Skip to main content
Use the Enkryptify CLI without interactive login by providing an API token. This is ideal for headless environments like CI/CD, containers or remote servers.
No ek login required when using an API token.
We recommend using the CLI using ek login instead of an API token. But if your environment does not support a browser, you can use an API token. Please make sure that your environment is secure and that the token is not exposed to the public.

Generate an API token

  1. Go to your project in the Enkryptify dashboard.
  2. Open the Tokens section and create a new token.
  3. Copy the token and store it securely.

Provide the token to the CLI

You can provide the token either by exporting it once in your shell session or inline per command. The CLI reads the token from the ENKRYPTIFY_TOKEN environment variable.
  • Export once
  • Per command
# macOS/Linux (bash/zsh)
export ENKRYPTIFY_TOKEN="<your_api_token>"

# Optional: persist for all new shells
# echo 'export ENKRYPTIFY_TOKEN="<your_api_token>"' >> ~/.zshrc && source ~/.zshrc

# Configure once (no input needed)
ek setup

# Run commands with secrets
ek run -- npm run start

Use in Docker

Install the CLI during build and pass the token securely at runtime.
  • Dockerfile
  • Runtime (docker run)
  • docker-compose.yml
FROM node:20-alpine AS base

# Install Enkryptify CLI
RUN apk add --no-cache curl \
 && curl -fsSL https://raw.githubusercontent.com/Enkryptify/cli/refs/heads/main/install.sh | sh \
 && mv /root/.local/bin/ek /usr/local/bin/ek

WORKDIR /app
COPY package.json package-lock.json ./
RUN npm ci --only=production
COPY . .

CMD ["sh", "-lc", "ek setup && ek run -- node server.js"]
I