by auth0


Sharelock: securely share data

Sharelock is an open source web service hosted at It lets you simply and securely share secret information with people you trust. You can also host your own version of Sharelock since the server and the apps are all open source.


Host your own Sharelock server


The service controls signing and encryption keys that protect your secret data. If you want to be in control of signing and encryption keys, you must host your own version of the Sharelock service. The apps have support to change the endpoint you hit

Read more about how it works and things like key rotation.


  • Urls are ephemeral, they are NOT stored anywhere (neither your secrets). The content you share lives encrypted in the URL.
  • The decrypted content can ONLY be accessed by the people that you shared the data with by means of login and email verification (as opposed to, let's say, Dropbox links which can be accessed by anyone who has the link).
  • Secrets are signed with HMAC SHA256 and encrypted with AES 256 CTR using keys that live on the Sharelock server
  • We host public pro bono but we are not in the business of holding your secret content, that's why we built this OSS. If you want to have your own signing key and encryption key you can do that by deploying your own Sharelock instance to Heroku in seconds (or any other hosting that provides nodejs support)


Our story is simple. We created Sharelock because we wanted a way to share secret data securely. We’re constantly exchanging bits of confidential information and, because we take security very seriously, we didn’t feel comfortable sharing that information through normal channels like email or chat. So, Sharelock was born. It provides you with a simple and secure way to share secrets with people you know.


We welcome feedback and collaboration. You know where to file issues and how to submit pull requests. You can contact us here.

This project is licensed under MIT.

Crafted by Auth0