# jhaals/yopass **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/jhaals-yopass).** 2,581 stars · 378 forks · TypeScript · apache-2.0 ## Links - GitHub: https://github.com/jhaals/yopass - Homepage: https://yopass.se - awesome-repositories: https://awesome-repositories.com/repository/jhaals-yopass.md ## Topics `encryption-decryption` `hacktoberfest` `password-sharing` `sharing-secrets` ## Description Yopass is a secure secret sharing platform used to share encrypted text and files via one-time expiring links. It utilizes client-side encryption to ensure that sensitive data is encrypted in the browser before transmission, preventing the server from seeing plain text. The platform differentiates itself through an integrated security auditing system that generates structured logs and triggers cryptographically signed webhooks when secrets are created, viewed, or expired. It also features an access control system based on OpenID Connect, allowing administrators to restrict secret creation and application access to specific authenticated users and email domains. The system covers a broad range of capabilities, including programmatic secret management via a REST API, pluggable blob storage for encrypted files, and observability tools for exporting performance metrics. It also provides automated notification systems for secret read receipts and access alerts. The application supports visual customization of branding and themes. ## Tags ### Security & Cryptography - [Client-Side Encryption](https://awesome-repositories.com/f/security-cryptography/client-side-encryption.md) — Encrypts sensitive data in the browser before transmission to ensure the server never sees plain text. - [Encrypted File Sharing](https://awesome-repositories.com/f/security-cryptography/message-encryption/encrypted-file-sharing.md) — Enables secure sharing of encrypted files via temporary, randomly generated links. ([source](https://cdn.jsdelivr.net/gh/jhaals/yopass@master/README.md)) - [Secure Secret Sharing](https://awesome-repositories.com/f/security-cryptography/secure-secret-sharing.md) — Provides a secure platform for sharing encrypted text and files via one-time expiring links. - [Email Domain Restrictions](https://awesome-repositories.com/f/security-cryptography/access-restrictions/email-domain-restrictions.md) — Filters application access based on email domain patterns via OIDC integration. ([source](https://yopass.se/docs)) - [OIDC & Basic Auth Access Control](https://awesome-repositories.com/f/security-cryptography/domain-access-restrictions/request-access-restrictions/password-access-restrictions/oidc-basic-auth-access-control.md) — Enforces identity-based access restrictions for secret creation using OpenID Connect authentication. - [Encrypted Cloud Storage](https://awesome-repositories.com/f/security-cryptography/encrypted-cloud-storage.md) — Manages the storage of sensitive files as encrypted blobs in cloud or local backends with automatic expiration. - [Encrypted Secret Sharing](https://awesome-repositories.com/f/security-cryptography/end-to-end-encryption/encrypted-secret-sharing.md) — Provides secure distribution of credentials and encrypted text through browser-side encryption and one-time links. ([source](https://yopass.se/docs/intro)) - [Identity Authentication](https://awesome-repositories.com/f/security-cryptography/identity-authentication.md) — Requires authentication through a single sign-on provider to permit secret sharing. ([source](https://yopass.se/)) - [User Identity Verification](https://awesome-repositories.com/f/security-cryptography/identity-authentication/user-identity-verification.md) — Verifies user identities via external providers before granting access to application functions. ([source](https://yopass.se/docs/openid-connect)) - [OIDC Identity Integrations](https://awesome-repositories.com/f/security-cryptography/oidc-identity-integrations.md) — Manages user authentication and access control through an external OpenID Connect provider. ([source](https://yopass.se/docs/intro)) - [OpenID Connect Support](https://awesome-repositories.com/f/security-cryptography/openid-connect-support.md) — Implements the OpenID Connect protocol for user authentication and domain-based access control. - [Storage Encryption](https://awesome-repositories.com/f/security-cryptography/storage-encryption.md) — Saves sensitive files as encrypted blobs at rest on local disks or object storage to ensure data privacy. ([source](https://yopass.se/docs/file-storage)) - [Access Request Management](https://awesome-repositories.com/f/security-cryptography/access-request-management.md) — Provides interfaces for tracking pending access requests and revoking active sharing links. ([source](https://yopass.se/docs/secret-requests)) - [Structured JSON Logging](https://awesome-repositories.com/f/security-cryptography/audit-logs/structured-json-logging.md) — Writes security and access events to structured NDJSON files for compliance auditing. - [RESTful Secret Management APIs](https://awesome-repositories.com/f/security-cryptography/encrypted-secret-management/restful-secret-management-apis.md) — Provides a REST API to programmatically create and monitor the lifecycle of encrypted secrets. ([source](https://yopass.se/docs/secret-requests)) - [Lifecycle Notifications](https://awesome-repositories.com/f/security-cryptography/encrypted-secret-management/restful-secret-management-apis/lifecycle-notifications.md) — Sends real-time HTTP notifications when secrets are created, viewed, or expired. ([source](https://yopass.se/docs/webhooks)) - [Audit Logs](https://awesome-repositories.com/f/security-cryptography/governance-policy-frameworks/compliance-governance/audit-and-compliance/audit-logs.md) — Produces structured NDJSON audit logs to satisfy regulatory requirements and track security activities. ([source](https://cdn.jsdelivr.net/gh/jhaals/yopass@master/README.md)) - [Secret Storage](https://awesome-repositories.com/f/security-cryptography/secret-storage.md) — Utilizes key-value stores or memory caches to persist the encrypted metadata associated with shared secrets. ([source](https://yopass.se/docs/server-options)) - [Inbound Secret Collection](https://awesome-repositories.com/f/security-cryptography/secure-secret-sharing/secret-collections/inbound-secret-collection.md) — Allows collecting encrypted credentials from third parties through secure upload links without requiring user accounts. ([source](https://yopass.se/docs/secret-requests)) - [Security Automation Integrations](https://awesome-repositories.com/f/security-cryptography/security-automation-integrations.md) — Integrates secret access and creation events into external security automation pipelines. ([source](https://yopass.se)) - [Signed Event Notifications](https://awesome-repositories.com/f/security-cryptography/webhook-security/signed-event-notifications.md) — Generates structured NDJSON audit logs and triggers cryptographically signed HTTP notifications upon secret access. ### Data & Databases - [Pluggable Object Storage](https://awesome-repositories.com/f/data-databases/data-engineering-infrastructure/data-persistence-storage/data-storage/file-based-storage/local-file-storage/s3-compatible-cloud-storage/pluggable-object-storage.md) — Abstracts encrypted file persistence across local disks and S3-compatible cloud storage. - [Configurable Storage Backends](https://awesome-repositories.com/f/data-databases/storage-abstraction/file-storage-services/configurable-storage-backends.md) — Supports switching between local disk, S3-compatible buckets, or databases for storing encrypted files. ([source](https://yopass.se/docs/server-options)) ### System Administration & Monitoring - [Secret Access Auditing](https://awesome-repositories.com/f/system-administration-monitoring/secret-access-auditing.md) — Maintains a permanent audit trail of secret requests and access history while ensuring content remains encrypted. ([source](https://yopass.se)) - [Security Audit Logs](https://awesome-repositories.com/f/system-administration-monitoring/security-audit-logs.md) — Generates structured audit logs to track administrative activities and security-critical events. ([source](https://yopass.se/docs/server-options)) ### Web Development - [View-Count and Time Expirations](https://awesome-repositories.com/f/web-development/data-fetching-caching/cache-invalidation-utilities/time-to-live-expirations/database-document-expirations/view-count-and-time-expirations.md) — Automatically purges secrets and files based on time-to-live (TTL) or view count limits. ### Part of an Awesome List - [Auditing and Logging](https://awesome-repositories.com/f/awesome-lists/data/auditing-and-logging.md) — Maintains structured audit logs to track when and by whom encrypted data was accessed. - [Lifecycle Event Triggers](https://awesome-repositories.com/f/awesome-lists/media/email-and-notifications/security-event-notifications/lifecycle-event-triggers.md) — Triggers signed webhooks and notifications whenever secrets are created, accessed, or expired. - [Authenticated Secret Creation](https://awesome-repositories.com/f/awesome-lists/security/authentication-and-secrets/authenticated-secret-creation.md) — Restricts secret creation to authenticated users from approved email domains. ([source](https://yopass.se/docs/server-options)) - [Communication Systems](https://awesome-repositories.com/f/awesome-lists/media/communication-systems.md) — Secure sharing for secrets, passwords, and files. - [File Sharing Tools](https://awesome-repositories.com/f/awesome-lists/media/file-sharing-tools.md) — Secure sharing for secrets, passwords, and files. - [Secret Sharing](https://awesome-repositories.com/f/awesome-lists/security/secret-sharing.md) — Secure platform for sharing secrets and files with expiration. ### DevOps & Infrastructure - [Webhook Triggers](https://awesome-repositories.com/f/devops-infrastructure/webhook-triggers.md) — Triggers automated HTTP requests to external services when specific application events occur. ([source](https://yopass.se/docs/intro)) ### Networking & Communication - [Security Access Alerts](https://awesome-repositories.com/f/networking-communication/event-notifications/security-access-alerts.md) — Provides immediate email or webhook notifications when a recipient accesses a one-time secret link. ([source](https://yopass.se)) - [Signed Webhook Deliveries](https://awesome-repositories.com/f/networking-communication/webhook-delivery-systems/signed-webhook-deliveries.md) — Attaches cryptographic signatures to outgoing webhooks to verify sender identity.