Use the Enkryptify CLI without interactive login by providing an API token. This is ideal for headless environments like CI/CD, containers or remote servers.
No ek login required when using an API token.
We recommend using the CLI using ek login instead of an API token. But if your environment does not support a browser, you can use an API token. Please make sure that your environment is secure and that the token is not exposed to the public.
Generate an API token
- Go to your project in the Enkryptify dashboard.
- Open the Tokens section and create a new token.
- Copy the token and store it securely.
Provide the token to the CLI
You can provide the token either by exporting it once in your shell session or inline per command. The CLI reads the token from the ENKRYPTIFY_TOKEN environment variable.
# macOS/Linux (bash/zsh)
export ENKRYPTIFY_TOKEN="<your_api_token>"
# Optional: persist for all new shells
# echo 'export ENKRYPTIFY_TOKEN="<your_api_token>"' >> ~/.zshrc && source ~/.zshrc
# Configure once (no input needed)
ek setup
# Run commands with secrets
ek run -- npm run start
Use in Docker
Install the CLI during build and pass the token securely at runtime.
Dockerfile
Runtime (docker run)
docker-compose.yml
FROM node:20-alpine AS base
# Install Enkryptify CLI
RUN apk add --no-cache curl \
&& curl -fsSL https://raw.githubusercontent.com/Enkryptify/cli/refs/heads/main/install.sh | sh \
&& mv /root/.local/bin/ek /usr/local/bin/ek
WORKDIR /app
COPY package.json package-lock.json ./
RUN npm ci --only=production
COPY . .
CMD ["sh", "-lc", "ek setup && ek run -- node server.js"]
