For users already using external vault services, Insomnia now supports integration with the following vault service providers:
By integration with external vaults, Insomnia will retrieve the secret values from the external vault automatically when sending requests.
AWS Secrets Manager is a service that securely stores, manages, and retrieves sensitive data.
Once integrated with AWS Secrets Manager in Insomnia, you can link environment variables to secrets stored in AWS Secrets Manager and automatically retrieve them when sending requests.
For SSO credential generated by AWS CLI, choose SSO Credential and enter your config file path, profile name and credential file path
Note: Enable Credential Cache will cache the file content in memory. If your file credential or SSO credential are expected to change, uncheck this option to ensure the latest file content is always loaded.
secret name
, secret version
and secret type
GCP Secret Manager is a service that securely stores, manages, and retrieves sensitive data.
Once integrated with GCP Secret Manager in Insomnia, you can link environment variables to secrets stored in GCP Secret Manager and automatically retrieve them when sending requests.
secret name
and secret version
.HashiCorp Vault is a service that securely stores, manages, and retrieves sensitive data.
Once integrated with HashiCorp Vault in Insomnia, you can link environment variables to secrets stored in HashiCorp Vault and automatically retrieve them when sending requests.
For HashiCorp vault server environment choose On-Premises. You can input either AppRole or Token for authentication.
When filling the information needed, we will show different config form based on the HashiCorp environment.
For cloud environment, filling the information needed: input Organization Id
, Project Id
, App Name
, Version and Secret Name
.
For vault server environment, Insomnia supports retrieving secrets from KV secret engine for version v1 & v2, so users must choose the secret engine version
then filling the information.
Azure Key Vault is a service that securely stores, manages, and retrieves sensitive data.
Once integrated with Azure Key Vault in Insomnia, you can link environment variables to secrets stored in Azure Key Vault and automatically retrieve them when sending requests.
Secret Identifier
.By default, all secrets retrieved from cloud vault services are stored in memory for 30 minutes. Insomnia will automatically fetch the secret again if the cache expires or does not exist. Users can configure the cache duration and manually reset the cache in the Cloud Credentials tab within the Preferences page.
Inso CLI allows you to use Insomnia application functionality in your terminal and CI/CD environments for automation.
If you want to run collection command with external vault integration in CI/CD pipelines, you need to expose extra environment variables for authentication purpose.
Here’s the list of environment variables needed for different cloud service providers:
INSOMNIA_AWS_TYPE = 'temporary'
INSOMNIA_AWS_ACCESSKEYID = <Access Key ID >
INSOMNIA_AWS_SECRETACCESSKEY = <Secret Access Key>
INSOMNIA_AWS_SESSIONTOKEN = <Session Token>
INSOMNIA_AWS_REGION = <AWS Resource Region>
INSOMNIA_AWS_TYPE = 'file'
INSOMNIA_AWS_SECTION = <Section Name In AWS Credential File>
INSOMNIA_AWS_FILEPATH = <AWS Credential File Path> (Optional)
INSOMNIA_AWS_ENABLECACHE = <Option To Enable File Cache> (Optional)
INSOMNIA_AWS_REGION = <AWS Resource Region>
INSOMNIA_AWS_TYPE = 'sso'
INSOMNIA_AWS_SECTION = <Profile Name In AWS Config File>
INSOMNIA_AWS_CONFIGFILEPATH = <AWS Config File Path> (Optional)
INSOMNIA_AWS_FILEPATH = <AWS Credential File Path> (Optional)
INSOMNIA_AWS_ENABLECACHE = <Option To Enable File Cache> (Optional)
INSOMNIA_AWS_REGION = <AWS Resource Region>
INSOMNIA_GCP_SERVICEACCOUNTKEYFILEPATH = <GCP Service Account Key File Path>
INSOMNIA_HASHICORP_TYPE = 'cloud'
INSOMNIA_HASHICORP_CLIENT_ID = <HCP Service Principal Client Id>
INSOMNIA_HASHICORP_CLIENT_SECRET = <HCP Service Principal Client Secret>
App Role
INSOMNIA_HASHICORP_TYPE = 'onPrem'
INSOMNIA_HASHICORP_AUTHMETHOD = 'appRole'
INSOMNIA_HASHICORP_SERVERADDRESS = <Hashicorp Vault Server Address>
INSOMNIA_HASHICORP_ROLE_ID = <Hashicorp Vault Server App Role ID>
INSOMNIA_HASHICORP_SECRET_ID = <Hashicorp Vault Server App Role Secret ID>
Token
INSOMNIA_HASHICORP_TYPE = 'onPrem'
INSOMNIA_HASHICORP_AUTHMETHOD = 'token'
INSOMNIA_HASHICORP_SERVERADDRESS = <Hashicorp Vault Server Address>
INSOMNIA_HASHICORP_ACCESS_TOKEN = <Hashicorp Vault Server Access Token>