The command-line interface for all things Smallstep

step is an open-source command-line tool for developers, operators, and security professionals to configure and automate the smallstep toolchain and a swiss-army knife for day-to-day operations of open standard identity technologies.

A few things you can do with step


Get certificates from step-ca and Certificate Manager

Administer your CA and get certificates using step.

Learn more >

Automate client certificates

Support for Mac, Windows, and Linux operating systems.

Learn more >

Inspect and lint certificates

View certificate details in human readable or JSON formats.

Learn more >

Manage JWTs and Tokens

Get, inspect, and validate OAuth access tokens, identity tokens, and JWTs.

Learn more >

Why People Love step

Easy to Use, Hard to Misuse

Safe defaults everywhere encourage best practices by making the right thing easy. Insecure or subtle operations are gated with flags to prevent accidental misuse.

Help That’s Actually Helpful

Run step help on any subcommand to find thorough documentation, examples, and in-depth discussion of relevant security, architectural, and operational considerations.

Friendly Workflows

Thoughtfully designed to be intuitive, get the job done, and get out of the way. With step, complex security operations become simple and obvious.


Certificate Manager

Your hosted private CA

Learn more >

Case Study

Improving OpenVPN security

Learn more >

Twitter Love For Smallstep