Changelog

The changelog below reflects new product developments and updates on a monthly basis.

​

July 2025

• Improved speed performance of audit log filtering.
• Revamped password reset flow pages.
• Added support for Bitbucket for Secret Scanning.
• Released Secret Sync for Zabbix.

​

June 2025

• Released Secret Sync for 1Password, Heroku, Fly.io, and Render.
• Added support for Kubernetes dynamic secrets to generate service account tokens
• Released Secret Rotation for MySQL and OracleDB as well as Dynamic Secrets for Vertica and GitHub App Tokens.
• Added support for Azure Auth in ESO.
• Kubernetes auth now supports gateway as a token reviewer.
• Revamped Infisical CLI to auto-open login link.
• Rolled out Infisical Packer integration.
• Released AliCloud Authentication method.
• Added support for multi-step approval workflows.
• Revamped UI for Access Controls, Access Tree, Policies, and Approval Workflows.
• Released TLS Certificate Authentication method.
• Added ability to copy session tokens in the Infisical Dashboard.
• Expanded resource support for Infisical Terraform Provider.

​

May 2025

• Added support for Microsoft Teams integration.
• Released Infisical Gateway for accessing private network resources from Infisical.
• Added support for Host Groups in Infisical SSH.
• Updated the designs of all emails send by Infisical.
• Added secret rotation support for Azure Client.
• Released secret sync for HashiCorp Vault.
• Made significant improvements to Infisical Secret Scanning.
• Released Infisical ACME Client.
• Access requests now support “break-glass” policies.
• Updated Point-in-time Recovery UI/UX.
• Redesigned Approval Workflows and Change Requests user interface.

​

April 2025

• Released ability to request access to projects.
• Updated UI for Audit Logs and Log Filtering.
• Launched Infisical SSH V2.
• Developer Infisical MCP.
• Added support for Spotify Backstage Infisical plugin.
• Added secret syncs for Terraform Cloud, Vercel, Windmill, TeamCity, and Camunda.
• Released Auth0 Client Secret Rotation.
• Launched Infisical C++ SDK.
• Service tokens will now get expiry notifications.
• Added Infisical Linux binary.
• Released ability to perform user impersonation.
• Added support for LDAP password rotation.

​

March 2025

• Released Infisical Gateway for secure access to private resources without needing direct inbound connections to private networks.
• Enhanced Terraform capabilities with token authentication, ability to import existing Infisical secrets as resources, and support for project templates.
• Self-hosted improvements: Usage and billing visibility for enabled features, ability to delete users, and support for multiple super admins.
• UI and UX updates: Improved secret import interface on the overview page, password reset without backup PDF.
• CLI enhancements: Various improvements including multiline secret support and ability to pass headers.
• Kubernetes operator updates: Auto-reloading for DaemonSets and StatefulSets (previously only Deployments), added support for ConfigMaps.
• Implemented powerful Access Control updates including “Grant Privileges” feature for designating specific users for policy management, Access Tree visualization for simulating permissions, and ability to restrict scope of secret sharing within organizations.
• Released new Secret Requests feature under Secret Share, added support for reminders with webhook triggers and implementing password policies for dynamic secrets.
• Enhanced secret version history to show who made changes.
• New integrations and syncs: Crossplane provider, Humanitec secret sync, Airflow system integration
• Performed significant performance optimizations including a 50% reduction in database usage and optimized client secret handling for universal auth.
• Enhanced security features with ability to add custom instance banners (useful for regulated industries), short-lived tokens for Kubernetes auth, and OIDC claim passing from machine identity login to permissions.
• Golang SDK: New API added for enhanced functionality
• Added capability to programmatically configure an Infisical instance from start to finish without UI interaction.

​

February 2025

• Released KMIP integration with PKI structure, auth model integration with machine identities, complete set of client operations, and client certificate authentication flow.
• Added new AWS App Connection and Secret Sync functionality for enhanced AWS integration.
• Released new Azure Key Vault App Connection and Secret Sync, plus Terraform provider support.
• Introduced more comprehensive logging with detailed records for secret sharing and metadata in audit logs.
• Introduced new permission types: “View Value” vs “Describe Value” for more granular access control over secrets.
• Updated encryption logic with unified approach for all platform data, ensuring consistency across the system.
• Added support for OIDC group mapping to automatically map groups to Infisical for role-based access control.
• Added Terraform Cloud support for OIDC.

​

January 2025

• Released new integration architecture with decoupled authentication, replacing native integrations with App Connections and Secret Syncs. Initial support for AWS Parameter Store, GitHub, and GCP Secret Manager with improved API and Terraform integration capabilities.
• Added support for OIDC group mapping in Keycloak, enabling automatic mapping of Keycloak groups to Infisical for role-based access control.
• Enhanced Kubernetes operator with namespaced group support, bi-directional secret sync (push to Infisical), dynamic secrets capabilities, and support for multiple operator instances.
• Restructured navigation with dedicated sections for Secrets Management, Certificate Management (PKI), Key Management (KMS), and SSH Key Management.
• Added ephemeral Terraform resource support and improved secret sync architecture.
• Released .NET provider with first-party Azure authentication support and Azure CLI integration.
• Implemented secret Access Visibility allowing users to view all entities with access to specific secrets in the secret side panel.
• Added secret filtering by metadata and SSH assigned certificates (Version 1).

​

December 2024

• Added GCP KMS integration support.
• Added support for K8s CSI integration and ability to point K8s operator to specific secret versions.
• Fixed Java SDK compatibility issues with Alpine Linux.
• Fixed SCIM group role assignment issues.
• Added Group View Page for improved team management.
• Added instance URL to email verification for Infisical accounts.
• Added ability to copy full path of nested folders.
• Added custom templating support for K8s operator, allowing flexible secret key mapping and additional fields.
• Optimized secrets versions table performance.

​

November 2024

• Improved EnvKey migration functionality with support for Blocks, Inheritance, and Branches.
• Added Hardware Security Module (HSM) Encryption support.
• Updated permissions handling in Infisical Terraform Provider to use lists instead of sets.
• Enhanced SCIM implementation to remove SAML dependency.
• Enhanced OIDC Authentication implementation and added Default Org Slug support.
• Added support for multiple authentication methods per identity.
• Added AWS Parameter Store integration sync improvements.
• Added new screen and API for managing additional privileges.
• Added Dynamic Secrets support for SQL Server.

​

October 2024

• Significantly improved performance of audit log operations in UI.
• Released Databricks integration.
• Added ability to enforce 2FA organization-wide.
• Added multiple resource to the Infisical Terraform Provider, including AWS and GCP integrations.
• Released Infisical KMS.
• Added support for LDAP dynamic secrets.
• Enabled changing auth methods for machine identities in the UI.
• Launched Infisical EU Cloud.

​

September 2024

• Improved paginations for identities and secrets.
• Significant improvements to the Infisical Terraform Provider.
• Created Slack Integration for Access Requests and Approval Workflows.
• Added Dynamic Secrets for Elaticsearch and MongoDB.
• More authentication methods are now supported by Infisical SDKs and Agent.
• Integrations now have dedicated audit logs and an overview screen.
• Added support for secret referencing in the Terraform Provider.
• Released support for older versions of .NET via SDK.
• Released Infisical PKI Issuer which works alongside cert-manager to manage certificates in Kubernetes.

​

August 2024

• Added Azure DevOps integration.
• Released ability to hot-reload variables in CLI (—watch flag).
• Added Dynamic Secrets for Redis.
• Added Alerting for Certificate Management.
• You can now specify roles and project memberships when adding new users.
• Approval workflows now have email notifications.
• Access requests are now integrated with User Groups.
• Released ability to use IAM Roles for AWS Integrations.

​

July 2024

• Released the official Ruby SDK.
• Increased the speed and efficiency of secret operations.
• Released AWS KMS wrapping (bring your own key).
• Users can now log in to CLI via SSO in non-browser environments.
• Released Slack Webhooks.
• Added Dynamic Secrets with MS SQL.
• Redesigned and simplified the Machine Identities page.
• Added the ability to move secrets/folders to another location.
• Added OIDC support to CLI, Go SDK, and more.
• Released Linux installer for Infisical.

​

June 2024

• Released Infisical PKI.
• Released the official Go SDK.
• Released OIDC Authentication method.
• Allowed users to configure log retention periods on self-hosted instances.
• Added tags to terraform provider.
• Released public secret sharing.
• Built a native integration with Rundeck.
• Added list view for projects in the dashboard.
• Fixed offline coding mode in CLI.
• Users are now able to leave a particular project themselves.

​

May 2024

• Released AWS, GCP, Azure, and Kubernetes Native Auth Methods.
• Added Secret Sharing functionality for sharing sensitive data through encrypted links – within and outside of an organization.
• Updated Secret Referencing to be supported in all Infisical clients. Infisical UI is now able to provide automatic reference suggestions when typing.
• Released new Infisical Jenkins Plugin.
• Added statuses and manual sync option to integrations in the Dashboard UI.
• Released universal Audit Log Streaming.
• Added Dynamic Secret template for AWS IAM.
• Added support for syncing tags and custom KMS keys to AWS Secrets Manager and Parameter Store Integrations.
• Officially released Infisical on AWS Marketplace.

​

April 2024

• Added Access Requests as part of self-serve secrets management workflows.
• Added Temporary Access Provisioning for roles and additional privileges.

​

March 2024

• Released support for Dynamic Secrets.
• Released the concept of Additional Privileges on top of user/machine roles.

​

Feb 2024

• Added org-scoped authentication enforcement for SAML
• Added support for SCIM along with instructions for setting it up with Okta, Azure, and JumpCloud.
• Pushed out project update for non-E2EE w/ new endpoints like for project creation and member invitation.
• Added API Integration testing for new backend.
• Added capability to create projects in Terraform.
• Added slug-based capabilities to both organizations and projects to gradually make the API more developer-friendly moving forward.
• Fixed + improved various analytics/telemetry-related items.
• Fixed various issues associated with the Python SDK: build during installation on Mac OS, Rust dependency.
• Updated self-hosting documentation to reflect new backend.
• Released Postgres-based Infisical helm chart.
• Added checks to ensure that breaking API changes don’t get released.
• Automated API reference documentation to be inline with latest releases of Infisical.

​

Jan 2024

• Completed Postgres migration initiative with restructed Fastify-based backend.
• Reduced size of Infisical Node.js SDK by ≈90%.
• Added secret fallback support to all SDK’s.
• Added Machine Identity support to Terraform Provider.
• Released .NET SDK.
• Added symmetric encryption support to all SDK’s.
• Fixed secret reminders bug, where reminders were not being updated correctly.

​

Dec 2023

• Released (machine) identities and universal auth features.
• Created new cross-language SDKs for Python, Node, and Java.
• Released first version of the Infisical Agent
• Added ability to manage folders via CLI.

​

Nov 2023

• Replaced internal Winston with Pino logging library with external logging to AWS CloudWatch
• Added admin panel to self-hosting experience.
• Released secret rotation feature with preliminary support for rotating SendGrid, PostgreSQL/CockroachDB, and MySQL/MariaDB credentials.
• Released secret reminders feature.

​

Oct 2023

• Added support for GitLab SSO.
• Became SOC 2 (Type II) certified.
• Reduced required JWT configuration from 5-6 secrets to 1 secret for self-hosting Infisical.
• Compacted Infisical into 1 Docker image.
• Added native Hasura Cloud integration.
• Updated resource deletion logic for user, organization, and project deletion.

​

Sep 2023

• Released secret approvals feature.
• Released an update to access controls; every user role now clearly defines and enforces a certain set of conditions across Infisical.
• Updated UI/UX for integrations.
• Added a native integration with Qovery.
• Added service token generation capability for the CLI.

​

Aug 2023

• Release Audit Logs V2.
• Add support for GitHub SSO.
• Enable users to opt in for multiple authentication methods.
• Improved password requirements including check against Have I Been Pwnd Password API.
• Added native GCP Secret Manager integration

​

July 2023

• Released secret referencing and importing across folders and environments.
• Redesigned the project/organization experience.
• Updated the secrets overview page; users are now able to edit secrets directly from it.
• Added native Laravel Forge integration.
• Added native Codefresh integration.
• Added native Bitbucket integration.
• Added native DigitalOcean App Platform integration.
• Added native Cloud66 integration.
• Added native Terraform Cloud integration.
• Added native Northflank integration.
• Added native Windmill integration.
• Added support for Google SSO
• Added support for Okta, Azure AD, and JumpCloud SAML authentication.
• Released folders / path-based secret storage.
• Released webhooks.

​

June 2023

• Released the Terraform Provider.
• Updated the usage and billing page. Added the free trial for the professional tier.
• Added native integrations with Checkly, Hashicorp Vault, and Cloudflare Pages.
• Completed a penetration test with a very good result.
• Added support for multi-line secrets.

​

May 2023

• Released secret scanning capability for the CLI.
• Released customer / license service to manage customer billing information, cloud plans, and self-hosted enterprise licenses; all instances of Infisicals now fetch/relay information from this service.
• Completed penetration test.
• Released new landing page.
• Started SOC 2 (Type II) compliance certification preparation.
• Released new deployment options for Fly.io, Digital Ocean and Render.

​

April 2023

• Upgraded secret-handling to include blind-indexing (can be thought of as a fingerprint).
• Added Node SDK support for working with individual secrets.
• Released preliminary Python SDK.
• Released service accounts, a client type capable of accessing multiple projects.
• Added native Supabase integration.
• Added native Railway integration.
• Improved dashboard speed / performance.
• Released the Secrets Overview page for users to view and identify missing environment secrets within one dashboard.
• Updated documentation to include quickstarts and guides; also updated README.md.

​

March 2023

• Added support for global configs to the Kubernetes operator.
• Added support for self-hosted deployments to operate without any attached email service / SMTP configuration.
• Added native Azure Key Vault integration.
• Released one-click AWS EC2 deployment method.
• Released preliminary Node SDK.

​

Feb 2023

• Upgraded private key encryption/decryption mechanism to use Argon2id and 256-bit protected keys.
• Added preliminary email-based 2FA capability.
• Added suspicious login alerting if user logs in via new device or IP address.
• Added documentation for PM2 integration.
• Added secret backups support for the CLI; it now fetches and caches secrets locally to be used in the event of future failed fetch.
• Added support for comparing secret values across environments on each secret.
• Added native AWS Parameter Store integration.
• Added native AWS Secrets Manager integration.
• Added native GitLab integration.
• Added native CircleCI integration.
• Added native Travis CI integration.
• Added secret tagging capability for enhanced organizational structure/grouping.
• Released new dashboard design allowing more actions to be performed within the dashboard itself.
• Added capability to generate .env.example file.

​

Jan 2023

• Added preliminary audit logging capability covering CRUD secret operations.
• Added secret overriding capability for team members to have their own branch of a secret.
• Added secret versioning capability.
• Added secret snapshot and point-in-time recovery capabilities to track and roll back the full state of a project.
• Added native Vercel integration.
• Added native Netlify integration.
• Added native GitHub Actions integration.
• Added custom environment names.
• Added auto-redeployment capability to the Kubernetes operator.
• (Service Token 2.0) Shortened the length of service tokens.
• Added a public-facing API.
• Added preliminary access control capability for users to be provisioned read/write access to environments.
• Performed various web UI optimizations.

​

Nov 2022

• Infisical is open sourced.
• Added Infisical CLI support for Docker and Docker Compose.
• Rewrote the Infisical CLI in Golang to be platform-agnostic.
• Rewrote the documentation.

​

Oct 2022

• Added support for organizations; projects now belong to organizations.
• Improved speed / performance of dashboard by 25x.
• Added capability to change account password in settings.
• Added persistence for logging into the organization and project that users left from in their previous session.
• Added password recovery emergency kit with automatic download enforcement upon account creation.
• Added capability to copy-to-clipboard capabilities.
• Released first native integration between Infisical and Heroku; environment variables can now be sent and kept in sync with Heroku.

​

Sep 2022

• Added capability to change user roles in projects.
• Added capability to delete projects.
• Added Stripe.
• Added default environments (development, staging, production) for new users with example key-pairs.
• Added loading indicators.
• Moved from push/pull mode of secret operation to automatically pulling and injecting secrets into processes upon startup.
• Added drag-and-drop capability for adding new .env files.
• Improved security measures against common attacks (e.g. XSS, clickjacking, etc.).
• Added support for personal secrets (later modified to be secret overrides in Jan 2023).
• Improved account password validation and enforce minimum requirements.
• Added sorting capability to sort keys by name alphabetically in dashboard.
• Added downloading secrets back as .env file capability.

​

Aug 2022

• Released first version of the Infisical platform with push/pull capability and end-to-end encryption.
• Improved security handling of authentication tokens by storing refresh tokens in HttpOnly cookies.
• Added hiding key values on client-side.
• Added search bar to dashboard to query for keys on client-side.
• Added capability to rename a project.
• Added user roles for projects.
• Added incident contacts.