Doppler Secretless Access

Doppler supports OIDC-based authentication for accessing secrets without storing service tokens.

Overview

Doppler's OIDC support enables CI/CD platforms and workloads to access secrets using temporary tokens from trusted identity providers. This provides:

• No Service Tokens: OIDC replaces Doppler service tokens
• CI/CD Integration: GitHub Actions, GitLab CI support
• Project-Level Access: Fine-grained secret access controls
• Automatic Authentication: Seamless token exchange

Key Capabilities

• OIDC authentication for Doppler CLI and API
• Integration with CI/CD OIDC providers
• Project and environment-level access controls
• Token claim validation

Contributing

This page is a placeholder. We need your help to create comprehensive documentation!

What we need:

• Complete setup guide for Doppler OIDC
• GitHub Actions workflow examples
• GitLab CI integration examples
• Doppler CLI configuration with OIDC
• Project and environment setup
• Access control configuration
• Troubleshooting guide
• Integration guides for different platforms

How to contribute:

• Open an issue to discuss content
• Submit a pull request with documentation
• Share your Doppler authentication workflows

Resources

• Doppler Documentation
• Doppler OIDC
• GitHub Actions OIDC