Knox docs

Knox docs


Your manage projects where you can create environments. You can add keys to your project and set values (or let it empty) for each environment of the project.

You can then add users to each environment. They get access to a personal token to query our API for all the key/value pairs of the target environment.

Store your secrets

Create a project

In my projects, hit the create project button.

To create more than one project, you need to a paid plan. You can delete your projects at any time. All your data are then erased.

Add an environment

In your project page, click add env.

Add a key

When you add a key to the project, it adds a blank slot in every environment of the project.

Add a value

Each key can have a different value for each environment or the same one; or even no value.

Add a user

When you add a user to an environment with his email, you allow him to access the data from this environment only. You can revoke this permissions at any time. But always consider that the user has saved the data somewhere and don’t expose sensitive keys.

Query your secrets

Make the query

Once you have your token, you can query your secrets with a simple curl:

~ curl > .env

This is a GET request, with two URL parameters: token and format. The format is optional and the default is envfile. The other formats are JSON and ESModule. Contact us if you need anything else, we probably can do something for you.

The example uses curl, but you can use wget, node fetch, or any https capable query command.

The example uses the angle bracket > .env to send the result of the query in a .env file because it’s usually convenient. But you can send it to a secrets.json file for example. Or use the result directly.

Master token

As the project owner, you can add yourself in the user’s list to get a token like a regular user or use the master token of the environment. You typically use the master token only for your servers and CI/CD pipelines.

Never send this token to anyone. If a team member needs a token, add him to the environment and he gets his own token.

If you think that your master token is compromised, you can refresh it to revoke the old version and generate a clean one.

User token

As a regular user, go to My tokens and get the list of all the environments you can access. You can get the data from here or get a token to query them. This is interesting when you set up a dev environment. Each dev has individual access to the secrets and the configuration of the environment and you can easily revoke the access when the dev leaves the project.

If you think that your user token is compromised, hit refresh to revoke the old one and generate a clean one.

Update your data

Projects data

You can update your keys and values at will. The queries to our server will always return an fresh version of the environment values.