docs/internals/architecture/components.mdx
Infisical is architected around several key components that work in concert to provide a secure and streamlined secret management experience. These components span the client, API, and storage layers, ensuring that secrets are protected at every stage of their lifecycle.
Infisical exposes a well-documented REST API that enables programmatic interaction with the platform, enabling a wide range of use cases.
Infisical relies on a robust storage backend to durably store secrets, users, and other platform data. Infisical's storage backend is PostgreSQL.
Infisical uses Redis to enable more complex workflows including a queuing system to manage long-running asynchronous tasks, cron jobs, as well as reliable cache for frequently used resources.
Clients are interfaces through which users and applications interact with the Infisical API:
Web UI: A browser-based portal providing a user-friendly interface for managing secrets, configurations, and performing administrative tasks.
CLI: A terminal-based tool for interacting with the Infisical API, enabling automation, scripting, and integration into CI/CD pipelines.
SDKs (Software Development Kits): Platform-specific libraries with method abstractions for working with secrets. Supported languages include Node.js, Python, Java, Golang, Ruby and .NET.
Kubernetes Operator: A Kubernetes-native component that facilitates the secure retrieval and management of secrets within a Kubernetes cluster. The operator supports multiple custom resource definitions (CRDs) for syncing secrets.
Infisical Agent: Daemon that automatically fetches and manages access tokens and secrets to be used in various client resources.