An API for the credentials your apps depend on. Everything's encrypted on your side before it leaves your machine, so all we ever hold is ciphertext and nothing that opens it. Steal our database and you get noise. We built it so we couldn't read your data even if someone made us try.
Your keys are made on your own device and never sent to us. What sits on our servers is the encrypted data and the checks that let you sign in. None of it decrypts anything.
There's no master key on our side. Nothing to steal, nothing to hand over under a court order. The thing that opens your secrets only ever exists where you are, for as long as you're using it.
A person and a service reach the same secrets through different front doors. Neither door puts a usable key on our servers.
You unlock your vault with a passphrase that lives in your head plus a secret key that lives with you. We keep a backup copy of neither. Lose both and the data is gone, which is the honest cost of a vault we genuinely can't open.
A build pipeline or a running service gets a single credential it keeps in its own config. That key opens just the one vault it was given and nothing else. No human in the loop, no shared password, still nothing on our side that reads it.
Give a service a key for one vault and nothing past it. Every credential is least privilege from the moment you make it.
Rotate one or revoke it on its own, without touching anyone else's access. A leaked machine key is a small, walled-off problem you fix in seconds. Hand them out per service or per environment, as narrow as you like.
Picture the bad day. Someone walks off with the whole database, or owns the running server outright. Here's their haul.
Tell us what you're building and we'll set you up. We read every request ourselves.