Export Passwords To Envionrmental Variables From Mac's Built-In Password Manger

October 2022

Passwords and credentails stored in Mac's Keychain Access password manager can be accessed from the command line with the security command. I use that feature to store ENV vars in the app then export them for use in apps. The code looks like this:

export VAR_NAME=$(security find-generic-password -w -l keychain-password-name)

Put that in a file and whenever you need the specific password in an ENV var, run the file with:

source FILENAME

You can then access the password like:

echo $VAR_NAME

Or use it in apps like:

process.env.VAR_NAME

Notes

Verify the process.env.VAR_NAME is the correct syntax
Add examples for other languages

Notes

You'll be asked to enter your password the first time you the command. Click "Always Allow" if you don't want to have to do it again. Or, "Allow" if you want to have to type it in every time.
(Using ./FILENAME instead of source FILENAME doesn't work consistently when you run other processes)
Some examples of using security find-generic-password show that you need the account name. I haven't needed that which I suspect is because I'm already on the same account. Not sure about why, just that it works.

end of line