passbolt_api
The backend server for the Passbolt ecosystem. It provides security-first, self-hosted password management for teams, with user-owned GPG keys, end-to-end encryption, and comprehensive audit logs. Supports multiple deployment platforms, browser extensions, mobile apps, CLI, and desktop client.
Smart Download
Visit Project Homepage
No installer available yet — head to the source repository
A self-hosted, open source password manager for teams with end-to-end encryption and granular sharing.
Core Features
- End-to-end encryption with user-owned private keys
- Granular sharing: per-password, folder, and role-based permissions
- Full audit trails: track who accessed which credential and when
- Cross-platform clients: browser extensions, iOS/Android, CLI
- Multiple deployment options: Docker, K8s, Ubuntu/Debian/RHEL etc.
What It Can't Do
- •HTTPS is mandatory (self-signed works); you must generate and backup GPG key pair during setup; there is no master password recovery (by design); Community Edition lacks SSO, AD/LDAP integration (available in Pro).
Use Cases
- Centralized password sharing and rotation within teams
- Vendor/contractor access control with audit logging
- Compliance-driven credential management (SOC 2, GDPR, etc.)
Passbolt API is the backend server component of the Passbolt password management ecosystem. It provides a secure, self-hosted solution for teams to centralize, organize, and share passwords and secrets. Built with a security-first mindset, it uses user-owned GPG keys for end-to-end encryption and undergoes multiple annual security audits with public findings. Key features include role-based access control, shared folder management, password expiry policies, resource permissions audit trails, and support for browser extensions, mobile apps, CLI, and a desktop app. It can be deployed on-premise or in air-gapped environments, ensuring full data privacy and compliance with GDPR.
Tags
Getting Started
Download installer
Click the button above to download the installer for your system
Install the software
Double-click the downloaded installer and follow the prompts
Choose a deployment method (recommended Docker): docker pull passbolt/passbolt:latest
Run the container: docker run -d -p 443:443 passbolt/passbolt
Access https://localhost, complete the setup wizard to create admin account and configure GPG keys
- Choose a deployment method (recommended Docker): docker pull passbolt/passbolt:latest
- Run the container: docker run -d -p 443:443 passbolt/passbolt
- Access https://localhost, complete the setup wizard to create admin account and configure GPG keys
Checksum not available
This project has not published a SHA-256 checksum on its GitHub Release page
SHA256 Checksum
No checksum available
Download directly from GitHub Releases and verify file integrity yourself
All SHA-256 checksums on this platform are extracted from the project's official GitHub Release page, without any modification. You can independently verify them on the GitHub Releases page.
Open Source Transparency
View GitHub SourceUninstall Info
Stop and remove the container: docker stop passbolt && docker rm passbolt. To completely remove data, delete the mounted volumes or data directory.
No Extra Dependencies
Ready to use after download. No additional runtime required.
Having issues? Check the FAQ below
5 FAQs
Similar Projects
Vaultwarden
A lightweight, self-hosted Bitwarden server alternative written in Rust, compatible with official clients.
SearXNG
SearXNG is a free metasearch engine that combines results from over 70 search services while respecting your privacy. Self-host it to keep your data under your control.
Immich
High performance self-hosted photo and video management solution with automatic backup, AI search, facial recognition, and multi-user support.