Skip to Content
DocumentationVault Management

AppSpacer Vault

We are proud to introduce AppSpacer Vault: a world-class, centralized security suite designed to handle your environment variables with uncompromising security and elegance.

Built for modern engineering teams, the Vault replaces messy, shared .env files with a versioned, military-grade encrypted store. By ensuring your secrets never sit unencrypted on local machines or leak into Git, AppSpacer Vault provides the rock-solid foundation your app needs to scale securely.

Why AppSpacer Vault?

Think of the Vault not just as a secret store, but as a productivity and security engine for your entire development lifecycle.

  • Uncompromising Security: Every secret is shielded with AES-256-GCM encryption before it ever leaves your machine. Your data is your own.
  • Total Accountability: Detailed Audit Logs give you a crystal-clear history of who changed what, building deep trust within your team.
  • Developer Bliss: Automatic .gitignore integration and smart CLI diffing mean you spend less time wrestling with config and more time shipping features.

CLI Reference

The following commands are available under the appspacer vault namespace.

appspacer vault init

Connect your local project to an AppSpacer Vault.

appspacer vault init
  • Interactive: Prompts you to pick a Project and Environment (e.g., Production).
  • Configuration: Creates a .vault.json in your root directory to track the link.
  • Security: Ensures .env is added to your .gitignore.

appspacer vault pull

Sync your local .env with the remote vault.

appspacer vault pull

[!NOTE] If a local .env file already exists, the CLI will ask for confirmation before overwriting it to prevent accidental work loss.

appspacer vault push

Upload your local .env keys and values to the remote vault.

appspacer vault push
  • Smart Diffing: The CLI compares plaintext values and only generates audit logs for variables that actually changed.
  • Bulk Import: Ideal for initially migrating an existing .env file to AppSpacer.

appspacer vault rollback

Undo the most recent change in the vault.

appspacer vault rollback

Reverts the environment state to exactly what it was before the last push, set, or delete action. Each rollback is itself logged, so you can even undo a rollback.

appspacer vault audit

View the change history for the current environment.

appspacer vault audit

Lists recent actions, including the user, timestamp, and a summary of what changed.

appspacer vault env list

List all environments in the current project and highlight the one you’re synced to.

appspacer vault env list

The active environment is marked with a green , while other environments display an .

appspacer vault env use

Switch the active environment and automatically pull the new secrets into your local .env.

appspacer vault env use <env_name>

Example:

appspacer vault env use production

[!TIP] This is the fastest way to change environments. It updates .vault.json and runs a pull in one step, so there’s no need to run appspacer vault pull separately.

appspacer vault secrets ls

List all remote secrets in the current environment with their values masked.

appspacer vault secrets ls

appspacer vault secrets set

Update or add a single variable without touching a file.

appspacer vault secrets set API_KEY=sk_test_51...

Best Practices

.gitignore and .vault.json

Always commit .vault.json to your repository. It contains the metadata (Project ID and Environment Name) needed for other developers to run appspacer vault pull. Never commit .env.

Environment Names

We recommend using standard environment names like Development, Staging, and Production. You can create as many as you need in the AppSpacer Dashboard.

CI/CD Integration

To use the vault in your CI/CD pipelines:

  1. Set VAULT_ENCRYPTION_KEY as a secret in your CI (GitHub Actions, GitLab, etc.).
  2. Run appspacer login -t pat_xxx using a service token.
  3. Run appspacer vault pull to generate the .env file before your build step.

Using the Dashboard

While the CLI is great for syncing, the AppSpacer Dashboard provides additional powerful features:

  1. Audit Visualizer: In the Audit Logs tab, click Reveal Values to see an encrypted side-by-side comparison of what changed in any historical log entry.
  2. Environment Management: Create new environments and clone variables between them.
  3. Access Control: Control which team members can see or edit secrets for specific environments.
Last updated on
CLI ReferenceReact Native