Skip to main content
Privacy-first architecture

Onetime SecretSigned. Sealed. Delivered.

Send passwords, credentials, and sensitive data through links that self-destruct after being viewed.

  • Encrypted
  • Self-destructing
  • Open source
  • Data sovereignty

Create Secret Link

Enter the sensitive text you want to share securely. This text will be encrypted and available only once.
Helps with SOC2, GDPR, CCPA & HIPAA requirements for data privacy

Security architecture

Built to forget.

Every design decision serves one purpose: make sure secrets are readable exactly once, then gone.

End-to-end encryption

Secrets are encrypted at rest and in transit. The decryption key is embedded in the URL fragment, never sent to our servers, never logged. We can't read your data even if compelled.

Read once, gone forever

After a single view, the secret is permanently purged from all storage. No copies, no recovery, no trace.

Regional data storage

Choose where your secrets live: EU, US, or other regions. Meet data sovereignty requirements at the point of creation.

Helps teams meet compliance goals

Built to support SOC 2, GDPR, CCPA, and HIPAA workflows. Audit logs, access controls, and SSO help teams meet their own compliance requirements.

Developer API

Integrate secret sharing into your workflows, CI/CD pipelines, and internal tools. Full REST API with language-specific SDKs.

Also available:Custom DomainSSO / SAMLAudit Logs

How it works

Three steps. Zero residue.

Share sensitive information without leaving a trail in your email, chat logs, or ticketing systems.

Paste your secret

Enter any sensitive text: passwords, API keys, credentials, private notes. Set an expiration and optional passphrase.

Share the link

Get a unique, one-time URL. Send it over any channel: email, Slack, text. The link itself reveals nothing about the content.

It self-destructs

Once the recipient views the secret, the data is permanently destroyed. The link is dead. No one, including us, can retrieve it.

Use cases

How teams use Onetime Secret

From onboarding a new hire to rotating production credentials, sensitive data moves through organizations every day.

IT & DevOps

Securely rotate production credentials, share API keys during onboarding, and keep sensitive config out of Slack and email threads.

prod_api_token_51H7xYz9A2bC3dE4fG

HR & People Ops

Share onboarding credentials, temporary system access, and confidential HR communications without leaving a trail in email or ticketing systems.

Temporary password for your first login: kX9#mPq2vR!7

Legal & Finance

Transmit settlement terms, account credentials, and confidential case information with one-time access controls that protect privilege and confidentiality.

Access code for case file #2024-0847: Rg22mK9x

Consultants & Agencies

Share client credentials, project access, and sensitive deliverables without leaving traces in email threads or shared drives.

Here's the temporary password for the client portal: TmpAcc3ss!xQ9

Global infrastructure

Your data, your jurisdiction.

Choose where your secrets are stored and processed. Regional instances ensure your data never leaves the geography you choose.

Toronto, CanadaNuremberg, GermanyPorirua, New ZealandLondon, United KingdomHillsboro, United States

Start sharing secretsthe right way.

Free for individuals and teams. Plans for custom branding, advanced controls, and more.

Try it freeView pricing