We are here to help you get from zero to one fast.

Get Started    Discussions


reading time 3 mins

This guide is designed specifically for installing the Doppler CLI for local development environment all the way through to production. If your engineering team has yet to create a project, head over to the Create a Project page to get started.



The Doppler CLI provides a consistent experience when developing locally to in production. It is a lightweight binary that comes in a number of package managers and Docker images.

brew install dopplerhq/cli/doppler
# Add Doppler's scoop repo
scoop bucket add doppler

# Install latest doppler cli
scoop install doppler
FROM dopplerhq/cli:3
# this installation method does not use a package manager and is only recommended for ephemeral environments (e.g. CI jobs)
# supports Linux, BSD, and macOS
(curl -Ls || wget -qO- | sh
# Add Bintray's GPG key
sudo apt-key adv --keyserver --recv-keys 379CE192D401AB61

# Add Doppler's apt repo
echo "deb stable main" | sudo tee /etc/apt/sources.list.d/dopplerhq-doppler.list

# Update packages and install latest doppler cli
sudo apt-get update && sudo apt-get install doppler
# Add Doppler's yum repo
sudo wget -O /etc/yum.repos.d/bintray-dopplerhq-doppler.repo

# Update packages and install latest doppler cli
sudo yum update && sudo yum install doppler

Now, verify the Doppler CLI was installed correctly. Any version with the format vX.X.X is valid.

doppler --version


The Doppler CLI requires an API Key to authenticate. Access can be generated via the login flow used for local development or by using a service token. Service tokens are recommended to be used only when running your service on a cloud provider (Azure, AWS, GCP, etc).

doppler login
# skip this step

Project Setup

For each project, you need to run the setup command once which sets the project and config for your current directory. This allows you to work on multiple projects at the same time by just changing directories.

# Change to your project's directory
cd ./your/project/directory

# Select project and config
doppler setup
# In non-local environments, service tokens should be used.
# A service token is authorized to a single config which the 
# CLI configures automatically.
doppler setup --no-prompt --silent --token=<SERVICE TOKEN>


Run your program with the CLI in your project directory, which will securely fetch your secrets from and inject them into the environment.

doppler run -- ./your-command-here
doppler run --command="./first-command && ./second-command; ./cleanup-command"

Now, you should be able to access your secrets securely through environment variables.

const secret = process.env["SECRET_NAME"]
secret = os.getenv("SECRET_NAME")
secret = ENV["SECRET_NAME"]
secret := os.Getenv("SECRET_NAME")
String secret = System.getenv().get("SECRET_NAME")
$secret = $_ENV["SECRET_NAME"]
secret = env::var("SECRET_NAME")
var secret: String = System.getenv("SECRET_NAME")
def secret = System.getenv("SECRET_NAME")
char const* secret = getenv("SECRET_NAME");


Amazing Work!

Now that you have local development running, let’s set up authentication for staging and production with Service Tokens.

Updated 2 days ago


reading time 3 mins

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.