Proton has introduced a command-line interface (CLI) for its password manager, Proton Pass, allowing users to securely access and manage secrets directly from the terminal.
Currently in beta, the tool is initially available to Proton Visionary plan subscribers, with broader availability planned in the near future.
The Proton Pass CLI is aimed at developers, system administrators, and DevOps teams who require encrypted credential access in environments where graphical interfaces are unavailable or impractical, such as servers, CI/CD pipelines, and headless systems. The CLI provides full terminal access to Proton Pass features while maintaining Proton’s signature end-to-end encryption and privacy standards.
Proton, best known for its privacy-first services like Proton Mail and Proton VPN, launched Proton Pass in mid-2023 to offer a secure password manager with open-source transparency and encrypted vaults. This new CLI offering expands the tool’s flexibility, aligning with the needs of users integrating secrets management into automated workflows and development environments.
The tool is also well-suited for technically proficient users on Linux and macOS who prefer managing data from the command line. For these users, the CLI enables fast, scriptable access to credentials while upholding Proton’s privacy guarantees, without the need for a graphical interface.
The CLI supports a wide range of operations, enabling users to view, create, update, and delete various item types, including passwords, secure notes, identities, credit cards, WiFi credentials, and SSH keys, directly from the terminal. It also supports vault creation and management, as well as permission controls for shared items, making it viable for both individual users and teams.
Authentication is handled via Proton’s app-password system, which simplifies secure integration into CI/CD pipelines, containers, and remote servers without requiring persistent access tokens or complex configuration steps. Secrets can be injected into environments securely without exposing them in logs or command history, supporting safe automation in line with Proton’s security model.
Key capabilities of the Proton Pass CLI include:
- Secure item management from the terminal
- Automated vault and credential creation, updates, and deletion
- Role-based access control for shared secrets
- Seamless integration into CI/CD tools and headless environments
- Secret injection without plaintext exposure
The release is particularly relevant for teams looking to streamline workflows by automating credential handling without compromising security. With the CLI, manual steps in secret retrieval and management are eliminated, reducing both time and risk in operational pipelines.
Proton plans to expand availability beyond Visionary-tier users in upcoming updates. In the meantime, developers and DevOps professionals can start integrating the CLI by generating an app password from their Proton account and installing the CLI from the official beta channel.
If you liked this article, be sure to follow us on X/Twitter and also LinkedIn for more exclusive content.
