# Introduction

> Learn about Shelve and how it can help you manage your environment variables and secrets.

### Welcome to Shelve

Shelve is an open-source environment management platform designed to revolutionize how development teams handle their environment variables and secrets.

Born from the frustration of sharing sensitive information through insecure channels, Shelve provides a secure, collaborative, and developer-friendly solution for managing environment configurations across projects and teams.

### Why Shelve?

- Simple setup: one command to log in, another to inject secrets at runtime.
- Team focused: built for modern development teams with collaboration and granular permissions.
- Secure by default: per-project envelope [encryption](/docs/core-features/encryption), OS-keychain token storage, [scoped API tokens](/docs/core-features/tokens), and [audit logs](/docs/core-features/audit-logs) on every write.
- Open source: completely free and self-hostable, giving you full control over your data.
- Developer experience: CLI-first, `.env`-free workflow with `shelve run`.

### Key features

Environment management

- Centralized variable management across projects and teams.
- First-class support for `development`, `preview`, `production`, plus custom environments.
- Per-project data encryption keys (DEKs) sealed by a platform KEK — rotate scope is a single project.
- Secret references (`shelve://ENV/KEY`) in `.env.template` for cross-environment composition.

Team collaboration

- Role-based access control on teams and projects.
- Scoped, expiring API tokens with optional IP allowlists.
- Full audit trail of team, project, variable, and token changes.
- Secure member invitations.

Integrations

- GitHub secrets synchronization.
- One-click deployment using Coolify.
- Email authentication with OTP codes.
- OAuth authentication (GitHub, Google).
- Runtime injection into any process, CI, or container via `shelve run`.

Developer tools

- CLI with `init`, `login`, `run`, `pull`, `push`, `create`, `generate`, `config`, `upgrade`.
- Encrypted offline cache — work from a plane, get variables back online automatically.
- AI-agent safety: `init` provisions `.cursorignore` / `.aiderignore` / `.codeiumignore` files and never exposes secrets to your coding agent.
- Docker image and Vercel deploy button for self-hosting.

### Getting Started

Ready to improve your environment management workflow? Head over to our [Quickstart](/docs/getting-started/quickstart) guide to begin your journey with Shelve.

### Community and Support

Shelve is built by developers for developers. We believe in the power of community and open source. Join our growing community:

- Star us on [GitHub](https://github.com/hugorcd/shelve)
- Follow updates on [Twitter](https://x.com/shelvecloud)
- Report issues on [Github](https://github.com/hugorcd/shelve/issues)

Whether you're a solo developer or part of a large team, Shelve adapts to your needs while maintaining security and simplicity at its core.