ENV is built for developers â¤ď¸ but with enterprise features such as Access Log, Rotating an Encryption Key, and end-to-end encryption, ensuring it can be deployed in any environment.
Table of Contents
- No Access to Your Secret Key
- Secure Network with Authentication
- Why Aren't Our Secrets Visible in the Dashboard?
No Access to Your Secret Key
All of your .env files are stored fully encrypted using a local secret key that Hyphen never has access to. Both encryption and decryption happen locally, ensuring that your .env files and the secrets they contain are never accessible by Hyphen.
Secure Network with Authentication
Not only are your files encrypted locally, but all data is transferred over SSL-encrypted connections and stored fully encrypted at rest.
ENV includes robust user and API key authentication by default, with full Access Log audits on every push and pull request.
For additional security, enable IP Access Rules in ENV so that any request from an IP address that does not match the configured rules is blocked, even if it includes valid authentication credentials.
Why Aren't Our Secrets Visible in the Dashboard?
As weâve emphasized, the reason we donât display secrets in the dashboard is that we have no access to your applicationâs secret key. Everything remains fully encrypted and out of Hyphenâs reach.