Endpoint (default is \", _jsx(_components.code, {\n children: \"https://sts.amazonaws.com/\"\n }), \"): The endpoint URL for the AWS STS API. This value should be adjusted based on the AWS region you are operating in (e.g. \", _jsx(_components.code, {\n children: \"https://sts.us-east-1.amazonaws.com/\"\n }), \"); refer to the list of regional STS endpoints \", _jsx(_components.a, {\n href: \"https://docs.aws.amazon.com/general/latest/gr/sts.html\",\n children: \"here\"\n }), \".\"]\n }), \"\\n\", _jsxs(_components.li, {\n children: [\"Access Token TTL (default is \", _jsx(_components.code, {\n children: \"2592000\"\n }), \" equivalent to 30 days): The lifetime for an acccess token in seconds. This value will be referenced at renewal time.\"]\n }), \"\\n\", _jsxs(_components.li, {\n children: [\"Access Token Max TTL (default is \", _jsx(_components.code, {\n children: \"2592000\"\n }), \" equivalent to 30 days): The maximum lifetime for an acccess token in seconds. This value will be referenced at renewal time.\"]\n }), \"\\n\", _jsxs(_components.li, {\n children: [\"Access Token Max Number of Uses (default is \", _jsx(_components.code, {\n children: \"0\"\n }), \"): The maximum number of times that an access token can be used; a value of \", _jsx(_components.code, {\n children: \"0\"\n }), \" implies infinite number of uses.\"]\n }), \"\\n\", _jsxs(_components.li, {\n children: [\"Access Token Trusted IPs: The IPs or CIDR ranges that access tokens can be used from. By default, each token is given the \", _jsx(_components.code, {\n children: \"0.0.0.0/0\"\n }), \", allowing usage from any network address.\"]\n }), \"\\n\"]\n })]\n }), _jsxs(Step, {\n title: \"Adding an identity to a project\",\n children: [_jsx(_components.p, {\n children: \"To enable the identity to access project-level resources such as secrets within a specific project, you should add it to that project.\"\n }), _jsxs(_components.p, {\n children: [\"To do this, head over to the project you want to add the identity to and go to Project Settings \u003e Access Control \u003e Machine Identities and press \", _jsx(_components.strong, {\n children: \"Add identity\"\n }), \".\"]\n }), _jsx(_components.p, {\n children: \"Next, select the identity you want to add to the project and the project level role you want to allow it to assume. The project role assigned will determine what project level resources this identity can have access to.\"\n }), _jsx(_components.p, {\n children: _jsx(_components.img, {\n src: \"https://mintlify.s3.us-west-1.amazonaws.com/infisical/images/platform/identities/identities-project.png\",\n alt: \"identities project\"\n })\n }), _jsx(_components.p, {\n children: _jsx(_components.img, {\n src: \"https://mintlify.s3.us-west-1.amazonaws.com/infisical/images/platform/identities/identities-project-create.png\",\n alt: \"identities project create\"\n })\n })]\n }), _jsxs(Step, {\n title: \"Accessing the Infisical API with the identity\",\n children: [_jsxs(_components.p, {\n children: [\"To access the Infisical API as the identity, you need to construct a signed \", _jsx(_components.code, {\n children: \"GetCallerIdentity\"\n }), \" query using the \", _jsx(_components.a, {\n href: \"https://docs.aws.amazon.com/IAM/latest/UserGuide/create-signed-request.html\",\n children: \"AWS Signature v4 algorithm\"\n }), \" and make a request to the \", _jsx(_components.code, {\n children: \"/api/v1/auth/aws-auth/login\"\n }), \" endpoint containing the query data\\nin exchange for an access token.\"]\n }), _jsxs(_components.p, {\n children: [\"We provide a few code examples below of how you can authenticate with Infisical from inside a Lambda function, EC2 instance, etc. and obtain an access token to access the \", _jsx(_components.a, {\n href: \"/api-reference/overview/introduction\",\n children: \"Infisical API\"\n }), \".\"]\n }), _jsxs(AccordionGroup, {\n children: [_jsxs(Accordion, {\n title: \"Sample code for inside a Lambda function\",\n children: [_jsx(_components.p, {\n children: \"The following query construction is an example of how you can authenticate with Infisical from inside a Lambda function.\"\n }), _jsx(_components.p, {\n children: \"The shown example uses Node.js but you can use other languages supported by AWS Lambda.\"\n }), _jsx(CodeBlock, {\n filename: \"\",\n expandable: \"false\",\n children: _jsx(_components.pre, {\n className: \"language-javascript\",\n children: _jsxs(_components.code, {\n className: \"language-javascript\",\n children: [_jsxs(_components.span, {\n className: \"\",\n children: [_jsx(_components.span, {\n className: \"token keyword module\",\n children: \"import\"\n }), \" \", _jsx(_components.span, {\n className: \"token constant\",\n children: \"AWS\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword module\",\n children: \"from\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"aws-sdk\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [_jsx(_components.span, {\n className: \"token keyword module\",\n children: \"import\"\n }), \" \", _jsx(_components.span, {\n className: \"token imports\",\n children: \"axios\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword module\",\n children: \"from\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"axios\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [_jsx(_components.span, {\n className: \"token keyword module\",\n children: \"export\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" \", _jsx(_components.span, {\n className: \"token function-variable function\",\n children: \"handler\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"async\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsxs(_components.span, {\n className: \"token parameter\",\n children: [\"event\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n }), \" context\"]\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), \" \", _jsx(_components.span, {\n className: \"token arrow operator\",\n children: \"=\u003e\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword control-flow\",\n children: \"try\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" region \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" process\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"env\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token constant\",\n children: \"AWS_REGION\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token constant\",\n children: \"AWS\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"config\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"update\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n }), \" region \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" iamRequestURL \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsxs(_components.span, {\n className: \"token template-string\",\n children: [_jsx(_components.span, {\n className: \"token template-punctuation string\",\n children: \"`\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"https://sts.\"\n }), _jsxs(_components.span, {\n className: \"token interpolation\",\n children: [_jsx(_components.span, {\n className: \"token interpolation-punctuation punctuation\",\n children: \"${\"\n }), \"region\", _jsx(_components.span, {\n className: \"token interpolation-punctuation punctuation\",\n children: \"}\"\n })]\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \".amazonaws.com/\"\n }), _jsx(_components.span, {\n className: \"token template-punctuation string\",\n children: \"`\"\n })]\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" iamRequestBody \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"Action=GetCallerIdentity\u0026Version=2011-06-15\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" iamRequestHeaders \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token string-property property\",\n children: \"\\\"Content-Type\\\"\"\n }), _jsx(_components.span, {\n className: \"token operator\",\n children: \":\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"application/x-www-form-urlencoded; charset=utf-8\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token literal-property property\",\n children: \"Host\"\n }), _jsx(_components.span, {\n className: \"token operator\",\n children: \":\"\n }), \" \", _jsxs(_components.span, {\n className: \"token template-string\",\n children: [_jsx(_components.span, {\n className: \"token template-punctuation string\",\n children: \"`\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"sts.\"\n }), _jsxs(_components.span, {\n className: \"token interpolation\",\n children: [_jsx(_components.span, {\n className: \"token interpolation-punctuation punctuation\",\n children: \"${\"\n }), \"region\", _jsx(_components.span, {\n className: \"token interpolation-punctuation punctuation\",\n children: \"}\"\n })]\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \".amazonaws.com\"\n }), _jsx(_components.span, {\n className: \"token template-punctuation string\",\n children: \"`\"\n })]\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token comment\",\n children: \"// Create the request\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" request \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"new\"\n }), \" \", _jsxs(_components.span, {\n className: \"token class-name\",\n children: [\"AWS\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), \"HttpRequest\"]\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"iamRequestURL\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n }), \" region\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" request\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"method\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"POST\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" request\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"headers\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" iamRequestHeaders\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" request\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"headers\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"[\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"X-Amz-Date\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"]\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token constant\",\n children: \"AWS\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"util\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"date\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"iso8601\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token keyword\",\n children: \"new\"\n }), \" \", _jsx(_components.span, {\n className: \"token class-name\",\n children: \"Date\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"replace\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsxs(_components.span, {\n className: \"token regex\",\n children: [_jsx(_components.span, {\n className: \"token regex-delimiter\",\n children: \"/\"\n }), _jsxs(_components.span, {\n className: \"token regex-source language-regex\",\n children: [_jsxs(_components.span, {\n className: \"token char-class\",\n children: [_jsx(_components.span, {\n className: \"token char-class-punctuation punctuation\",\n children: \"[\"\n }), \":-\", _jsx(_components.span, {\n className: \"token char-class-punctuation punctuation\",\n children: \"]\"\n })]\n }), _jsx(_components.span, {\n className: \"token alternation keyword\",\n children: \"|\"\n }), _jsx(_components.span, {\n className: \"token special-escape escape\",\n children: \"\\\\.\"\n }), _jsx(_components.span, {\n className: \"token char-set class-name\",\n children: \"\\\\d\"\n }), _jsx(_components.span, {\n className: \"token quantifier number\",\n children: \"{3}\"\n })]\n }), _jsx(_components.span, {\n className: \"token regex-delimiter\",\n children: \"/\"\n }), _jsx(_components.span, {\n className: \"token regex-flags\",\n children: \"g\"\n })]\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" request\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"body\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" iamRequestBody\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" request\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"headers\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"[\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"Content-Length\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"]\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token maybe-class-name\",\n children: \"Buffer\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"byteLength\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"iamRequestBody\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"toString\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token comment\",\n children: \"// Sign the request\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" signer \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"new\"\n }), \" \", _jsxs(_components.span, {\n className: \"token class-name\",\n children: [\"AWS\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), \"Signers\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), \"V4\"]\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"request\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"sts\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" signer\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"addAuthorization\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token constant\",\n children: \"AWS\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"config\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"credentials\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"new\"\n }), \" \", _jsx(_components.span, {\n className: \"token class-name\",\n children: \"Date\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" infisicalUrl \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"https://app.infisical.com\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n }), \" \", _jsx(_components.span, {\n className: \"token comment\",\n children: \"// or your self-hosted Infisical URL\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" identityId \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"\u003cyour-identity-id\u003e\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n }), \" data \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword control-flow\",\n children: \"await\"\n }), \" axios\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"post\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsxs(_components.span, {\n className: \"token template-string\",\n children: [_jsx(_components.span, {\n className: \"token template-punctuation string\",\n children: \"`\"\n }), _jsxs(_components.span, {\n className: \"token interpolation\",\n children: [_jsx(_components.span, {\n className: \"token interpolation-punctuation punctuation\",\n children: \"${\"\n }), \"infisicalUrl\", _jsx(_components.span, {\n className: \"token interpolation-punctuation punctuation\",\n children: \"}\"\n })]\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"/api/v1/auth/aws-auth/login\"\n }), _jsx(_components.span, {\n className: \"token template-punctuation string\",\n children: \"`\"\n })]\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" identityId\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token literal-property property\",\n children: \"iamHttpRequestMethod\"\n }), _jsx(_components.span, {\n className: \"token operator\",\n children: \":\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"POST\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token literal-property property\",\n children: \"iamRequestUrl\"\n }), _jsx(_components.span, {\n className: \"token operator\",\n children: \":\"\n }), \" \", _jsx(_components.span, {\n className: \"token maybe-class-name\",\n children: \"Buffer\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token keyword module\",\n children: \"from\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"iamRequestURL\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"toString\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"base64\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token literal-property property\",\n children: \"iamRequestBody\"\n }), _jsx(_components.span, {\n className: \"token operator\",\n children: \":\"\n }), \" \", _jsx(_components.span, {\n className: \"token maybe-class-name\",\n children: \"Buffer\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token keyword module\",\n children: \"from\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"iamRequestBody\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"toString\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"base64\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token literal-property property\",\n children: \"iamRequestHeaders\"\n }), _jsx(_components.span, {\n className: \"token operator\",\n children: \":\"\n }), \" \", _jsx(_components.span, {\n className: \"token maybe-class-name\",\n children: \"Buffer\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token keyword module\",\n children: \"from\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token known-class-name class-name\",\n children: \"JSON\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"stringify\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"iamRequestHeaders\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"toString\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"base64\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token console class-name\",\n children: \"console\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"log\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"result data: \\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n }), \" data\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n }), \" \", _jsx(_components.span, {\n className: \"token comment\",\n children: \"// access token here\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword control-flow\",\n children: \"catch\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"err\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token console class-name\",\n children: \"console\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"error\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"err\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [_jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\"]\n })\n })\n })]\n }), _jsxs(Accordion, {\n title: \"Sample code for inside an EC2 instance\",\n children: [_jsx(_components.p, {\n children: \"The following query construction is an example of how you can authenticate with Infisical from inside a EC2 instance.\"\n }), _jsx(_components.p, {\n children: \"The shown example uses Node.js but you can use other language you wish.\"\n }), _jsx(CodeBlock, {\n filename: \"\",\n expandable: \"false\",\n children: _jsx(_components.pre, {\n className: \"language-javascript\",\n children: _jsxs(_components.code, {\n className: \"language-javascript\",\n children: [_jsxs(_components.span, {\n className: \"\",\n children: [_jsx(_components.span, {\n className: \"token keyword module\",\n children: \"import\"\n }), \" \", _jsx(_components.span, {\n className: \"token constant\",\n children: \"AWS\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword module\",\n children: \"from\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"aws-sdk\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [_jsx(_components.span, {\n className: \"token keyword module\",\n children: \"import\"\n }), \" \", _jsx(_components.span, {\n className: \"token imports\",\n children: \"axios\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword module\",\n children: \"from\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"axios\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [_jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" \", _jsx(_components.span, {\n className: \"token function-variable function\",\n children: \"main\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"async\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), \" \", _jsx(_components.span, {\n className: \"token arrow operator\",\n children: \"=\u003e\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword control-flow\",\n children: \"try\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token comment\",\n children: \"// obtain region from EC2 instance metadata\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" tokenResponse \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword control-flow\",\n children: \"await\"\n }), \" axios\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"put\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"http://169.254.169.254/latest/api/token\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword null nil\",\n children: \"null\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token literal-property property\",\n children: \"headers\"\n }), _jsx(_components.span, {\n className: \"token operator\",\n children: \":\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token string-property property\",\n children: \"\\\"X-aws-ec2-metadata-token-ttl-seconds\\\"\"\n }), _jsx(_components.span, {\n className: \"token operator\",\n children: \":\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"21600\\\"\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" url \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"http://169.254.169.254/latest/dynamic/instance-identity/document\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" response \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword control-flow\",\n children: \"await\"\n }), \" axios\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"get\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"url\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token literal-property property\",\n children: \"headers\"\n }), _jsx(_components.span, {\n className: \"token operator\",\n children: \":\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token string-property property\",\n children: \"\\\"X-aws-ec2-metadata-token\\\"\"\n }), _jsx(_components.span, {\n className: \"token operator\",\n children: \":\"\n }), \" tokenResponse\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"data\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" region \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" response\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"data\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"region\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token constant\",\n children: \"AWS\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"config\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"update\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n })]\n }), \"\\n\", _jsx(_components.span, {\n className: \"\",\n children: \" region\"\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" iamRequestURL \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsxs(_components.span, {\n className: \"token template-string\",\n children: [_jsx(_components.span, {\n className: \"token template-punctuation string\",\n children: \"`\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"https://sts.\"\n }), _jsxs(_components.span, {\n className: \"token interpolation\",\n children: [_jsx(_components.span, {\n className: \"token interpolation-punctuation punctuation\",\n children: \"${\"\n }), \"region\", _jsx(_components.span, {\n className: \"token interpolation-punctuation punctuation\",\n children: \"}\"\n })]\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \".amazonaws.com/\"\n }), _jsx(_components.span, {\n className: \"token template-punctuation string\",\n children: \"`\"\n })]\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" iamRequestBody \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"Action=GetCallerIdentity\u0026Version=2011-06-15\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" iamRequestHeaders \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token string-property property\",\n children: \"\\\"Content-Type\\\"\"\n }), _jsx(_components.span, {\n className: \"token operator\",\n children: \":\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"application/x-www-form-urlencoded; charset=utf-8\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token literal-property property\",\n children: \"Host\"\n }), _jsx(_components.span, {\n className: \"token operator\",\n children: \":\"\n }), \" \", _jsxs(_components.span, {\n className: \"token template-string\",\n children: [_jsx(_components.span, {\n className: \"token template-punctuation string\",\n children: \"`\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"sts.\"\n }), _jsxs(_components.span, {\n className: \"token interpolation\",\n children: [_jsx(_components.span, {\n className: \"token interpolation-punctuation punctuation\",\n children: \"${\"\n }), \"region\", _jsx(_components.span, {\n className: \"token interpolation-punctuation punctuation\",\n children: \"}\"\n })]\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \".amazonaws.com\"\n }), _jsx(_components.span, {\n className: \"token template-punctuation string\",\n children: \"`\"\n })]\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" request \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"new\"\n }), \" \", _jsxs(_components.span, {\n className: \"token class-name\",\n children: [\"AWS\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), \"HttpRequest\"]\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token keyword\",\n children: \"new\"\n }), \" \", _jsxs(_components.span, {\n className: \"token class-name\",\n children: [\"AWS\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), \"Endpoint\"]\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"iamRequestURL\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n }), \" \", _jsx(_components.span, {\n className: \"token constant\",\n children: \"AWS\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"config\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"region\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" request\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"method\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"POST\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" request\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"headers\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" iamRequestHeaders\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" request\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"headers\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"[\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"X-Amz-Date\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"]\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token constant\",\n children: \"AWS\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"util\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"date\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"iso8601\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token keyword\",\n children: \"new\"\n }), \" \", _jsx(_components.span, {\n className: \"token class-name\",\n children: \"Date\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"replace\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsxs(_components.span, {\n className: \"token regex\",\n children: [_jsx(_components.span, {\n className: \"token regex-delimiter\",\n children: \"/\"\n }), _jsxs(_components.span, {\n className: \"token regex-source language-regex\",\n children: [_jsxs(_components.span, {\n className: \"token char-class\",\n children: [_jsx(_components.span, {\n className: \"token char-class-punctuation punctuation\",\n children: \"[\"\n }), \":-\", _jsx(_components.span, {\n className: \"token char-class-punctuation punctuation\",\n children: \"]\"\n })]\n }), _jsx(_components.span, {\n className: \"token alternation keyword\",\n children: \"|\"\n }), _jsx(_components.span, {\n className: \"token special-escape escape\",\n children: \"\\\\.\"\n }), _jsx(_components.span, {\n className: \"token char-set class-name\",\n children: \"\\\\d\"\n }), _jsx(_components.span, {\n className: \"token quantifier number\",\n children: \"{3}\"\n })]\n }), _jsx(_components.span, {\n className: \"token regex-delimiter\",\n children: \"/\"\n }), _jsx(_components.span, {\n className: \"token regex-flags\",\n children: \"g\"\n })]\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" request\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"body\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" iamRequestBody\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" request\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"headers\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"[\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"Content-Length\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"]\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token maybe-class-name\",\n children: \"Buffer\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"byteLength\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"iamRequestBody\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" signer \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"new\"\n }), \" \", _jsxs(_components.span, {\n className: \"token class-name\",\n children: [\"AWS\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), \"Signers\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), \"V4\"]\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"request\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"sts\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" signer\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"addAuthorization\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token constant\",\n children: \"AWS\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"config\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"credentials\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"new\"\n }), \" \", _jsx(_components.span, {\n className: \"token class-name\",\n children: \"Date\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" infisicalUrl \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"https://app.infisical.com\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n }), \" \", _jsx(_components.span, {\n className: \"token comment\",\n children: \"// or your self-hosted Infisical URL\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" identityId \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"\u003cyour-identity-id\u003e\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n }), \" data \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword control-flow\",\n children: \"await\"\n }), \" axios\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"post\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsxs(_components.span, {\n className: \"token template-string\",\n children: [_jsx(_components.span, {\n className: \"token template-punctuation string\",\n children: \"`\"\n }), _jsxs(_components.span, {\n className: \"token interpolation\",\n children: [_jsx(_components.span, {\n className: \"token interpolation-punctuation punctuation\",\n children: \"${\"\n }), \"infisicalUrl\", _jsx(_components.span, {\n className: \"token interpolation-punctuation punctuation\",\n children: \"}\"\n })]\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"/api/v1/auth/aws-auth/login\"\n }), _jsx(_components.span, {\n className: \"token template-punctuation string\",\n children: \"`\"\n })]\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" identityId\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token literal-property property\",\n children: \"iamHttpRequestMethod\"\n }), _jsx(_components.span, {\n className: \"token operator\",\n children: \":\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"POST\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token literal-property property\",\n children: \"iamRequestUrl\"\n }), _jsx(_components.span, {\n className: \"token operator\",\n children: \":\"\n }), \" \", _jsx(_components.span, {\n className: \"token maybe-class-name\",\n children: \"Buffer\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token keyword module\",\n children: \"from\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"iamRequestURL\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"toString\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"base64\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token literal-property property\",\n children: \"iamRequestBody\"\n }), _jsx(_components.span, {\n className: \"token operator\",\n children: \":\"\n }), \" \", _jsx(_components.span, {\n className: \"token maybe-class-name\",\n children: \"Buffer\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token keyword module\",\n children: \"from\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"iamRequestBody\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"toString\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"base64\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token literal-property property\",\n children: \"iamRequestHeaders\"\n }), _jsx(_components.span, {\n className: \"token operator\",\n children: \":\"\n }), \" \", _jsx(_components.span, {\n className: \"token maybe-class-name\",\n children: \"Buffer\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token keyword module\",\n children: \"from\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token known-class-name class-name\",\n children: \"JSON\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"stringify\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"iamRequestHeaders\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"toString\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"base64\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token console class-name\",\n children: \"console\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"log\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"result data: \\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n }), \" data\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n }), \" \", _jsx(_components.span, {\n className: \"token comment\",\n children: \"// access token here\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword control-flow\",\n children: \"catch\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"err\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token console class-name\",\n children: \"console\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"error\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"err\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n })]\n }), \"\\n\", _jsx(_components.span, {\n className: \"\",\n children: _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n })\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [_jsx(_components.span, {\n className: \"token function\",\n children: \"main\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\"]\n })\n })\n })]\n }), _jsxs(Accordion, {\n title: \"Sample code for general query construction\",\n children: [_jsxs(_components.p, {\n children: [\"The following query construction provides a generic example of how you can construct a signed \", _jsx(_components.code, {\n children: \"GetCallerIdentity\"\n }), \" query and obtain the required payload components.\"]\n }), _jsx(_components.p, {\n children: \"The shown example uses Node.js but you can use any language you wish.\"\n }), _jsx(CodeBlock, {\n filename: \"\",\n expandable: \"false\",\n children: _jsx(_components.pre, {\n className: \"language-javascript\",\n children: _jsxs(_components.code, {\n className: \"language-javascript\",\n children: [_jsxs(_components.span, {\n className: \"\",\n children: [_jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" \", _jsx(_components.span, {\n className: \"token constant\",\n children: \"AWS\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token function\",\n children: \"require\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"aws-sdk\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [_jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" region \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"\u003cyour-aws-region\u003e\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [_jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" infisicalUrl \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"https://app.infisical.com\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n }), \" \", _jsx(_components.span, {\n className: \"token comment\",\n children: \"// or your self-hosted Infisical URL\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [_jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" iamRequestURL \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsxs(_components.span, {\n className: \"token template-string\",\n children: [_jsx(_components.span, {\n className: \"token template-punctuation string\",\n children: \"`\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"https://sts.\"\n }), _jsxs(_components.span, {\n className: \"token interpolation\",\n children: [_jsx(_components.span, {\n className: \"token interpolation-punctuation punctuation\",\n children: \"${\"\n }), \"region\", _jsx(_components.span, {\n className: \"token interpolation-punctuation punctuation\",\n children: \"}\"\n })]\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \".amazonaws.com/\"\n }), _jsx(_components.span, {\n className: \"token template-punctuation string\",\n children: \"`\"\n })]\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [_jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" iamRequestBody \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"Action=GetCallerIdentity\u0026Version=2011-06-15\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [_jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" iamRequestHeaders \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token string-property property\",\n children: \"\\\"Content-Type\\\"\"\n }), _jsx(_components.span, {\n className: \"token operator\",\n children: \":\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"application/x-www-form-urlencoded; charset=utf-8\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token literal-property property\",\n children: \"Host\"\n }), _jsx(_components.span, {\n className: \"token operator\",\n children: \":\"\n }), \" \", _jsxs(_components.span, {\n className: \"token template-string\",\n children: [_jsx(_components.span, {\n className: \"token template-punctuation string\",\n children: \"`\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"sts.\"\n }), _jsxs(_components.span, {\n className: \"token interpolation\",\n children: [_jsx(_components.span, {\n className: \"token interpolation-punctuation punctuation\",\n children: \"${\"\n }), \"region\", _jsx(_components.span, {\n className: \"token interpolation-punctuation punctuation\",\n children: \"}\"\n })]\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \".amazonaws.com\"\n }), _jsx(_components.span, {\n className: \"token template-punctuation string\",\n children: \"`\"\n })]\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [_jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [_jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" request \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"new\"\n }), \" \", _jsxs(_components.span, {\n className: \"token class-name\",\n children: [\"AWS\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), \"HttpRequest\"]\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token keyword\",\n children: \"new\"\n }), \" \", _jsxs(_components.span, {\n className: \"token class-name\",\n children: [\"AWS\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), \"Endpoint\"]\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"iamRequestURL\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n }), \" region\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\"request\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"method\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"POST\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\"request\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"headers\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" iamRequestHeaders\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\"request\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"headers\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"[\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"X-Amz-Date\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"]\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token constant\",\n children: \"AWS\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"util\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"date\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"iso8601\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token keyword\",\n children: \"new\"\n }), \" \", _jsx(_components.span, {\n className: \"token class-name\",\n children: \"Date\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"replace\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsxs(_components.span, {\n className: \"token regex\",\n children: [_jsx(_components.span, {\n className: \"token regex-delimiter\",\n children: \"/\"\n }), _jsxs(_components.span, {\n className: \"token regex-source language-regex\",\n children: [_jsxs(_components.span, {\n className: \"token char-class\",\n children: [_jsx(_components.span, {\n className: \"token char-class-punctuation punctuation\",\n children: \"[\"\n }), \":-\", _jsx(_components.span, {\n className: \"token char-class-punctuation punctuation\",\n children: \"]\"\n })]\n }), _jsx(_components.span, {\n className: \"token alternation keyword\",\n children: \"|\"\n }), _jsx(_components.span, {\n className: \"token special-escape escape\",\n children: \"\\\\.\"\n }), _jsx(_components.span, {\n className: \"token char-set class-name\",\n children: \"\\\\d\"\n }), _jsx(_components.span, {\n className: \"token quantifier number\",\n children: \"{3}\"\n })]\n }), _jsx(_components.span, {\n className: \"token regex-delimiter\",\n children: \"/\"\n }), _jsx(_components.span, {\n className: \"token regex-flags\",\n children: \"g\"\n })]\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\"request\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"body\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" iamRequestBody\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\"request\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"headers\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"[\"\n }), _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"Content-Length\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"]\"\n }), \" \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token maybe-class-name\",\n children: \"Buffer\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"byteLength\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"iamRequestBody\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [_jsx(_components.span, {\n className: \"token keyword\",\n children: \"const\"\n }), \" signer \", _jsx(_components.span, {\n className: \"token operator\",\n children: \"=\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"new\"\n }), \" \", _jsxs(_components.span, {\n className: \"token class-name\",\n children: [\"AWS\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), \"Signers\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), \"V4\"]\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), \"request\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"sts\\\"\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\"signer\", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token method function property-access\",\n children: \"addAuthorization\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token constant\",\n children: \"AWS\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"config\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \".\"\n }), _jsx(_components.span, {\n className: \"token property-access\",\n children: \"credentials\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \",\"\n }), \" \", _jsx(_components.span, {\n className: \"token keyword\",\n children: \"new\"\n }), \" \", _jsx(_components.span, {\n className: \"token class-name\",\n children: \"Date\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"(\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \")\"\n }), _jsx(_components.span, {\n className: \"token punctuation\",\n children: \";\"\n })]\n }), \"\\n\"]\n })\n })\n }), _jsx(_components.h4, {\n children: \"Sample request\"\n }), _jsx(CodeBlock, {\n filename: \"Request\",\n expandable: \"false\",\n children: _jsx(_components.pre, {\n className: \"language-bash\",\n children: _jsxs(_components.code, {\n className: \"language-bash\",\n children: [_jsxs(_components.span, {\n className: \"\",\n children: [_jsx(_components.span, {\n className: \"token function\",\n children: \"curl\"\n }), \" \", _jsx(_components.span, {\n className: \"token parameter variable\",\n children: \"--location\"\n }), \" \", _jsx(_components.span, {\n className: \"token parameter variable\",\n children: \"--request\"\n }), \" POST \", _jsx(_components.span, {\n className: \"token string\",\n children: \"'https://app.infisical.com/api/v1/auth/aws-auth/login'\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"\\\\\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token parameter variable\",\n children: \"--header\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"'Content-Type: application/x-www-form-urlencoded'\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"\\\\\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" --data-urlencode \", _jsx(_components.span, {\n className: \"token string\",\n children: \"'identityId=...'\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"\\\\\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" --data-urlencode \", _jsx(_components.span, {\n className: \"token string\",\n children: \"'iamHttpRequestMethod=...'\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"\\\\\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" --data-urlencode \", _jsx(_components.span, {\n className: \"token string\",\n children: \"'iamRequestBody=...'\"\n }), \" \", _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"\\\\\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" --data-urlencode \", _jsx(_components.span, {\n className: \"token string\",\n children: \"'iamRequestHeaders=...'\"\n })]\n }), \"\\n\"]\n })\n })\n }), _jsx(Note, {\n children: _jsxs(_components.p, {\n children: [\"Note that you should replace \", _jsx(_components.code, {\n children: \"\u003cidentityId\u003e\"\n }), \" with the ID of the identity you created in step 1.\"]\n })\n }), _jsx(_components.h4, {\n children: \"Sample response\"\n }), _jsx(CodeBlock, {\n filename: \"Response\",\n expandable: \"false\",\n children: _jsx(_components.pre, {\n className: \"language-bash\",\n children: _jsxs(_components.code, {\n className: \"language-bash\",\n children: [_jsx(_components.span, {\n className: \"\",\n children: _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"{\"\n })\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"accessToken\\\"\"\n }), _jsx(_components.span, {\n className: \"token builtin class-name\",\n children: \":\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"...\\\"\"\n }), \",\"]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"expiresIn\\\"\"\n }), _jsx(_components.span, {\n className: \"token builtin class-name\",\n children: \":\"\n }), \" \", _jsx(_components.span, {\n className: \"token number\",\n children: \"7200\"\n }), \",\"]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"accessTokenMaxTTL\\\"\"\n }), _jsx(_components.span, {\n className: \"token builtin class-name\",\n children: \":\"\n }), \" \", _jsx(_components.span, {\n className: \"token number\",\n children: \"43244\"\n })]\n }), \"\\n\", _jsxs(_components.span, {\n className: \"\",\n children: [\" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"tokenType\\\"\"\n }), _jsx(_components.span, {\n className: \"token builtin class-name\",\n children: \":\"\n }), \" \", _jsx(_components.span, {\n className: \"token string\",\n children: \"\\\"Bearer\\\"\"\n })]\n }), \"\\n\", _jsx(_components.span, {\n className: \"\",\n children: _jsx(_components.span, {\n className: \"token punctuation\",\n children: \"}\"\n })\n }), \"\\n\"]\n })\n })\n }), _jsxs(_components.p, {\n children: [\"Next, you can use the access token to access the \", _jsx(_components.a, {\n href: \"/api-reference/overview/introduction\",\n children: \"Infisical API\"\n })]\n })]\n })]\n }), _jsx(Tip, {\n children: _jsxs(_components.p, {\n children: [\"We recommend using one of Infisical’s clients like SDKs or the Infisical Agent to authenticate with Infisical using AWS Auth as they handle the authentication process including the signed \", _jsx(_components.code, {\n children: \"GetCallerIdentity\"\n }), \" query construction for you.\"]\n })\n }), _jsxs(Note, {\n children: [_jsxs(_components.p, {\n children: [\"Each identity access token has a time-to-live (TLL) which you can infer from the response of the login operation;\\nthe default TTL is \", _jsx(_components.code, {\n children: \"7200\"\n }), \" seconds which can be adjusted.\"]\n }), _jsx(_components.p, {\n children: \"If an identity access token expires, it can no longer authenticate with the Infisical API. In this case,\\na new access token should be obtained by performing another login operation.\"\n })]\n })]\n })]\n })]\n });\n}\nfunction MDXContent(props = {}) {\n const {wrapper: MDXLayout} = {\n ..._provideComponents(),\n ...props.components\n };\n return MDXLayout ? _jsx(MDXLayout, {\n ...props,\n children: _jsx(_createMdxContent, {\n ...props\n })\n }) : _createMdxContent(props);\n}\nreturn {\n default: MDXContent\n};\nfunction _missingMdxReference(id, component) {\n throw new Error(\"Expected \" + (component ? \"component\" : \"object\") + \" `\" + id + \"` to be defined: you likely forgot to import, pass, or provide it.\");\n}\n","frontmatter":{},"scope":{"config":{"$schema":"https://mintlify.com/docs.json","theme":"mint","name":"Infisical","colors":{"primary":"#26272b","light":"#97b31d","dark":"#A1B659"},"favicon":"/favicon.png","navigation":{"tabs":[{"tab":"Documentation","groups":[{"group":"Getting Started","pages":["documentation/getting-started/introduction",{"group":"Quickstart","pages":["documentation/guides/local-development"]},{"group":"Guides","pages":["documentation/guides/introduction","documentation/guides/node","documentation/guides/python","documentation/guides/nextjs-vercel","documentation/guides/microsoft-power-apps","documentation/guides/organization-structure"]}]},{"group":"Platform","pages":["documentation/platform/organization","documentation/platform/project","documentation/platform/folder",{"group":"Secrets","pages":["documentation/platform/secret-versioning","documentation/platform/pit-recovery","documentation/platform/secret-reference","documentation/platform/webhooks"]},{"group":"Internal PKI","pages":["documentation/platform/pki/overview","documentation/platform/pki/private-ca","documentation/platform/pki/certificates","documentation/platform/pki/pki-issuer","documentation/platform/pki/est","documentation/platform/pki/alerting"]},"documentation/platform/ssh",{"group":"Key Management (KMS)","pages":["documentation/platform/kms/overview","documentation/platform/kms/hsm-integration","documentation/platform/kms/kubernetes-encryption"]},{"group":"KMS Configuration","pages":["documentation/platform/kms-configuration/overview","documentation/platform/kms-configuration/aws-kms","documentation/platform/kms-configuration/aws-hsm","documentation/platform/kms-configuration/gcp-kms"]},{"group":"Identities","pages":["documentation/platform/identities/overview","documentation/platform/identities/user-identities","documentation/platform/identities/machine-identities"]},{"group":"Access Control","pages":["documentation/platform/access-controls/overview","documentation/platform/access-controls/role-based-access-controls","documentation/platform/access-controls/attribute-based-access-controls","documentation/platform/access-controls/additional-privileges","documentation/platform/access-controls/temporary-access","documentation/platform/access-controls/access-requests","documentation/platform/pr-workflows","documentation/platform/groups"]},{"group":"Audit Logs","pages":["documentation/platform/audit-logs","documentation/platform/audit-log-streams/audit-log-streams","documentation/platform/audit-log-streams/audit-log-streams-with-fluentbit"]},{"group":"Secret Rotation","pages":["documentation/platform/secret-rotation/overview","documentation/platform/secret-rotation/sendgrid","documentation/platform/secret-rotation/postgres","documentation/platform/secret-rotation/mysql","documentation/platform/secret-rotation/mssql","documentation/platform/secret-rotation/aws-iam"]},{"group":"Dynamic Secrets","pages":["documentation/platform/dynamic-secrets/overview","documentation/platform/dynamic-secrets/postgresql","documentation/platform/dynamic-secrets/mysql","documentation/platform/dynamic-secrets/mssql","documentation/platform/dynamic-secrets/oracle","documentation/platform/dynamic-secrets/cassandra","documentation/platform/dynamic-secrets/redis","documentation/platform/dynamic-secrets/aws-elasticache","documentation/platform/dynamic-secrets/elastic-search","documentation/platform/dynamic-secrets/rabbit-mq","documentation/platform/dynamic-secrets/aws-iam","documentation/platform/dynamic-secrets/mongo-atlas","documentation/platform/dynamic-secrets/mongo-db","documentation/platform/dynamic-secrets/azure-entra-id","documentation/platform/dynamic-secrets/ldap","documentation/platform/dynamic-secrets/sap-ase","documentation/platform/dynamic-secrets/sap-hana","documentation/platform/dynamic-secrets/snowflake","documentation/platform/dynamic-secrets/totp"]},"documentation/platform/project-templates",{"group":"Workflow Integrations","pages":["documentation/platform/workflow-integrations/slack-integration"]},{"group":"Admin Consoles","pages":["documentation/platform/admin-panel/overview","documentation/platform/admin-panel/server-admin","documentation/platform/admin-panel/org-admin-console"]},"documentation/platform/secret-sharing"]},{"group":"Authentication Methods","pages":["documentation/platform/auth-methods/email-password","documentation/platform/token","documentation/platform/identities/token-auth","documentation/platform/identities/universal-auth","documentation/platform/identities/kubernetes-auth","documentation/platform/identities/gcp-auth","documentation/platform/identities/azure-auth","documentation/platform/identities/aws-auth","documentation/platform/identities/jwt-auth",{"group":"OIDC Auth","pages":["documentation/platform/identities/oidc-auth/general","documentation/platform/identities/oidc-auth/github","documentation/platform/identities/oidc-auth/circleci","documentation/platform/identities/oidc-auth/gitlab"]},"documentation/platform/mfa",{"group":"SSO","pages":["documentation/platform/sso/overview","documentation/platform/sso/google","documentation/platform/sso/github","documentation/platform/sso/gitlab","documentation/platform/sso/okta","documentation/platform/sso/azure","documentation/platform/sso/jumpcloud","documentation/platform/sso/keycloak-saml","documentation/platform/sso/google-saml","documentation/platform/sso/auth0-saml",{"group":"Keycloak OIDC","pages":["documentation/platform/sso/keycloak-oidc/overview","documentation/platform/sso/keycloak-oidc/group-membership-mapping"]},"documentation/platform/sso/auth0-oidc","documentation/platform/sso/general-oidc"]},{"group":"LDAP","pages":["documentation/platform/ldap/overview","documentation/platform/ldap/jumpcloud","documentation/platform/ldap/general"]},{"group":"SCIM","pages":["documentation/platform/scim/overview","documentation/platform/scim/okta","documentation/platform/scim/azure","documentation/platform/scim/jumpcloud","documentation/platform/scim/group-mappings"]}]},{"group":"Self-host Infisical","pages":["self-hosting/overview",{"group":"Installation methods","pages":["self-hosting/deployment-options/standalone-infisical","self-hosting/deployment-options/docker-swarm","self-hosting/deployment-options/docker-compose","self-hosting/deployment-options/kubernetes-helm"]},"self-hosting/guides/upgrading-infisical","self-hosting/configuration/envars","self-hosting/configuration/requirements",{"group":"Guides","pages":["self-hosting/guides/mongo-to-postgres","self-hosting/guides/custom-certificates"]},{"group":"Reference architectures","pages":["self-hosting/reference-architectures/aws-ecs","self-hosting/reference-architectures/linux-deployment-ha","self-hosting/reference-architectures/on-prem-k8s-ha"]},"self-hosting/ee","self-hosting/faq"]},{"group":"Internals","pages":["internals/overview","internals/permissions","internals/components","internals/security","internals/service-tokens"]},{"group":"Contributing","pages":[{"group":"Getting Started","pages":["contributing/getting-started/overview","contributing/getting-started/code-of-conduct","contributing/getting-started/pull-requests","contributing/getting-started/faq"]},{"group":"Contributing to platform","pages":["contributing/platform/developing","contributing/platform/backend/how-to-create-a-feature","contributing/platform/backend/folder-structure"]},{"group":"Contributing to SDK","pages":["contributing/sdk/developing"]}]}]},{"tab":"Integrations","groups":[{"group":"Infrastructure Integrations","pages":[{"group":"Container orchestrators","pages":[{"group":"Kubernetes","pages":["integrations/platforms/kubernetes/overview","integrations/platforms/kubernetes/infisical-secret-crd","integrations/platforms/kubernetes/infisical-push-secret-crd","integrations/platforms/kubernetes/infisical-dynamic-secret-crd"]},"integrations/platforms/kubernetes-csi","integrations/platforms/docker-swarm-with-agent","integrations/platforms/ecs-with-agent"]},"integrations/platforms/infisical-agent",{"group":"Docker","pages":["integrations/platforms/docker-intro","integrations/platforms/docker","integrations/platforms/docker-pass-envs","integrations/platforms/docker-compose"]},"integrations/frameworks/terraform","integrations/platforms/ansible"]},{"group":"App Connections","pages":["integrations/app-connections/overview",{"group":"Connections","pages":["integrations/app-connections/aws","integrations/app-connections/azure-app-configuration","integrations/app-connections/azure-key-vault","integrations/app-connections/databricks","integrations/app-connections/gcp","integrations/app-connections/github"]}]},{"group":"Secret Syncs","pages":["integrations/secret-syncs/overview",{"group":"Syncs","pages":["integrations/secret-syncs/aws-parameter-store","integrations/secret-syncs/aws-secrets-manager","integrations/secret-syncs/azure-app-configuration","integrations/secret-syncs/azure-key-vault","integrations/secret-syncs/databricks","integrations/secret-syncs/gcp-secret-manager","integrations/secret-syncs/github"]}]},{"group":"Native Integrations","pages":[{"group":"AWS","pages":["integrations/cloud/aws-parameter-store","integrations/cloud/aws-secret-manager","integrations/cloud/aws-amplify"]},"integrations/cloud/vercel","integrations/cloud/azure-key-vault","integrations/cloud/azure-app-configuration","integrations/cloud/azure-devops","integrations/cloud/gcp-secret-manager",{"group":"Cloudflare","pages":["integrations/cloud/cloudflare-pages","integrations/cloud/cloudflare-workers"]},"integrations/cloud/terraform-cloud","integrations/cloud/databricks",{"group":"View more","pages":["integrations/cloud/digital-ocean-app-platform","integrations/cloud/heroku","integrations/cloud/netlify","integrations/cloud/railway","integrations/cloud/flyio","integrations/cloud/render","integrations/cloud/laravel-forge","integrations/cloud/supabase","integrations/cloud/northflank","integrations/cloud/hasura-cloud","integrations/cloud/qovery","integrations/cloud/hashicorp-vault","integrations/cloud/cloud-66","integrations/cloud/windmill"]}]},{"group":"CI/CD Integrations","pages":["integrations/cicd/jenkins","integrations/cicd/githubactions","integrations/cicd/gitlab","integrations/cicd/bitbucket","integrations/cloud/teamcity",{"group":"View more","pages":["integrations/cicd/circleci","integrations/cicd/travisci","integrations/cicd/rundeck","integrations/cicd/codefresh","integrations/cloud/checkly","integrations/cicd/octopus-deploy"]}]},{"group":"Framework Integrations","pages":["integrations/frameworks/spring-boot-maven","integrations/frameworks/react","integrations/frameworks/vue","integrations/frameworks/express",{"group":"View more","pages":["integrations/frameworks/nextjs","integrations/frameworks/nestjs","integrations/frameworks/sveltekit","integrations/frameworks/nuxt","integrations/frameworks/gatsby","integrations/frameworks/remix","integrations/frameworks/vite","integrations/frameworks/fiber","integrations/frameworks/django","integrations/frameworks/flask","integrations/frameworks/laravel","integrations/frameworks/rails","integrations/frameworks/dotnet","integrations/platforms/pm2"]}]},{"group":"Build Tool Integrations","pages":["integrations/build-tools/gradle"]}]},{"tab":"CLI","groups":[{"group":"Command line","pages":["cli/overview","cli/usage",{"group":"Core commands","pages":["cli/commands/login","cli/commands/init","cli/commands/run","cli/commands/secrets","cli/commands/dynamic-secrets","cli/commands/ssh","cli/commands/export","cli/commands/token","cli/commands/service-token","cli/commands/vault","cli/commands/user","cli/commands/reset",{"group":"infisical scan","pages":["cli/commands/scan","cli/commands/scan-git-changes","cli/commands/scan-install"]}]},"cli/scanning-overview","cli/project-config","cli/faq"]}]},{"tab":"API Reference","groups":[{"group":"Overview","pages":["api-reference/overview/introduction","api-reference/overview/authentication",{"group":"Examples","pages":["api-reference/overview/examples/integration"]}]},{"group":"Endpoints","pages":[{"group":"Identities","pages":["api-reference/endpoints/identities/create","api-reference/endpoints/identities/update","api-reference/endpoints/identities/delete","api-reference/endpoints/identities/get-by-id","api-reference/endpoints/identities/list"]},{"group":"Token Auth","pages":["api-reference/endpoints/token-auth/attach","api-reference/endpoints/token-auth/retrieve","api-reference/endpoints/token-auth/update","api-reference/endpoints/token-auth/revoke","api-reference/endpoints/token-auth/get-tokens","api-reference/endpoints/token-auth/create-token","api-reference/endpoints/token-auth/update-token","api-reference/endpoints/token-auth/revoke-token"]},{"group":"Universal Auth","pages":["api-reference/endpoints/universal-auth/login","api-reference/endpoints/universal-auth/attach","api-reference/endpoints/universal-auth/retrieve","api-reference/endpoints/universal-auth/update","api-reference/endpoints/universal-auth/revoke","api-reference/endpoints/universal-auth/create-client-secret","api-reference/endpoints/universal-auth/list-client-secrets","api-reference/endpoints/universal-auth/revoke-client-secret","api-reference/endpoints/universal-auth/get-client-secret-by-id","api-reference/endpoints/universal-auth/renew-access-token","api-reference/endpoints/universal-auth/revoke-access-token"]},{"group":"GCP Auth","pages":["api-reference/endpoints/gcp-auth/login","api-reference/endpoints/gcp-auth/attach","api-reference/endpoints/gcp-auth/retrieve","api-reference/endpoints/gcp-auth/update","api-reference/endpoints/gcp-auth/revoke"]},{"group":"AWS Auth","pages":["api-reference/endpoints/aws-auth/login","api-reference/endpoints/aws-auth/attach","api-reference/endpoints/aws-auth/retrieve","api-reference/endpoints/aws-auth/update","api-reference/endpoints/aws-auth/revoke"]},{"group":"Azure Auth","pages":["api-reference/endpoints/azure-auth/login","api-reference/endpoints/azure-auth/attach","api-reference/endpoints/azure-auth/retrieve","api-reference/endpoints/azure-auth/update","api-reference/endpoints/azure-auth/revoke"]},{"group":"Kubernetes Auth","pages":["api-reference/endpoints/kubernetes-auth/login","api-reference/endpoints/kubernetes-auth/attach","api-reference/endpoints/kubernetes-auth/retrieve","api-reference/endpoints/kubernetes-auth/update","api-reference/endpoints/kubernetes-auth/revoke"]},{"group":"OIDC Auth","pages":["api-reference/endpoints/oidc-auth/login","api-reference/endpoints/oidc-auth/attach","api-reference/endpoints/oidc-auth/retrieve","api-reference/endpoints/oidc-auth/update","api-reference/endpoints/oidc-auth/revoke"]},{"group":"JWT Auth","pages":["api-reference/endpoints/jwt-auth/login","api-reference/endpoints/jwt-auth/attach","api-reference/endpoints/jwt-auth/retrieve","api-reference/endpoints/jwt-auth/update","api-reference/endpoints/jwt-auth/revoke"]},{"group":"Groups","pages":["api-reference/endpoints/groups/create","api-reference/endpoints/groups/update","api-reference/endpoints/groups/delete","api-reference/endpoints/groups/get","api-reference/endpoints/groups/get-by-id","api-reference/endpoints/groups/add-group-user","api-reference/endpoints/groups/remove-group-user","api-reference/endpoints/groups/list-group-users"]},{"group":"Organizations","pages":["api-reference/endpoints/organizations/memberships","api-reference/endpoints/organizations/update-membership","api-reference/endpoints/organizations/delete-membership","api-reference/endpoints/organizations/list-identity-memberships","api-reference/endpoints/organizations/workspaces"]},{"group":"Projects","pages":["api-reference/endpoints/workspaces/create-workspace","api-reference/endpoints/workspaces/delete-workspace","api-reference/endpoints/workspaces/get-workspace","api-reference/endpoints/workspaces/update-workspace","api-reference/endpoints/workspaces/secret-snapshots","api-reference/endpoints/workspaces/rollback-snapshot"]},{"group":"Project Users","pages":["api-reference/endpoints/project-users/invite-member-to-workspace","api-reference/endpoints/project-users/remove-member-from-workspace","api-reference/endpoints/project-users/memberships","api-reference/endpoints/project-users/get-by-username","api-reference/endpoints/project-users/update-membership"]},{"group":"Project Groups","pages":["api-reference/endpoints/project-groups/create","api-reference/endpoints/project-groups/delete","api-reference/endpoints/project-groups/get-by-id","api-reference/endpoints/project-groups/list","api-reference/endpoints/project-groups/update"]},{"group":"Project Identities","pages":["api-reference/endpoints/project-identities/add-identity-membership","api-reference/endpoints/project-identities/list-identity-memberships","api-reference/endpoints/project-identities/get-by-id","api-reference/endpoints/project-identities/update-identity-membership","api-reference/endpoints/project-identities/delete-identity-membership"]},{"group":"Project Roles","pages":["api-reference/endpoints/project-roles/create","api-reference/endpoints/project-roles/update","api-reference/endpoints/project-roles/delete","api-reference/endpoints/project-roles/get-by-slug","api-reference/endpoints/project-roles/list"]},{"group":"Project Templates","pages":["api-reference/endpoints/project-templates/create","api-reference/endpoints/project-templates/update","api-reference/endpoints/project-templates/delete","api-reference/endpoints/project-templates/get-by-id","api-reference/endpoints/project-templates/list"]},{"group":"Environments","pages":["api-reference/endpoints/environments/create","api-reference/endpoints/environments/update","api-reference/endpoints/environments/delete"]},{"group":"Folders","pages":["api-reference/endpoints/folders/list","api-reference/endpoints/folders/get-by-id","api-reference/endpoints/folders/create","api-reference/endpoints/folders/update","api-reference/endpoints/folders/delete"]},{"group":"Secret Tags","pages":["api-reference/endpoints/secret-tags/list","api-reference/endpoints/secret-tags/get-by-id","api-reference/endpoints/secret-tags/get-by-slug","api-reference/endpoints/secret-tags/create","api-reference/endpoints/secret-tags/update","api-reference/endpoints/secret-tags/delete"]},{"group":"Secrets","pages":["api-reference/endpoints/secrets/list","api-reference/endpoints/secrets/create","api-reference/endpoints/secrets/read","api-reference/endpoints/secrets/update","api-reference/endpoints/secrets/delete","api-reference/endpoints/secrets/create-many","api-reference/endpoints/secrets/update-many","api-reference/endpoints/secrets/delete-many","api-reference/endpoints/secrets/attach-tags","api-reference/endpoints/secrets/detach-tags"]},{"group":"Dynamic Secrets","pages":["api-reference/endpoints/dynamic-secrets/create","api-reference/endpoints/dynamic-secrets/update","api-reference/endpoints/dynamic-secrets/delete","api-reference/endpoints/dynamic-secrets/get","api-reference/endpoints/dynamic-secrets/list","api-reference/endpoints/dynamic-secrets/list-leases","api-reference/endpoints/dynamic-secrets/create-lease","api-reference/endpoints/dynamic-secrets/delete-lease","api-reference/endpoints/dynamic-secrets/renew-lease","api-reference/endpoints/dynamic-secrets/get-lease"]},{"group":"Secret Imports","pages":["api-reference/endpoints/secret-imports/list","api-reference/endpoints/secret-imports/create","api-reference/endpoints/secret-imports/update","api-reference/endpoints/secret-imports/delete"]},{"group":"Identity Specific Privilege","pages":["api-reference/endpoints/identity-specific-privilege/create-permanent","api-reference/endpoints/identity-specific-privilege/create-temporary","api-reference/endpoints/identity-specific-privilege/update","api-reference/endpoints/identity-specific-privilege/delete","api-reference/endpoints/identity-specific-privilege/find-by-slug","api-reference/endpoints/identity-specific-privilege/list"]},{"group":"App Connections","pages":["api-reference/endpoints/app-connections/list","api-reference/endpoints/app-connections/options",{"group":"AWS","pages":["api-reference/endpoints/app-connections/aws/list","api-reference/endpoints/app-connections/aws/available","api-reference/endpoints/app-connections/aws/get-by-id","api-reference/endpoints/app-connections/aws/get-by-name","api-reference/endpoints/app-connections/aws/create","api-reference/endpoints/app-connections/aws/update","api-reference/endpoints/app-connections/aws/delete"]},{"group":"Azure App Configuration","pages":["api-reference/endpoints/app-connections/azure-app-configuration/list","api-reference/endpoints/app-connections/azure-app-configuration/available","api-reference/endpoints/app-connections/azure-app-configuration/get-by-id","api-reference/endpoints/app-connections/azure-app-configuration/get-by-name","api-reference/endpoints/app-connections/azure-app-configuration/create","api-reference/endpoints/app-connections/azure-app-configuration/update","api-reference/endpoints/app-connections/azure-app-configuration/delete"]},{"group":"Azure Key Vault","pages":["api-reference/endpoints/app-connections/azure-key-vault/list","api-reference/endpoints/app-connections/azure-key-vault/available","api-reference/endpoints/app-connections/azure-key-vault/get-by-id","api-reference/endpoints/app-connections/azure-key-vault/get-by-name","api-reference/endpoints/app-connections/azure-key-vault/create","api-reference/endpoints/app-connections/azure-key-vault/update","api-reference/endpoints/app-connections/azure-key-vault/delete"]},{"group":"Databricks","pages":["api-reference/endpoints/app-connections/databricks/list","api-reference/endpoints/app-connections/databricks/available","api-reference/endpoints/app-connections/databricks/get-by-id","api-reference/endpoints/app-connections/databricks/get-by-name","api-reference/endpoints/app-connections/databricks/create","api-reference/endpoints/app-connections/databricks/update","api-reference/endpoints/app-connections/databricks/delete"]},{"group":"GCP","pages":["api-reference/endpoints/app-connections/gcp/list","api-reference/endpoints/app-connections/gcp/available","api-reference/endpoints/app-connections/gcp/get-by-id","api-reference/endpoints/app-connections/gcp/get-by-name","api-reference/endpoints/app-connections/gcp/create","api-reference/endpoints/app-connections/gcp/update","api-reference/endpoints/app-connections/gcp/delete"]},{"group":"GitHub","pages":["api-reference/endpoints/app-connections/github/list","api-reference/endpoints/app-connections/github/available","api-reference/endpoints/app-connections/github/get-by-id","api-reference/endpoints/app-connections/github/get-by-name","api-reference/endpoints/app-connections/github/create","api-reference/endpoints/app-connections/github/update","api-reference/endpoints/app-connections/github/delete"]}]},{"group":"Secret Syncs","pages":["api-reference/endpoints/secret-syncs/list","api-reference/endpoints/secret-syncs/options",{"group":"AWS Parameter Store","pages":["api-reference/endpoints/secret-syncs/aws-parameter-store/list","api-reference/endpoints/secret-syncs/aws-parameter-store/get-by-id","api-reference/endpoints/secret-syncs/aws-parameter-store/get-by-name","api-reference/endpoints/secret-syncs/aws-parameter-store/create","api-reference/endpoints/secret-syncs/aws-parameter-store/update","api-reference/endpoints/secret-syncs/aws-parameter-store/delete","api-reference/endpoints/secret-syncs/aws-parameter-store/sync-secrets","api-reference/endpoints/secret-syncs/aws-parameter-store/import-secrets","api-reference/endpoints/secret-syncs/aws-parameter-store/remove-secrets"]},{"group":"AWS Secrets Manager","pages":["api-reference/endpoints/secret-syncs/aws-secrets-manager/list","api-reference/endpoints/secret-syncs/aws-secrets-manager/get-by-id","api-reference/endpoints/secret-syncs/aws-secrets-manager/get-by-name","api-reference/endpoints/secret-syncs/aws-secrets-manager/create","api-reference/endpoints/secret-syncs/aws-secrets-manager/update","api-reference/endpoints/secret-syncs/aws-secrets-manager/delete","api-reference/endpoints/secret-syncs/aws-secrets-manager/sync-secrets","api-reference/endpoints/secret-syncs/aws-secrets-manager/import-secrets","api-reference/endpoints/secret-syncs/aws-secrets-manager/remove-secrets"]},{"group":"Azure App Configuration","pages":["api-reference/endpoints/secret-syncs/azure-app-configuration/list","api-reference/endpoints/secret-syncs/azure-app-configuration/get-by-id","api-reference/endpoints/secret-syncs/azure-app-configuration/get-by-name","api-reference/endpoints/secret-syncs/azure-app-configuration/create","api-reference/endpoints/secret-syncs/azure-app-configuration/update","api-reference/endpoints/secret-syncs/azure-app-configuration/delete","api-reference/endpoints/secret-syncs/azure-app-configuration/sync-secrets","api-reference/endpoints/secret-syncs/azure-app-configuration/import-secrets","api-reference/endpoints/secret-syncs/azure-app-configuration/remove-secrets"]},{"group":"Azure Key Vault","pages":["api-reference/endpoints/secret-syncs/azure-key-vault/list","api-reference/endpoints/secret-syncs/azure-key-vault/get-by-id","api-reference/endpoints/secret-syncs/azure-key-vault/get-by-name","api-reference/endpoints/secret-syncs/azure-key-vault/create","api-reference/endpoints/secret-syncs/azure-key-vault/update","api-reference/endpoints/secret-syncs/azure-key-vault/delete","api-reference/endpoints/secret-syncs/azure-key-vault/sync-secrets","api-reference/endpoints/secret-syncs/azure-key-vault/import-secrets","api-reference/endpoints/secret-syncs/azure-key-vault/remove-secrets"]},{"group":"Databricks","pages":["api-reference/endpoints/secret-syncs/databricks/list","api-reference/endpoints/secret-syncs/databricks/get-by-id","api-reference/endpoints/secret-syncs/databricks/get-by-name","api-reference/endpoints/secret-syncs/databricks/create","api-reference/endpoints/secret-syncs/databricks/update","api-reference/endpoints/secret-syncs/databricks/delete","api-reference/endpoints/secret-syncs/databricks/sync-secrets","api-reference/endpoints/secret-syncs/databricks/remove-secrets"]},{"group":"GCP Secret Manager","pages":["api-reference/endpoints/secret-syncs/gcp-secret-manager/list","api-reference/endpoints/secret-syncs/gcp-secret-manager/get-by-id","api-reference/endpoints/secret-syncs/gcp-secret-manager/get-by-name","api-reference/endpoints/secret-syncs/gcp-secret-manager/create","api-reference/endpoints/secret-syncs/gcp-secret-manager/update","api-reference/endpoints/secret-syncs/gcp-secret-manager/delete","api-reference/endpoints/secret-syncs/gcp-secret-manager/sync-secrets","api-reference/endpoints/secret-syncs/gcp-secret-manager/import-secrets","api-reference/endpoints/secret-syncs/gcp-secret-manager/remove-secrets"]},{"group":"GitHub","pages":["api-reference/endpoints/secret-syncs/github/list","api-reference/endpoints/secret-syncs/github/get-by-id","api-reference/endpoints/secret-syncs/github/get-by-name","api-reference/endpoints/secret-syncs/github/create","api-reference/endpoints/secret-syncs/github/update","api-reference/endpoints/secret-syncs/github/delete","api-reference/endpoints/secret-syncs/github/sync-secrets","api-reference/endpoints/secret-syncs/github/remove-secrets"]}]},{"group":"Integrations","pages":["api-reference/endpoints/integrations/create-auth","api-reference/endpoints/integrations/list-auth","api-reference/endpoints/integrations/find-auth","api-reference/endpoints/integrations/delete-auth","api-reference/endpoints/integrations/delete-auth-by-id","api-reference/endpoints/integrations/create","api-reference/endpoints/integrations/update","api-reference/endpoints/integrations/delete","api-reference/endpoints/integrations/list-project-integrations"]},{"group":"Service Tokens","pages":["api-reference/endpoints/service-tokens/get"]},{"group":"Audit Logs","pages":["api-reference/endpoints/audit-logs/export-audit-log"]}]},{"group":"Infisical PKI","pages":[{"group":"Certificate Authorities","pages":["api-reference/endpoints/certificate-authorities/list","api-reference/endpoints/certificate-authorities/create","api-reference/endpoints/certificate-authorities/read","api-reference/endpoints/certificate-authorities/update","api-reference/endpoints/certificate-authorities/delete","api-reference/endpoints/certificate-authorities/renew","api-reference/endpoints/certificate-authorities/list-ca-certs","api-reference/endpoints/certificate-authorities/csr","api-reference/endpoints/certificate-authorities/cert","api-reference/endpoints/certificate-authorities/sign-intermediate","api-reference/endpoints/certificate-authorities/import-cert","api-reference/endpoints/certificate-authorities/issue-cert","api-reference/endpoints/certificate-authorities/sign-cert","api-reference/endpoints/certificate-authorities/crl"]},{"group":"Certificates","pages":["api-reference/endpoints/certificates/list","api-reference/endpoints/certificates/read","api-reference/endpoints/certificates/revoke","api-reference/endpoints/certificates/delete","api-reference/endpoints/certificates/cert-body","api-reference/endpoints/certificates/issue-certificate","api-reference/endpoints/certificates/sign-certificate"]},{"group":"Certificate Templates","pages":["api-reference/endpoints/certificate-templates/create","api-reference/endpoints/certificate-templates/update","api-reference/endpoints/certificate-templates/get-by-id","api-reference/endpoints/certificate-templates/delete"]},{"group":"Certificate Collections","pages":["api-reference/endpoints/pki-collections/create","api-reference/endpoints/pki-collections/read","api-reference/endpoints/pki-collections/update","api-reference/endpoints/pki-collections/delete","api-reference/endpoints/pki-collections/add-item","api-reference/endpoints/pki-collections/list-items","api-reference/endpoints/pki-collections/delete-item"]},{"group":"PKI Alerting","pages":["api-reference/endpoints/pki-alerts/create","api-reference/endpoints/pki-alerts/read","api-reference/endpoints/pki-alerts/update","api-reference/endpoints/pki-alerts/delete"]}]},{"group":"Infisical SSH","pages":[{"group":"Certificates","pages":["api-reference/endpoints/ssh/certificates/issue-credentials","api-reference/endpoints/ssh/certificates/sign-key"]},{"group":"Certificate Authorities","pages":["api-reference/endpoints/ssh/ca/list","api-reference/endpoints/ssh/ca/create","api-reference/endpoints/ssh/ca/read","api-reference/endpoints/ssh/ca/update","api-reference/endpoints/ssh/ca/delete","api-reference/endpoints/ssh/ca/public-key","api-reference/endpoints/ssh/ca/list-certificate-templates"]},{"group":"Certificate Templates","pages":["api-reference/endpoints/ssh/certificate-templates/list","api-reference/endpoints/ssh/certificate-templates/create","api-reference/endpoints/ssh/certificate-templates/read","api-reference/endpoints/ssh/certificate-templates/update","api-reference/endpoints/ssh/certificate-templates/delete"]}]},{"group":"Infisical KMS","pages":[{"group":"Keys","pages":["api-reference/endpoints/kms/keys/list","api-reference/endpoints/kms/keys/get-by-id","api-reference/endpoints/kms/keys/get-by-name","api-reference/endpoints/kms/keys/create","api-reference/endpoints/kms/keys/update","api-reference/endpoints/kms/keys/delete","api-reference/endpoints/kms/keys/encrypt","api-reference/endpoints/kms/keys/decrypt"]}]}]},{"tab":"SDKs","groups":[{"group":"","pages":["sdks/overview"]},{"group":"SDK's","pages":["sdks/languages/node","sdks/languages/python","sdks/languages/java","sdks/languages/go","sdks/languages/ruby","sdks/languages/csharp"]}]},{"tab":"Changelog","groups":[{"group":"","pages":["changelog/overview"]}]}]},"logo":{"light":"https://mintlify.s3.us-west-1.amazonaws.com/infisical/logo/light.svg","dark":"https://mintlify.s3.us-west-1.amazonaws.com/infisical/logo/dark.svg","href":"https://infisical.com"},"api":{"openapi":"https://app.infisical.com/api/docs/json","mdx":{"server":["https://app.infisical.com","http://localhost:8080"]}},"appearance":{"default":"light","strict":true},"background":{"color":{"light":"#ffffff","dark":"#0D1117"}},"navbar":{"links":[{"label":"Log In","href":"https://app.infisical.com/login"}],"primary":{"type":"button","label":"Start for Free","href":"https://app.infisical.com/signup"}},"footer":{"socials":{"x":"https://www.twitter.com/infisical/","linkedin":"https://www.linkedin.com/company/infisical/","github":"https://github.com/Infisical/infisical-cli","slack":"https://infisical.com/slack"},"links":[{"header":"PRODUCT","items":[{"label":"Secret Management","href":"https://infisical.com/"},{"label":"Secret Scanning","href":"https://infisical.com/radar"},{"label":"Share Secrets","href":"https://app.infisical.com/share-secret"},{"label":"Pricing","href":"https://infisical.com/pricing"},{"label":"Security","href":"https://infisical.com/docs/internals/security"},{"label":"Blog","href":"https://infisical.com/blog"},{"label":"Infisical vs Vault","href":"https://infisical.com/infisical-vs-hashicorp-vault"},{"label":"Forum","href":"https://questions.infisical.com/"}]},{"header":"USE CASES","items":[{"label":"Infisical Agent","href":"https://infisical.com/docs/documentation/getting-started/introduction"},{"label":"Kubernetes","href":"https://infisical.com/docs/integrations/platforms/kubernetes"},{"label":"Dynamic Secrets","href":"https://infisical.com/docs/documentation/platform/dynamic-secrets/overview"},{"label":"Terraform","href":"https://infisical.com/docs/integrations/frameworks/terraform"},{"label":"Ansible","href":"https://infisical.com/docs/integrations/platforms/ansible"},{"label":"Jenkins","href":"https://infisical.com/docs/integrations/cicd/jenkins"},{"label":"Docker","href":"https://infisical.com/docs/integrations/platforms/docker-intro"},{"label":"AWS ECS","href":"https://infisical.com/docs/integrations/platforms/ecs-with-agent"},{"label":"GitLab","href":"https://infisical.com/docs/integrations/cicd/gitlab"},{"label":"GitHub","href":"https://infisical.com/docs/integrations/cicd/githubactions"},{"label":"SDK","href":"https://infisical.com/docs/sdks/overview"}]},{"header":"DEVELOPERS","items":[{"label":"Changelog","href":"https://www.infisical.com/docs/changelog"},{"label":"Status","href":"https://status.infisical.com/"},{"label":"Feedback \u0026 Requests","href":"https://github.com/Infisical/infisical/issues"},{"label":"Trust of Center","href":"https://app.vanta.com/infisical.com/trust/hoop8cr78cuarxo9sztvs"},{"label":"Open Source Friends","href":"https://infisical.com/infisical-friends"},{"label":"How to contribute","href":"https://www.infisical.com/infisical-heroes"}]},{"header":"OTHERS","items":[{"label":"Customers","href":"https://infisical.com/customers/traba"},{"label":"Company Handbook","href":"https://infisical.com/wiki/handbook/overview"},{"label":"Careers","href":"https://infisical.com/careers"},{"label":"Terms of Service","href":"https://infisical.com/terms"},{"label":"Privacy Policy","href":"https://infisical.com/privacy"},{"label":"Subprocessors","href":"https://infisical.com/subprocessors"},{"label":"SLA","href":"https://infisical.com/sla"},{"label":"Team Email","href":"mailto:team@infisical.com"},{"label":"Sales","href":"mailto:sales@infisical.com"},{"label":"Support","href":"https://infisical.com/slack"}]}]},"integrations":{"posthog":{"apiKey":"phc_Q0xfB3LeOqo7ySk4DE6zLNwDzHFesKcmigknCy4fTdV"},"koala":{"publicApiKey":"pk_b50d7184e0e39ddd5cdb43cf6abeadd9b97d"}}},"pageMetadata":{"title":"AWS Auth","description":"Learn how to authenticate with Infisical for EC2 instances, Lambda functions, and other IAM principals.","href":"/documentation/platform/identities/aws-auth"}}},"entitlements":{"AI_CHAT":{"status":"ENABLED"}},"gitSource":{"type":"github","owner":"infisical","repo":"infisical","deployBranch":"main","contentDirectory":"docs"}},"__N_SSG":true},"page":"/_sites/[subdomain]/[[...slug]]","query":{"subdomain":"infisical","slug":["documentation","platform","identities","aws-auth"]},"buildId":"975QXHH-delYr8Bi2SqIf","assetPrefix":"/docs","isFallback":false,"isExperimentalCompile":false,"gsp":true,"scriptLoader":[]}</script></html></body></html>