Sharing secrets

Onboardbase makes it super easy to share secrets with teammates securely.

Continuous integration & delivery

Onboardbase can be used to share secrets with your CI/CD pipelines for continuous delivery.

In a local dev environement

You can use the Onboardbase CLI to create a device token that can be used to receive secrets from Onboardbase:

onboardbase login
onboardbase setup
onboardbase run -p my-project -e development -c "npm run dev"

Learn more about device tokens.

In a staging or production environement

A service token is created from the Onboardbase web dashboard and can be used to receive secrets from Onboardbase without having to login via web browser:

export HISTIGNORE='onboardbase*'
onboardbase setup
onboardbase config:set --token "Service.****.****.*****" --scope /usr/src/app
onboardbase run -p my-project -e development -c "npm run build"

Learn more about creating Service tokens.

One-time sharing via CLI

The disposable:share command can be used to send sensitive information:

onboardbase disposable:share -m "sensitive message" -e 30

The information is not stored locally and encrypted in transit, so you won't have to worry about leaks. The link also expires after the amount of minutes specified in the -e parameter.

You can also share entire files:

onboardbase disposable:share -f relative_path/filename.ext -e 30

You can then share the expiring link with teammates to protect your secrets:

One-time sharing via web dashboard

If the receiver doesn't have an Onboardbase account or if you prefer a graphical interface, just go to https://app.onboardbase.com/new, add your secrets, select an expiration time, and simply share the link:

You don't even need an account so it's a neat tool to use with teammates:

Once the receiver opens the link, they will be able to copy / paste secrets for immediate use: