A comprehensive JetBrains IDE plugin that integrates Keeper Security vault functionality directly into your development workflow. The plugin provides secure secret management capabilities including saving, retrieving, generating, and running commands with secrets from Keeper Security vault.
The goal is to enable developers to manage secrets securely without leaving their development environment, while maintaining the highest security standards and providing seamless integration with existing Keeper Security infrastructure.
Supported IDEs: IntelliJ IDEA, PyCharm, WebStorm, PhpStorm, RubyMine, CLion, GoLand, and all other JetBrains IDEs.
A comprehensive JetBrains IDE plugin that integrates Keeper Security vault functionality directly into your development workflow. The plugin provides secure secret management capabilities including saving, retrieving, generating, and running commands with secrets from Keeper Security vault.
The goal is to enable developers to manage secrets securely without leaving their development environment, while maintaining the highest security standards and providing seamless integration with existing Keeper Security infrastructure.
Supported IDEs: IntelliJ IDEA, PyCharm, WebStorm, PhpStorm, RubyMine, CLion, GoLand, and all other JetBrains IDEs.
- Secret Management: Save, retrieve, and generate secrets directly from JetBrains IDEs using Keeper Security vault
- Secure Execution: Run commands with secrets injected from Keeper vault through
.envfile processing - Fast Performance: Uses persistent Keeper shell for blazing-fast secret operations
- Folder Management: Select and manage Keeper vault folders for organized secret storage
- Record Operations: Create new records, update existing ones, and retrieve field references
- Comprehensive Logging: Built-in logging system with detailed operation tracking
- Retry Logic: Robust error handling with automatic retry for shell startup timing
- Keeper Commander CLI: Must be installed and authenticated on your system
- Download from Keeper Commander Installation Guide
- Authenticate using persistent login or biometric login
- Keeper Security Account: Active subscription with vault access
- System Requirements:
- JetBrains IDE: 2021.1 or later
- Java: 11 or later
- From JetBrains Marketplace: Search "Keeper Security" (when published)
- Or install manually from plugin file
- Follow the Keeper Commander Installation Guide
- Ensure the CLI is accessible from your system PATH
- Open terminal/command prompt and run
keeper login - Enter your Keeper Security credentials
- Verify installation with
keeper --version
- Open terminal/command prompt
- Run
keeper loginand enter your credentials - Authenticate using persistent login or biometric login
- Important: Wait for the "My Vault>" prompt to appear before using the plugin
- Open any JetBrains IDE
- Go to Tools → Keeper Vault → Check Keeper Authorization
- Verify the authentication status shows success
All Keeper actions are available through two locations:
- Tools Menu:
Tools → Keeper Vault → [Action] - Right-click Context Menu: Right-click in editor →
[Action]
| Action | Description | Use Case |
|---|---|---|
| Check Keeper Authorization | Verify Keeper CLI installation and authentication | Troubleshoot connection issues |
| Get Keeper Secret | Insert existing secrets from vault as references | Retrieve stored secrets without exposing values |
| Add Keeper Record | Create new vault record from selected text | Replace hardcoded secrets with vault references |
| Update Keeper Record | Update existing vault record and replace text | Modify existing secret values |
| Generate Keeper Secret | Generate secure passwords and store in vault | Create new secure credentials |
| Get Keeper Folder | Select vault folder for organized storage | Choose storage location for new records |
| Run Keeper Securely | Execute commands with injected secrets from .env | Run applications with vault credentials |
Purpose: Verify that Keeper Commander CLI is properly installed and authenticated.
Steps:
- Go to
Tools → Keeper Vault → Check Keeper Authorization - Plugin verifies CLI installation and authentication status
- Shows detailed status including biometric auth availability
- Use this if other commands fail or for initial setup verification
Purpose: Insert existing Keeper Security secrets into your code without exposing actual values.
Steps:
- Position cursor where you want to insert the secret reference
- Right-click →
Get Keeper SecretorTools → Keeper Vault → Get Keeper Secret - Plugin shows list of available vault records
- Select the specific record you want to use
- Choose the field from that record
- Plugin inserts secret reference at cursor position
Reference Format: keeper://record-uid/field/field-name
Example:
# Cursor position before command
database_password = |
# After selecting from vault
database_password = keeper://abc123def456/field/passwordPurpose: Save selected text as a secret in Keeper Security vault and replace it with a reference.
Steps:
- Select text containing a secret (password, token, API key, etc.)
- Right-click →
Add Keeper RecordorTools → Keeper Vault → Add Keeper Record - Enter record title when prompted
- Enter field name for the secret
- Plugin creates new vault record
- Selected text is replaced with secret reference
Example:
// Before: Selected text
const apiKey = "sk-1234567890abcdef";
// After: Replaced with reference
const apiKey = keeper://new-record-uid/field/api_key;Purpose: Update an existing Keeper record with new secret value and replace selected text with reference.
Steps:
- Select text containing the updated secret value
- Right-click →
Update Keeper Record - Choose existing record from the list
- Select field to update
- Plugin updates the vault record
- Selected text is replaced with reference
Purpose: Generate secure passwords and store them in Keeper Security vault.
Steps:
- Position cursor where you want the secret reference
- Right-click →
Generate Keeper Secret - Enter record title and field name
- Plugin generates secure password and stores it in vault
- Secret reference is inserted at cursor position
Example:
# Before
admin_password: |
# After
admin_password: keeper://generated-record-uid/field/passwordPurpose: Select the vault folder where new secrets will be stored for this project.
Steps:
- Go to
Tools → Keeper Vault → Get Keeper Folder - Plugin displays available vault folders
- Select desired folder for this workspace
- Future
Add Keeper RecordandGenerate Keeper Secretoperations will use this folder
Purpose: Run commands with secrets injected from Keeper Security vault through .env file processing.
Steps:
- Ensure your project has a
.envfile withkeeper://references - Open any file in your project
- Right-click →
Run Keeper Securely - Select or confirm the
.envfile to use - Enter the command to run (e.g.,
python3 app.py) - Plugin fetches actual secret values from vault
- Creates terminal with injected environment variables
- Executes your command with real secret values
Example .env file:
DATABASE_URL=keeper://db-record-uid/field/connection_string
API_KEY=keeper://api-record-uid/field/key
SECRET_KEY=keeper://app-record-uid/field/secretCommand execution:
# Plugin runs your command with actual values injected
python3 app.py
# DATABASE_URL=postgresql://user:pass@host:5432/db
# API_KEY=ak_live_1234567890abcdef
# SECRET_KEY=super-secret-key-valueIf you encounter issues, enable detailed logging:
- Go to
Help → Diagnostic Tools → Debug Log Settings - Add:
keepersecurity - Restart IDE
- Check logs in
Help → Show Log in Files
Problem: Actions fail with authentication or connection errors
Solutions:
- Run
Tools → Keeper Vault → Check Keeper Authorizationfirst - Ensure Keeper Commander CLI is installed and in PATH
- Verify authentication with
keeper loginin terminal - Wait for "My Vault>" prompt to appear after login
- Restart IDE if commands were working before
Problem: Plugin fails to parse Keeper CLI output
Solutions:
- This is usually a timing issue with shell startup
- Plugin has built-in retry logic, wait for completion
- Check internet connection and firewall settings
- Verify Keeper vault accessibility
- Try the command again after a moment
Problem: "Keeper Commander CLI is not installed" error
Solutions:
- Install Keeper Commander CLI following the installation guide
- Ensure CLI is accessible from your system PATH
- Verify installation with
keeper --versionin terminal - Restart IDE after CLI installation
Problem: "Keeper Commander CLI is not authenticated" errors
Solutions:
- Open terminal and run
keeper login - Enter your Keeper Security credentials
- Wait for successful authentication and "My Vault>" prompt
- Ensure authentication persists between sessions
- Try biometric authentication if available
Problem: No folders or records appear when trying to select them
Solutions:
- Verify you have access to folders/records in your vault
- Check that Keeper CLI has proper permissions
- Try refreshing by running the command again
- Ensure your Keeper account has the necessary access rights
Problem: Commands don't have access to injected secrets or fail to execute
Solutions:
- Verify your
.envfile contains validkeeper://references - Ensure all referenced secrets exist in your vault
- Check that plugin created the terminal correctly
- Verify the command syntax is correct for your system
- Ensure no other terminals are interfering with environment variables
Problem: Commands are slow or hang
Solutions:
- Plugin uses persistent shell for speed after first use
- First command may take longer (shell startup)
- Subsequent commands should be much faster
- Check internet connection stability
- Verify Keeper vault server accessibility
This plugin is licensed under the MIT License.
Support: For issues specific to the Keeper Security service, visit Keeper Security Support. For plugin-specific issues, check the plugin documentation and logs.