NetBox Secrets is a NetBox plugin for securely storing and managing secrets (passwords, API keys, tokens, certificates, etc.) with end-to-end encryption. Secrets are encrypted at rest and can be assigned to any supported NetBox object.
- Public-key (RSA) based master key distribution
- AES-256 encryption for secret values
- Session-key workflow for encryption/decryption
- Flexible secret assignment to NetBox objects
- Secret roles for organization and access control
- REST API + GraphQL integration
| NetBox Version | Plugin Version |
|---|---|
| 3.3.x | 1.4.x - 1.5.x |
| 3.4.x | 1.6.x - 1.7.x |
| 3.5.x | 1.8.x |
| 3.6.x | 1.9.x |
| 3.7.x | 1.10.x |
| 4.0.x | 2.0.x |
| 4.1.x | 2.1.x |
| 4.2.x | 2.2.x |
| 4.3.x | 2.3.x |
| 4.4.x | 2.4.x |
| 4.5.x | 3.0.x |
- Setup (installation + configuration): docs/installation.md
- Then create your first User Key in the UI
- Setup: docs/installation.md
- Usage: docs/usage.md
- API: docs/api.md
- Cryptography: docs/cryptography.md
- Permissions: docs/permissions.md
- Troubleshooting: docs/troubleshooting.md
- Release notes are maintained in GitHub for each version.
- Legacy API endpoints supported until NetBox v4.6: docs/api.md
Legacy guidance for netbox-secretstore migrations is available here: docs/legacy-migration.md
- Issues and feature requests: open a ticket in your internal tracker or this repository's issue tracker.
- Security concerns: see
SECURITY.md.
See LICENSE.md.