Roadmap

Full-featured CLI

Manage secrets, environments, teams, and deployments entirely from the terminal

Web dashboard

Browse secrets, manage teams, view audit logs, and handle billing from the browser

Envelope encryption

AES-256-GCM with per-project keys wrapped by AWS, GCP, or Azure KMS

TypeScript, Python & Go SDKs

First-class clients for the three most popular backend languages

Platform integrations

Vercel, Netlify, GitHub Actions, VS Code, and Postman — plug into your existing workflow

One-click provider import

Pull secrets from 12+ providers including AWS, Vercel, Heroku, Railway, and Cloudflare

Secret scanning

Detect leaked credentials in your codebase before they reach production

Secure sharing

Share a secret via a time-limited, view-limited encrypted link — no Slack DMs

Terraform provider

Manage projects and secrets alongside the rest of your infrastructure-as-code

Webhooks

Get notified instantly when secrets are created, updated, or deleted

Webhook retries

Automatic retries with backoff so you never miss a notification

Security whitepaper

A detailed overview of our encryption architecture and threat model

Improved reliability

Better error reporting and observability across the platform

SSO / SAML

Sign in with your company's identity provider

SCIM provisioning

Automatically sync team members from your identity provider

Secret rotation policies

Define rotation schedules and get reminded — or let secr rotate for you

Secret expiry

Set a TTL on secrets so they auto-expire when no longer needed

Provider sync

Push secrets directly to Vercel, Render, and other platforms with drift detection

IP allowlisting

Restrict API access to trusted IP ranges for an extra layer of control

Multi-region encryption

Encrypt with region-local keys for data residency and compliance

Compliance export

One-click audit trail export for SOC 2 and ISO 27001 evidence packages

Kubernetes support

Native secret injection for containerised workloads

Self-hosted option

Run secr in your own infrastructure for full data control

Secret version diffing

See exactly what changed between two versions of a secret

Slack & Teams notifications

Get notified in your team chat when secrets change

Two-way provider sync

Keep secrets in sync between secr and your cloud providers automatically

More SDKs

Ruby, Java, .NET, and PHP clients