What Are Environment Variables?
Environment variables are:- Frontend-only - Exposed to browser/client code
- Project-specific - Each project has its own
- Accessible in code - Use them in your frontend application
- Public - Visible in frontend code (use only for non-sensitive data)
Common Uses
- Public API keys - Store public keys for services (e.g., Supabase public keys)
- Configuration - App settings and preferences
- Feature flags - Enable/disable features
- Public URLs - API endpoints and service URLs
Adding Variables
- Go to Project Settings → Environment Variables
- Click Add Variable
- Enter:
- Name - Variable name (e.g.,
API_KEY) - Value - The actual value
- Name - Variable name (e.g.,
- Save
Using Variables
In your frontend code, reference variables using theVITE_ prefix:
- Frontend:
import.meta.env.VITE_API_KEY
VITE_ to be accessible in your frontend code.
Leo knows how to use environment variables when you mention them in prompts.
Security Considerations
- Frontend-exposed - Variables are visible in browser/client code
- Not encrypted - Stored as plain text
- Public access - Anyone can see them by inspecting your frontend code
- Project-specific - Isolated per project
- Access control - Only project members can view/edit
Best Practices
- Use descriptive names -
VITE_SUPABASE_URLnotVITE_URL1 - Only public data - Never store secrets or private keys
- Document usage - Note what each variable is for
- Use integrations for secrets - Store sensitive credentials via Project Integrations
Integration Credentials vs Environment Variables
Environment Variables (Frontend):- Public API keys (e.g., Supabase public keys)
- Public URLs and endpoints
- Feature flags
- Non-sensitive configuration
- Private API keys (Odoo, Airtable, Notion, Klaviyo, etc.)
- Authentication tokens
- Database passwords
- Any sensitive credentials