Skip to main content

The Envless HTTP API lets you read your workspace, projects, environments, and variables from any language or platform. Variable values are returned as ciphertext — decryption happens client-side with your workspace key. The server never holds plaintext.

Base URL

https://api.envless.cloud

What you can do today

ResourceReadCreateUpdateDelete
Workspace
Members✅ (invite)✅ (role)
Keys
Subscription
Billings
Projects
Environments
Variables✅ (ciphertext)✅ (single + bulk, ciphertext)✅ (ciphertext)✅ (single + bulk)
Versions✅ (ciphertext)✅ + ✅ (rollback)

Full CRUD lifecycle is live across the platform. Variable value fields must be encrypted client-side (see Encrypting Values). Workspace and account deletion remain dashboard-only by design.

Deletes are destructive and cascade down (deleting a project hides its environments → variables → versions). There is no undo via the public API. Restrict which keys can call these endpoints until scoped permissions ship.

Quick example

curl https://api.envless.cloud/projects \
    -H "Authorization: Bearer ev_sk_xxxxxxxxxxxx"

{
    "success": true,
    "code": 200,
    "message": "OK",
    "data": {
        "projects": [
            { "id": "prj_...", "name": "my-app", "slug": "my-app", "icon": null, "createdAt": "2026-05-30T10:14:22.000Z" }
        ],
        "pagination": { "limit": 25, "offset": 0, "totalCount": 1, "hasMore": false }
    }
}

Where to go from here

https://mintcdn.com/envless-7b88c948/nR8RUPgNBtCF5SFI/assets/icons/duotone/key.svg?fit=max&auto=format&n=nR8RUPgNBtCF5SFI&q=85&s=43c1e49774331752b42ee91d0da8c289

Authentication

Generate a personal access key and pass it as a bearer token.
https://mintcdn.com/envless-7b88c948/nR8RUPgNBtCF5SFI/assets/icons/duotone/info.svg?fit=max&auto=format&n=nR8RUPgNBtCF5SFI&q=85&s=03f8268864b5d8191dd2f73818870854

Errors

Response envelope, error codes, and how to handle them.

End-to-end encryption note

Variable values returned by the API are always ciphertext. To use them, decrypt locally with the workspace key — the same key the CLI and runtime use. The Envless API server cannot decrypt your data and never has. This is the same e2e model that protects you in the dashboard.