dev@laptop:~/project$ keys use stripe-prod
Credentials injected. All clear.

Stop juggling API keys.
One keychain, every tool.

Keychains securely stores, rotates, and injects API credentials into any CLI command — so you can stop copy-pasting secrets and start shipping.

Join the waitlist

Early access opens soon. No spam, ever.

Everything you hate about API key management. Fixed.

Inject credentials, not chaos

Run keys use stripe-prod and every subsequent curl, aws, or custom CLI call gets the right key — automatically. No more digging through a dozen .env files.

Before Export vars, paste keys, remember which shell has which context.
After One command. Right key. Every time.

Built for the terminal. Lives in your workflow.

CLI-first, zero GUI required. Shell hooks mean credentials are always in scope. Works with any tool that reads environment variables.

  • Works with curl, aws, gh, stripe, and any other CLI
  • Plays nicely with direnv and .env files
  • No manual exporting, ever

Secrets that rotate themselves

Keychains tracks expiry dates, warns you before credentials go stale, and can trigger rotation scripts on your behalf. No more 2 AM lockouts.

  • Expiry alerts before you get locked out
  • Rotation hooks for AWS IAM, GitHub tokens, and more
  • Audit log of which key was used, when, and by what command
terminal
$ keys add stripe-prod
Enter API key: ••••••••••••••••
stripe-prod saved (expires in 89 days)
 
$ keys use stripe-prod
Credentials injected into current shell
 
$ curl https://api.stripe.com/v1/charges
# Works. No copy-paste. No exported vars. Just works.

Get early access

We're opening Keychains to a small group of CLI power users first. Drop your email and we'll let you know the moment it's ready.

No spam. Unsubscribe anytime. We'll only reach out when early access opens.

1,200+ developers already on the waitlist