Secretless Plugin Interface (SDK)

Secretless Broker currently has built-in support for PostgreSQL, MySQL, APIs that use basic HTTP authentication, and many other target services. This support is provided via internal plugins (also referred to as "Secretless Service Connectors") and are part of the Secretless binary distribution.

If you want to use Secretless with a target service that is not currently supported, you can use the Secretless Plugin Interface to create Connector Plugins to extend Secretless to support virtually any target service. These external plugins can be integrated in environments using a standard Secretless Broker implementation.

The Secretless SDK includes the following components to help you create Secretless Connector Plugins:

  • Secretless Plugin Interface API

  • A set of pre-populated templates to create two types of plugins: HTTP for APIs and TCP for databases

  • Comprehensive documentation


Review the following prerequisites before creating a Secretless Connector Plugin:

  • The Secretless Plugin Interface uses Go plugin framework. This documentation assumes that the person authoring Secretless Connector Plugins is proficient with Golang. To learn more about Golang or to refresh your skills, refer to the Golang tutorial before attempting to create a plugin.

  • You should have a strong understanding of the authentication protocol of the target service to which your plugin will connect.

  • For best results, we recommend that plugins be written in the same version of Go that is supported by the Secretless Broker. You can verify the Secretless Broker version in the Dockerfile.

  • If you need to write a plugin using a newer version of Go, create a GitHub issue and submit a PR to the Secretless project to request that the Secretless Broker Go version be incremented to match the version you require.


The primary use case for Secretless Broker is for containers that run on OpenShift or Kubernetes. Because of this, Secretless Connector Plugins are currently supported in Linux (including Alpine Linux) and OSX environments only; they are not currently supported in Windows environments.

Contribute your plugin to the Secretless Open Source Community

The Secretless team is continually adding support for new databases and services. If you write a Secretless Connector Plugin that you'd like to share with the community, contact us via our Community page or send us a GitHub Pull Request.

See also

Secretless Plugin Interface Functional Overview

Create Secretless Connector Plugins

Build and Secure Secretless Connector Plugins

Test Secretless Connector Plugins

Deploy Secretless Connector Plugins

Secretless Plugin Interface SDK Reference