If you’re working with C#, the official Infisical C# SDK package is the easiest way to fetch and work with secrets for your application.
This example demonstrates how to use the Infisical C# SDK in a C# application. The application retrieves a secret named TEST
from the dev
environment of the PROJECT_ID
project.
We do not recommend hardcoding your Machine Identity Tokens. Setting it as an environment variable would be best.
Import the SDK and create a client instance with your Machine Identity.
The SDK supports a variety of authentication methods. The most common authentication method is Universal Auth, which uses a client ID and client secret to authenticate.
Using environment variables
INFISICAL_UNIVERSAL_AUTH_CLIENT_ID
- Your machine identity client ID.INFISICAL_UNIVERSAL_AUTH_CLIENT_SECRET
- Your machine identity client secret.Using the SDK directly
Please note that this authentication method will only work if you’re running your application on Google Cloud Platform. Please read more about this authentication method.
Using environment variables
INFISICAL_GCP_AUTH_IDENTITY_ID
- Your Infisical Machine Identity ID.Using the SDK directly
Using environment variables
INFISICAL_GCP_IAM_AUTH_IDENTITY_ID
- Your Infisical Machine Identity ID.INFISICAL_GCP_IAM_SERVICE_ACCOUNT_KEY_FILE_PATH
- The path to your GCP service account key file.Using the SDK directly
Please note that this authentication method will only work if you’re running your application on AWS. Please read more about this authentication method.
Using environment variables
INFISICAL_AWS_IAM_AUTH_IDENTITY_ID
- Your Infisical Machine Identity ID.Using the SDK directly
Please note that this authentication method will only work if you’re running your application on Azure. Please read more about this authentication method.
Using environment variables
INFISICAL_AZURE_AUTH_IDENTITY_ID
- Your Infisical Machine Identity ID.Using the SDK directly
Please note that this authentication method will only work if you’re running your application on Kubernetes. Please read more about this authentication method.
Using environment variables
INFISICAL_KUBERNETES_IDENTITY_ID
- Your Infisical Machine Identity ID.INFISICAL_KUBERNETES_SERVICE_ACCOUNT_TOKEN_PATH_ENV_NAME
- The environment variable name that contains the path to the service account token. This is optional and will default to /var/run/secrets/kubernetes.io/serviceaccount/token
.Using the SDK directly
To reduce the number of API requests, the SDK temporarily stores secrets it retrieves. By default, a secret remains cached for 5 minutes after it’s first fetched. Each time it’s fetched again, this 5-minute timer resets. You can adjust this caching duration by setting the “cacheTTL” option when creating the client.
Retrieve all secrets within the Infisical project and environment that client is connected to
Retrieve a secret from Infisical.
By default, GetSecret()
fetches and returns a shared secret.
Create a new secret in Infisical.
Update an existing secret in Infisical.
Delete a secret in Infisical.
Create a base64-encoded, 256-bit symmetric key to be used for encryption/decryption.
key
(string): A base64-encoded, 256-bit symmetric key, that can be used for encryption/decryption purposes.
Tag
(string): A base64-encoded, 128-bit authentication tag.
Iv
(string): A base64-encoded, 96-bit initialization vector.
CipherText
(string): A base64-encoded, encrypted ciphertext.
Plaintext
(string): The decrypted plaintext.
If you’re working with C#, the official Infisical C# SDK package is the easiest way to fetch and work with secrets for your application.
This example demonstrates how to use the Infisical C# SDK in a C# application. The application retrieves a secret named TEST
from the dev
environment of the PROJECT_ID
project.
We do not recommend hardcoding your Machine Identity Tokens. Setting it as an environment variable would be best.
Import the SDK and create a client instance with your Machine Identity.
The SDK supports a variety of authentication methods. The most common authentication method is Universal Auth, which uses a client ID and client secret to authenticate.
Using environment variables
INFISICAL_UNIVERSAL_AUTH_CLIENT_ID
- Your machine identity client ID.INFISICAL_UNIVERSAL_AUTH_CLIENT_SECRET
- Your machine identity client secret.Using the SDK directly
Please note that this authentication method will only work if you’re running your application on Google Cloud Platform. Please read more about this authentication method.
Using environment variables
INFISICAL_GCP_AUTH_IDENTITY_ID
- Your Infisical Machine Identity ID.Using the SDK directly
Using environment variables
INFISICAL_GCP_IAM_AUTH_IDENTITY_ID
- Your Infisical Machine Identity ID.INFISICAL_GCP_IAM_SERVICE_ACCOUNT_KEY_FILE_PATH
- The path to your GCP service account key file.Using the SDK directly
Please note that this authentication method will only work if you’re running your application on AWS. Please read more about this authentication method.
Using environment variables
INFISICAL_AWS_IAM_AUTH_IDENTITY_ID
- Your Infisical Machine Identity ID.Using the SDK directly
Please note that this authentication method will only work if you’re running your application on Azure. Please read more about this authentication method.
Using environment variables
INFISICAL_AZURE_AUTH_IDENTITY_ID
- Your Infisical Machine Identity ID.Using the SDK directly
Please note that this authentication method will only work if you’re running your application on Kubernetes. Please read more about this authentication method.
Using environment variables
INFISICAL_KUBERNETES_IDENTITY_ID
- Your Infisical Machine Identity ID.INFISICAL_KUBERNETES_SERVICE_ACCOUNT_TOKEN_PATH_ENV_NAME
- The environment variable name that contains the path to the service account token. This is optional and will default to /var/run/secrets/kubernetes.io/serviceaccount/token
.Using the SDK directly
To reduce the number of API requests, the SDK temporarily stores secrets it retrieves. By default, a secret remains cached for 5 minutes after it’s first fetched. Each time it’s fetched again, this 5-minute timer resets. You can adjust this caching duration by setting the “cacheTTL” option when creating the client.
Retrieve all secrets within the Infisical project and environment that client is connected to
Retrieve a secret from Infisical.
By default, GetSecret()
fetches and returns a shared secret.
Create a new secret in Infisical.
Update an existing secret in Infisical.
Delete a secret in Infisical.
Create a base64-encoded, 256-bit symmetric key to be used for encryption/decryption.
key
(string): A base64-encoded, 256-bit symmetric key, that can be used for encryption/decryption purposes.
Tag
(string): A base64-encoded, 128-bit authentication tag.
Iv
(string): A base64-encoded, 96-bit initialization vector.
CipherText
(string): A base64-encoded, encrypted ciphertext.
Plaintext
(string): The decrypted plaintext.