Conjur is an open source secrets management tool designed to securely authenticate, control, and audit non-human access to secrets across applications, tools, containers, and cloud environments. It works by tightly controlling secrets using granular Role-Based Access Control (RBAC). When an application requests access to a resource, Conjur authenticates the application, evaluates the request against a defined security policy, and then securely distributes the secret. Key use cases include: - Securing CI/CD pipelines by removing hard-coded secrets from DevOps tooling while providing full audit trails, policy-based RBAC, and secrets rotation - Authenticating container requests for secrets using native container platform attributes - Managing secrets in elastic and auto-scaling environments (e.g., Kubernetes) with automated host identity enrollment - Centralizing secrets management across multi-cloud and multi-tool environments Conjur exposes a REST API, CLI, and SDKs for programmatic integration and secret injection into applications. It also includes a Secretless Broker component that allows applications to connect to services without directly handling secrets. Conjur OSS is the open source edition of the product, with a commercial enterprise version available through CyberArk (formerly a standalone company, now part of Palo Alto Networks).