Powerful Features for Modern Teams
Everything you need to store, share, and manage secrets securely.
Zero-Knowledge Encryption
Your data is encrypted on your device using AES-256-GCM before it ever leaves your browser. We use PBKDF2 with 600,000 iterations to derive encryption keys from your master password. Even our servers never see your plaintext secrets.
Master Password PBKDF2 (600K iterations) Encryption Key
Secret Data AES-256-GCM Encrypted Blob Server
- Role-based permissions (Owner, Admin, Writer, Reader)
- Vault-level sharing
- Access request workflows
- Real-time audit trail
Team Collaboration
Fine-grained role-based access control lets you share secrets with exactly the right people. Owners, admins, writers, and readers — each role has precise permissions. Audit every access and change with comprehensive logging.
Developer API & CLI
First-class REST API with token authentication and rate limiting. Our CLI tool injects secrets directly into your environment — no more .env files committed to git.
$ cloudkeep get DB_PASSWORD --vault production
$ cloudkeep inject -- docker compose up
$ curl -H "Authorization: Bearer ck_live_..." \
https://api.cloudkeep.dev/v1/secrets
And Much More
Every tool your team needs to manage secrets at scale.
Secret Versioning
Every change creates a new version. View diffs, restore previous versions, and track who changed what and why.
Secure Sharing Links
Generate time-limited, password-protected links to share individual secrets. Set max access counts and auto-expiration.
Import & Export
Import from 1Password, LastPass, Bitwarden, .env files, CSV, and JSON. Export in multiple formats with optional encryption.
Webhooks
Slack, Discord, and custom HTTP webhooks. Get notified when secrets change, expire, or are accessed.
Multi-Organization
Manage multiple organizations with separate vaults, members, and billing. Switch seamlessly between teams.
Secret Templates
10+ built-in templates for passwords, API keys, database credentials, SSH keys, and more. Create custom templates for your team.