Skip to main content

Overview

Environment variables let you store configuration and secrets (like API keys) separately from your code.

Add environment variables

1

Go to your project

Navigate to your project from the dashboard.
2

Open Settings

Click the Settings tab in your project.
3

Add variable

Scroll to Environment Variables, enter a Key and Value, then click Add.
4

Save

Click Save Changes to apply. Your variables will be available on the next deployment.

Sensitive values

Environment variable values are masked in the dashboard UI (shown as ••••••••) for security.
Never commit secrets to your repository. Use environment variables for API keys, passwords, and tokens.

Accessing variables

Environment variables are available as process.env in your code: 
// Node.js
const apiKey = process.env.API_KEY;
const dbUrl = process.env.DATABASE_URL;

// PHP
$apiKey = getenv('API_KEY');

Build vs runtime variables

When availableUse for
Build timeAPI URLs, feature flags, public keys
RuntimeSecrets, database URLs, private keys
In Next.js, prefix public variables with NEXT_PUBLIC_ to expose them to the browser.

Common variables

VariableDescription
DATABASE_URLPostgreSQL connection string (auto-added)
NODE_ENVSet to production automatically
PORTPort your app should listen on

Reserved variables

These variables are set automatically and cannot be overridden:
  • NODE_ENV — Always production
  • PORT — Assigned dynamically

Best practices

  1. Never commit secrets — Use environment variables instead of .env files in production
  2. Use environment variables for sensitive data — API keys, passwords, tokens
  3. Use descriptive namesSTRIPE_SECRET_KEY not KEY1
  4. Rotate regularly — Update secrets periodically for security