SikkerKey allows you to manage application secrets across every machine in your stack using secure, machine-authenticated requests instead of bearer tokens. Instead of distributing replayable scoped tokens, SikkerKey verifies machine identity with asymmetric cryptographic proof, giving teams a stronger security primitive without the usual complexity. Run a single bootstrap command, approve the machine in the dashboard, and it’s ready to securely request the secrets it needs.

ElevenAgents by ElevenLabs — Scale conversations without scaling your team

Scale conversations without scaling your team

Hey Product Hunt!

We’re excited to share SikkerKey: a new approach to secrets management.

Instead of storing and passing around reusable secrets, SikkerKey uses signed requests with asymmetric Ed25519 signatures. SikkerKey holds the public key, while your machines hold the private key used to sign each request.

That means a request cannot be replayed, reused, or treated like a long-lived credential. It exists only for the duration of that request.

Although that may sound technical, the setup is designed to be simple. On Linux or macOS, bootstrap a machine with a curl | sh command. On Windows, use irm | iex. Your machine then appears in the SikkerKey dashboard awaiting approval. From there, you approve the machine, create a project, add your secrets, grant the machine access, and use the CLI or one of the SDKs, and you’re ready to go.

SikkerKey gives teams a practical way to reduce reliance on long-lived secrets without adding a complicated workflow.