What is NoxKey?
NoxKey is a free, open-source macOS app that stores developer secrets in the Keychain with Touch ID. It replaces .env files and protects secrets from AI coding agents.
NoxKey is a sandboxed macOS menu bar app that stores API keys, tokens, passwords, and other credentials in the macOS Keychain — Apple’s hardware-encrypted credential store backed by the Secure Enclave. A Cmd+Shift+1 command-palette panel browses the vault for humans; a bundled MCP server (noxkey-mcp.mjs) lets AI agents call noxkey_get against the same vault. Every access is gated by Touch ID.
It replaces the common pattern of storing secrets in .env files (plaintext, no authentication, readable by any process) with encrypted, biometric-gated storage that never leaves your machine.
Key features
Keychain storage
Secrets stored in macOS Keychain, encrypted by the Secure Enclave. Not files on disk.
Touch ID on every access
Biometric authentication for every secret read. No master password, no unlock timeout.
AI agent detection
Detects Claude Code, Cursor, Copilot via process-tree walking. Switches to encrypted handoff automatically.
Encrypted handoff
Secrets reach the agent's shell environment through a self-deleting encrypted script. Raw values never enter the conversation.
DLP guard
Scans agent output for leaked secret values using 8-character fingerprints before they enter conversation context.
One-step migration
Drop your .env onto the import sheet, review the keys, and Touch ID writes the whole batch into the Keychain. Then delete the file.
Zero network
No outbound connections. No cloud. No account. Verifiable via macOS network monitoring.
MCP server
Built-in Model Context Protocol server for direct IDE integration with Claude Code and other MCP-compatible tools.
How it works
The old workflow with .env files:
# .env (plaintext, no auth, can be committed to git)
STRIPE_KEY=sk_live_abc123
DATABASE_URL=postgres://user:pass@host/dbThe NoxKey workflow:
- Store — open the menu bar app, paste from clipboard. Touch ID writes the secret straight into the macOS Keychain. Plaintext never touches your shell history.
- Use (humans) — Cmd+Shift+1 opens a Spotlight-style panel. Search the key, Touch ID approves, the value lands on your clipboard and auto-clears after 30 seconds.
- Use (AI agents) — Claude Code, Cursor, or any MCP client calls
noxkey_get. NoxKey shows a per-request approval card. Approve, and the value is handed over through an encrypted, self-deleting temp file — never into the model's context. - Verify — peek shows the first 8 characters only, so you can confirm the right key is stored without revealing it.
Every reveal is written to a local audit log on your Mac — which agent asked, which key, when, and whether it was approved.
Who is NoxKey for?
- Developers on macOS who store API keys and tokens for local development
- AI-assisted developers using Claude Code, Cursor, or Copilot who want to prevent secret exposure in AI conversations
- Solo developers and small teams who want credential security without enterprise infrastructure
- Anyone replacing .env files with something that has actual encryption and authentication
What NoxKey is not
- Not a team/enterprise vault — for team-scale access control, use HashiCorp Vault or 1Password
- Not cross-platform — macOS only (depends on Keychain and Touch ID)
- Not for production secrets — use your CI provider's secret management for production. NoxKey is for your development machine
Frequently asked questions
- Is NoxKey free?
- Yes. AGPL-3.0-licensed, open source, no account, no subscription, no cloud. Install from the Mac App Store.
- How is NoxKey different from .env files?
- .env files are plaintext with no authentication. NoxKey stores secrets in the hardware-encrypted Keychain with Touch ID. Secrets can't be committed to git because they're not files. Full comparison.
- How is NoxKey different from 1Password CLI?
- NoxKey is local-only (no cloud, no account), free, and includes AI agent detection. 1Password requires a subscription and cloud sync. Full comparison.
- How does NoxKey detect AI agents?
- It walks the macOS process tree when a secret is requested. If an AI agent is in the calling chain, the secret is delivered through an AES-256-CBC encrypted, self-deleting temp script. Technical deep-dive.
- Does NoxKey connect to the internet?
- No. Zero outbound network connections — the App Sandbox kernel-blocks them because the app ships without the
com.apple.security.network.cliententitlement. The bundled MCP server talks to the app over a local Unix domain socket. Updates ship via the Mac App Store. - What macOS version do I need?
- macOS 14 Sonoma or later. Touch ID or a Mac with a T2/M-series chip required for biometric authentication.
- Can I use NoxKey with Docker or CI/CD?
- NoxKey is for local development. For Docker and CI/CD, use your provider's secret management (GitHub Actions secrets, AWS Secrets Manager, etc.).
- How do I migrate from .env files?
- Drag your
.envonto the import sheet in the menu bar app. NoxKey shows every key-value pair for review (values masked) and writes the approved batch to the Keychain under one Touch ID. Then delete the .env file.
GitHub · Blog · Architecture · vs dotenv · vs 1Password · vs Vault