// glossary / recipient

Recipient.

The 'to' of encryption. A recipient is whoever can open the file — expressed as a public key. Encrypt to multiple recipients and any one of them can decrypt independently.

// definition

In age, a recipient is the public identifier a file is encrypted to: a native age1… key, an ssh-ed25519/ssh-rsa public key, or (in passphrase mode) a password.

What it is

age wraps the file's payload key once per recipient. A file encrypted to three recipients carries three wrapped copies of that key in its header; each recipient unwraps only their own. Recipients never learn about one another from the file.

Why it matters

Multi-recipient encryption is how you share a secret with a team without per-person re-encryption. Add everyone's public key as a recipient and ship one file. The matching concept on the decrypt side is the identity.

// in AgePony AgePony lets you add several recipients to one file — mixing native age keys, SSH keys, and GitHub usernames — then encrypts once for all of them.

Related terms

Common questions.

Can I encrypt to many people at once?

Yes. Add each public key as a recipient; any one of them can decrypt the resulting file.

Do recipients see each other?

No. The header does not reveal recipient identities.

Get AgePony

Free file encryption for iOS and Android. No accounts, no tracking, no servers.

Download on the App Store Get it on Google Play