Table of Contents
Introduction
Sniptt is a secret manager for developers.
The main purpose of Sniptt is to simplify and improve the experience of sharing secrets and credentials between developers and machines.
You can finally say goodbye to 1Password, LastPass, and Dashlane π.
Install
Homebrew
The recommended way to install snip
on macOS is via Homebrew.
$ brew install sniptt-official/snip/snip
npm
Alternatively, you can also install snip
via npm.
npm install sniptt -g
Manual
For manual installation instructions on macOS and Linux, please refer to the dedicated install docs.
Features
- π End-to-end encryption: Secrets are encrypted using OpenPGP, the most widely used messaging encryption standard.
- πΎ For developers, by developers: Protect and share secrets directly from your terminal.
- π Immutable and cryptographically verifiable (coming soon): Stay comforted knowing that every secret has a complete and verifiable history of changes over time. Powered by Amazon QLDB.
Basic Usage
Setup
Create a new account or configure a new device with an existing account.
$ snip configure
For advanced usage, type $ snip configure -h
.
Add secrets
Add end-to-end encrypted secrets to your personal vault.
# Add simple key/value.
$ snip add DB_PASSWORD AYYGR3h64tHp9Bne
# Add file.
$ snip add --file .env.prod
For advanced usage, type $ snip add -h
.
Read secrets
Read end-to-end encrypted secrets from your personal vault.
# Read simple value.
$ snip get DB_PASSWORD
# Read a file.
$ snip get .env.prod
# Download a file.
$ snip get .env.prod -o .env.prod
# Get started with automation.
$ snip get .env.prod -q --json | jq -r .SecretContent | base64 -d
For advanced usage, type $ snip get -h
.
Vaults
Vaults allow you to store and share secrets with others.
# Create a new vault.
$ snip vault create creds:aws
# Add a member to a vault.
$ snip vault add-member creds:aws -e alice@example.com
# Add a secret to a vault.
$ snip add -f sandbox.csv -v creds:aws
# Automate workflows.
$ snip vault ls -q --json | jq -r ".[].VaultId" | pbcopy
For advanced usage, type $ snip vault -h
.
Sharing
Share an end-to-end encrypted secret via a one-time URL.
# Create one-time secret.
$ snip share AYYGR3h64tHp9Bne
# Create one-time secret from a file.
$ snip share --file .env.local
For advanced usage, type $ snip share -h
.
Usage Limits
Sniptt is free for personal use with the following limits:
- Up to 100 secrets per month
- Up to 100 URL shares per month
- 1 additional Vault (up to 3 members)
To increase limits and access more features, please email us at support@sniptt.com.
FAQ
Who can access my secrets?
You and only you can access your secrets stored privately with Sniptt. The Master Password used to encrypt your private key never leaves your device, ensuring nobody, not even Sniptt has access to your encrypted data. You can even verify the code to make sure! π΅οΈββοΈ
If you wish to share your secrets with others, then you will need to create a shared Vault or use the one-time-secret functionality to do so.
Why does it sometimes take longer to fulfill a request?
Our platform is built on AWS, using 100% serverless architecture. We rely heavily on Lambda, so you may occasionally experience what's called a "cold start". Another reason your requests might be taking slightly longer is if you're not in Europe. We're currently only deployed in eu-west-1 (Ireland), however we plan to deploy in 2 additional regions soon.
License
This project is under the MIT license.