Onetime Secret

Onetime Secret is a web service with an open-source repository and an API that generates one-time-view, encrypted links for secrets. One-sentence value: Onetime Secret provides single-use, encrypted links to share sensitive text or credentials that auto-destroy after being read, avoiding persistent storage in chat, email, or logs.

It targets individuals and small teams — developers, operators, support, SREs, and contractors — who need fast, transient secret handoffs. It solves ad-hoc secure delivery, reduces exposure from leaked tickets or chat, supports automation via API or connectors for CI/CD and runbooks, and offers a self-hosting option for teams that require data control for compliance.

Use Cases

• Send a Wi‑Fi password to a guest privately.
• Share a one-off banking PIN for short tasks.
• Pass an API key to a friend for testing.
• Deliver temporary database credentials for contractors.
• Send incident-response credentials without adding ticket threads.
• Integrate ephemeral secrets into CI/CD and runbooks.

Strengths

• Creates single-view, auto-destroying secret links to reduce residual exposure.
• Optional passphrase adds a second factor for link access.
• API and Postman collection support automations and integration.
• Microsoft connector available for Power Automate and Logic Apps.
• Account plans offer branding, retention, and team controls.
• Self-hosting option supports data residency and on-prem control.

Limitations

• Recipient can copy secret after viewing; cannot prevent copying.
• Link interception remains a risk; use passphrase and trusted channels.
• Not a replacement for long-term vaults, rotation, or audit.
• Self-hosting reduces vendor exposure but increases ops and patching burden.
• Specific limits and SLAs are Unverified in available documentation.

Final Thoughts

Try it now if you need fast, single-use secret delivery or API-driven ephemeral secrets and you value an easy self-host option. Wait if you need full lifecycle secret management, enforced recipient controls, or enterprise-grade rotation and audit.

A managed cloud makes sense when teams need retention policies, branding, support, and reduced operational burden; those account features add governance and fewer ops tasks compared with self-hosting.

References

• Onetime Secret — Home: Share Secrets Securely
• Pricing | Onetime Secret - Docs
• onetimesecret/onetimesecret — GitHub repo
• One-Time Secret connector (Microsoft Learn)