Get started in 3 simple steps.
This Tutorial is the best way to get started with Evervault. You'll follow 3 easy steps:
Before you begin, create an account and a team in the Evervault Dashboard.
Step 1: Encrypt sensitive data
You can encrypt sensitive data as it enters your app — either client-side or server-side — with one simple function:
evervault.encrypt(). There's no need to manage encryption keys, and Evervault cannot decrypt the data.
You can also encrypt sensitive data before it even hits your infrastructure by using Relay.
Install Evervault SDKs
html<!-- Add this before your </head> tag in your app --><script src="https://js.evervault.com/v1"></script>
Initialize Evervault SDK
Once installed, initialize your chosen SDK with your team's unique ID found in the Settings.
Encrypt your data
To encrypt data where it enters your app, simply pass an object or string into the
Learn more about the Evervault Encryption Scheme (EES) →
Step 2: Store encrypted data
Store the encrypted data in your database. You don't need to change:
- How you pass data to your database, or
- Your existing data structure.
Learn more about the format of Evervault-encrypted data →
Step 3: Process encrypted data
The only way to process your encrypted data is to deploy and run an Evervault Cage.
Cages are serverless functions for processing encrypted data. Cages are isolated from your stack, and hosted on Evervault.
You can write and deploy any serverless function to a Cage. At present, Cages can only be written in Node.js. You can call and run a Cage with any language that can send HTTPS requests.
Deploy your Cage
You can deploy a Cage by connecting to a GitHub repository (see below), or using the Evervault CLI.
In the Evervault Dashboard:
- Click New Cage
- Select Choose Template
- Authenticate with GitHub if you haven’t already
- Install the Evervault app on GitHub
- Select a template Cage
- Create your Cage
Run your Cage
Automatically run your Cage code by passing the Cage name and the payload into the
evervault.run() function. Or, send a HTTPS POST request with a JSON payload and
API-Key header to
Cages can currently only be called server-side because they require your team's API key for authentication. We are working on an integration with Relay which will allow you to run Cages from the frontend.
python# `encrypted_data` must be a Dictionaryresult = evervault.run('YOUR-CAGE-NAME', encrypted_data);
Run your application to see the result. Return the result to the client via your server, or forward it to a third party API via an HTTP request. All outbound HTTP requests are logged, and are shown in your team's Dashboard.
The Node.js SDK is pre-initialized in all Cages as the globally-scoped
evervault object. This allows you to encrypt the result, and store it in your database.
Update your Cage
If you push to your GitHub repo, Evervault will automatically update your Cage code. If you choose to deploy with the Evervault CLI, use the
ev cage deploy command to update your Cage code.
- Encrypting data as it enters your app by passing a payload into the
- Storing the encrypted data in your database without having changed your data structure; and
- Processing the encrypted data by running a Cage using the
You can encrypt any data, and configure Cages to run any function.
Simply repeat the encrypt-store-process cycle each time you want to encrypt new data, and run new functions on it.