A key management server that just works.
Self-hosted key management solutions require admin effort and special attention to security because they are higher value targets than application servers. Selective Share is a hosted solution. These issues are not your problem anymore.
Secrets can only be viewed on your machines. No exception.
Selective Share implements client-side encryption using the standard GPG that comes with your OS. No browser based crypto. No custom implementations. No libraries written in the latest hot language. Just battle tested GPG.
We use public key encryption with each user using their own keys. Keys are never shared. Secrets never leave your machines in clear text. We can’t decrypt your secrets even if we wanted to. You determine who sees your secrets regardless of what happens to our servers.
Distribute configuration parameters safely and easily.
Just like Git ensures everybody has the latest code, Selective Share ensures everybody has the latest secrets and configuration parameters. Secrets don’t belong in the code and neither in the chat rooms.
Evolve your workflow without restrictions.
The number of environments are unlimited and they don’t have prescribed names. Add and remove them as your project demands.
Store secrets in their natural format.
Secrets take on many forms. Key/value pairs or files. Text or binary. Large or small. Individual or combined. Store it however makes your life the easiest. There are no hard limits on secret sizes or requirements for specific formats.
Retain you secrets history.
You take the advantages of version control for code for granted, why would secrets and configuration settings be different? There are many reasons why you would need to retrieve old versions: roll back a failed deployment, recover access to a third party service, perform zero downtime key rotation, do security and forensic audits. Whatever your reason, the history is available.
Scriptable secret deployment.
Secret distribution is managed with the command line client. It is designed to be scriptable and automated.
Tighten security with role based access control.
Not everybody should have access to everything. Role based access control is available when your team gets too large.
Fast security investigations.
Comprehensive logging and reporting turns audit reports into a tool instead of a burden.
Designed for privacy.
Selective Share is designed for privacy. Though doing business will always require some minimum amount of identifying information, we are not using trackers or selling your data. Your secrets, the most important data, remain inaccessible to us because you control the decryption key.
Easily switch to another key management service.
We want to do business on friendly terms. If Selective Share does not provide the value you want it is easy to move somewhere else. There are no hoops to jump through to get hold of your data. All the secrets can be exported and decrypted from the command line into standard file formats for easy import into another provider.