Start with the Desktop app
On macOS, the desktop app is the default Ghostable client for day-to-day work.
Shared Platform, Multiple Clients
Ghostable is a secure, collaborative platform for managing environment variables across projects, teams, and deployment pipelines. It supports the full lifecycle of secret management:- organizing work by organization, project, and environment,
- encrypting secret data before it leaves a trusted client,
- validating changes before they are pushed or deployed,
- auditing history and access activity,
- issuing automation credentials for CI and deployment runners.
- Desktop for native macOS workflows.
- CLI for terminal, CI, and scripted automation.
- Web for account, billing, and administrative surfaces.
What Teams Get
- Shared environment state without checking plaintext
.envfiles into Git. - Versioning and history for variables and environments.
- Fine-grained access control around who can read or manage a project or environment.
- Automation support through deploy tokens and auditable deployment flows.
- Local-first encryption so trusted clients handle secrets, not the Ghostable service.
Zero-Knowledge at a Glance
Ghostable stores encrypted payloads plus the metadata needed for versioning, auditability, and policy enforcement. Plaintext values and private keys stay on trusted clients. For people, that means linked devices. For automation, that means deploy tokens. Both are grounded in the same shared environment model.Where to Go Next
Understand the security model
See how devices, deploy tokens, and zero-knowledge delivery fit together.
Use the Desktop app
Follow the macOS-first onboarding and daily-work guides.
Use the CLI
Install the CLI for automation, scripts, and non-macOS workflows.