Stop sharing credentials over Slack or giving contractors your master password. SealedKeys lets you grant contractors controlled, audited, read-only access to specific credentials — and revoke it instantly when they leave.
From invite to offboarding — a clear, auditable process.
Send an invite to the contractor's email. They create their own SealedKeys account — no master password shared.
Add them to the relevant organisation vault with a Read-only role. They can view and copy but cannot edit, delete or export.
The audit log shows every credential they view or copy — with timestamp and IP. No surprises.
Remove the contractor from the organisation. Instant revocation — no password resets, no chasing.
Yes. Each contractor has their own SealedKeys account and their own vault key. You share specific vault items with them through the organisation — they decrypt those items using their own credentials, not yours.
A read-only member can view and copy vault items they have access to. They cannot add, edit, delete or export items. All access is logged in the audit trail.
The audit log records every item view and copy event with the user's name, the item accessed, the timestamp and the IP address. You can filter by user to see a complete list of what a specific contractor accessed.
You don't need to change everything — just the credentials they actually accessed. The audit log tells you exactly which items they viewed, so you can focus rotation on those specific credentials.
Yes. You can create a separate organisation in SealedKeys for contractor access — keeping it completely separate from your main team vault. Contractors only see what's in their org.
25 items free. Up to 3 members. No credit card required.