How to disable e2ee?

[slavaGanzin]

I couldn't find a way to disable e2ee in my project on https://app.infisical.com/. I couldn't get python sdk working, because it returns cryptic error: bot token not found. Same with curl:

curl --location --request GET 'https://app.infisical.com/api/v3/secrets/raw?environment=environment&workspaceId=workspaceId' \
    --header 'Authorization: Bearer serviceToken'
{"statusCode":400,"message":"failed to find bot key","error":"BadRequest"}

I found this https://infisical.com/docs/api-reference/overview/examples/e2ee-enabled and it worked. But it use service tokens, and I want to use global service identity. And also they are deprecated. I modified this example to get access token and use it future, got encrypted secrets, but I couldn't decode it.

Somewhere in documentation it says: use non-e2ee in future. There is no button/option that disable it on app.ifisical.com.

So I'm completely lost, what should I do.

p.s. Does e2ee will be deprecated? Identities will not work with e2ee, and service tokens would be deprectated?

UPDATE: Failed to find bot key - it's actually about not setting right workspace and environment. God, write better error messages - I spend entire day trying to fix it.

And so it works in e2ee and non-e2ee mode simultaneously?

[akhilmhdh]

@slavaGanzin

First of all, We will be standarding the error messages and the way disable.

To resolve this issue there should be an upgrade banner in your secret overview page. Kindly run it and it should be good to do. Regarding the details you can find it beside it.

| Does e2ee will be depreciated?

Yes going forward we are moving away from E2EE, but don't worry we will be keeping industrial standard of encryption at rest. We will be soon explaining why we are moving away etc

[akhilmhdh]

Closing as stale