docs/documentation/platform/secrets-mgmt/quick-starts/deliver-first-secret.mdx
This quickstart walks you through the core secrets management workflow. You'll create a project, add a secret to an environment, and inject it into an application with the Infisical CLI, replacing your .env file.
1. Log in to [Infisical](https://app.infisical.com)
2. Click **Create Project** and give it a name (e.g., `orders-service`)
Every new project starts with three environments: **Development**, **Staging**, and **Production**.
<Tip>
Migrating an existing app? Drag and drop your `.env` file onto the dashboard to import all of its secrets at once.
</Tip>
```bash
infisical login
```
Your browser opens to complete the login.
<Note>
In a containerized environment such as WSL 2 or Codespaces, run `infisical login -i` to avoid browser-based login.
</Note>
```bash
infisical init
```
This writes a `.infisical.json` file with [local project settings](/cli/project-config). It contains no secrets and is safe to commit.
```bash
# e.g., npm run dev, flask run, go run main.go
infisical run --env=dev -- <your start command>
```
Your application reads `DB_PASSWORD` from its environment like any other variable. No `.env` file needed.