Skip to main content

Overview

CheckThat AI uses environment variables to configure API keys, database connections, and application settings. This page provides a comprehensive reference for all available environment variables.
Never commit environment variables to version control. Use .env files for local development and secrets management for production.

Quick Setup

# Copy this template and fill in your values
cp .env.example .env

Model Provider API Keys

Configure API keys for the AI model providers you plan to use. At least one provider is required.

OpenAI

OPENAI_API_KEY
string
required
OpenAI API key for GPT models (GPT-4, GPT-4o, GPT-4.1).How to get:
  1. Sign up at platform.openai.com
  2. Navigate to API Keys section
  3. Create a new secret key
Format: sk-proj-... or sk-...Supported Models:
  • gpt-4
  • gpt-4o
  • gpt-4-turbo
  • gpt-4-32k
  • gpt-3.5-turbo
export OPENAI_API_KEY="sk-proj-xxxxxxxxxxxxxxxxxxxx"

Anthropic (Claude)

ANTHROPIC_API_KEY
string
required
Anthropic API key for Claude models (Claude 3.7 Sonnet, Claude 3.5 Sonnet).How to get:
  1. Sign up at console.anthropic.com
  2. Navigate to API Keys
  3. Create a new API key
Format: sk-ant-api03-...Supported Models:
  • claude-3-7-sonnet-20250219
  • claude-3-5-sonnet-20241022
  • claude-3-opus-20240229
  • claude-3-sonnet-20240229
export ANTHROPIC_API_KEY="sk-ant-api03-xxxxxxxxxxxxxxxxxxxx"

Google Gemini

GEMINI_API_KEY
string
required
Google API key for Gemini models (Gemini 2.5 Pro, Gemini 2.5 Flash).How to get:
  1. Visit ai.google.dev
  2. Get API key from Google AI Studio
  3. Enable Gemini API in Google Cloud Console
Format: AIzaSy...Supported Models:
  • gemini-2.0-flash-exp
  • gemini-1.5-pro
  • gemini-1.5-flash
export GEMINI_API_KEY="AIzaSyxxxxxxxxxxxxxxxxxxxx"

xAI (Grok)

GROK_API_KEY
string
required
xAI API key for Grok models.How to get:
  1. Sign up at x.ai
  2. Access the developer console
  3. Generate an API key
Format: xai-...Supported Models:
  • grok-3
  • grok-beta
  • grok-vision-beta
export GROK_API_KEY="xai-xxxxxxxxxxxxxxxxxxxx"

Together.ai (Llama)

TOGETHER_API_KEY
string
Together.ai API key for Llama models.How to get:
  1. Sign up at together.ai
  2. Navigate to API section
  3. Create a new API key
Format: Variable formatSupported Models:
  • meta-llama/Llama-3.3-70B-Instruct-Turbo-Free (Free tier available)
  • meta-llama/Llama-3.1-70B-Instruct-Turbo
  • meta-llama/Llama-3.1-8B-Instruct-Turbo
Together.ai offers free tier models that don’t require an API key for basic usage.
export TOGETHER_API_KEY="xxxxxxxxxxxxxxxxxxxx"

Database Configuration (Supabase)

Supabase is used for authentication and storing conversation history.

Supabase URL

SUPABASE_URL
string
required
Your Supabase project URL.How to get:
  1. Create project at supabase.com
  2. Go to Project Settings → API
  3. Copy the Project URL
Format: https://xxxxxxxxxxxxx.supabase.co
export SUPABASE_URL="https://xxxxxxxxxxxxx.supabase.co"

Supabase Anonymous Key

SUPABASE_ANON_KEY
string
required
Public anonymous key for client-side authentication.How to get:
  1. Supabase Project Settings → API
  2. Copy the anon public key
Security: Safe to expose in frontend code (protected by Row Level Security)Format: eyJhbGc...
export VITE_SUPABASE_ANON_KEY="eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."

Supabase Service Key

SUPABASE_SERVICE_KEY
string
required
Server-side service key with admin privileges.How to get:
  1. Supabase Project Settings → API
  2. Copy the service_role secret key
Security: NEVER expose in frontend code. Backend only.Format: eyJhbGc...
This key bypasses Row Level Security. Only use on the backend server.
export SUPABASE_SERVICE_KEY="eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."

Supabase JWT Secret

SUPABASE_JWT_SECRET
string
required
JWT secret for verifying authentication tokens.How to get:
  1. Supabase Project Settings → API
  2. Copy the JWT Secret
Security: Backend only, used for JWT validation.Format: Long random string
export SUPABASE_JWT_SECRET="your-jwt-secret-here"

Application Configuration

Environment Type

ENV_TYPE
string
default:"dev"
Application environment type.Values:
  • dev - Development mode with verbose logging and permissive CORS
  • prod - Production mode with optimized settings
Effects:
  • Logging verbosity (DEBUG vs INFO)
  • CORS origin configuration
  • Error message detail level
export ENV_TYPE="dev"

CORS Origins

CORS_ORIGINS
string
default:"*"
Comma-separated list of allowed CORS origins.Values:
  • * - Allow all origins (public API)
  • Specific domains: https://www.checkthat-ai.com,https://checkthat-ai.com
Security:
  • Use * for public APIs
  • Specify domains for private APIs
export CORS_ORIGINS="*"

Logging Level

LOG_LEVEL
string
default:"INFO"
Application logging level.Values:
  • DEBUG - Verbose logging (development)
  • INFO - Standard logging (production)
  • WARNING - Warnings and errors only
  • ERROR - Errors only
export LOG_LEVEL="DEBUG"

Frontend-Specific Variables

Frontend environment variables must be prefixed with VITE_ to be accessible in the browser.

Backend API URL

VITE_BACKEND_URL
string
required
URL of the backend API server.Development: http://localhost:8000Production: Your deployed backend URL
export VITE_BACKEND_URL="http://localhost:8000"

Environment Variable Summary

Required Variables

VariableComponentDescription
At least one of:BackendModel provider API key
OPENAI_API_KEYBackendOpenAI GPT models
ANTHROPIC_API_KEYBackendAnthropic Claude models
GEMINI_API_KEYBackendGoogle Gemini models
GROK_API_KEYBackendxAI Grok models
SUPABASE_URLBothSupabase project URL
SUPABASE_SERVICE_KEYBackendAdmin access to Supabase
SUPABASE_JWT_SECRETBackendJWT verification
VITE_SUPABASE_URLFrontendSupabase URL for client
VITE_SUPABASE_ANON_KEYFrontendPublic authentication key
VITE_BACKEND_URLFrontendBackend API endpoint

Optional Variables

VariableDefaultDescription
ENV_TYPEdevEnvironment type
CORS_ORIGINS*Allowed CORS origins
LOG_LEVELINFOLogging verbosity
TOGETHER_API_KEY-Together.ai Llama models

Security Best Practices

  1. Use .env files: Create a .env file in the root directory
  2. Never commit .env: Add to .gitignore
  3. Use .env.example: Template without actual values
  4. Rotate keys regularly: Generate new keys periodically
.gitignore
.env
.env.local
.env.production
.env.*.local
  1. Use secrets management: GitHub Secrets, Railway Variables, etc.
  2. Different keys per environment: Separate dev/prod keys
  3. Principle of least privilege: Only grant necessary permissions
  4. Monitor usage: Track API calls and costs
  5. Set spending limits: Configure budget alerts
  1. Never hardcode keys: Always use environment variables
  2. Never log keys: Exclude from logs and error messages
  3. Never share keys: Use separate keys per team member
  4. Revoke compromised keys: Immediately rotate exposed keys
  5. Use key rotation: Change keys on a regular schedule
  1. Backend Only:
    • Model provider API keys
    • Supabase service key
    • JWT secret
  2. Frontend Safe (with VITE_ prefix):
    • Supabase URL
    • Supabase anonymous key
    • Backend URL
  3. Never expose in frontend:
    • Service keys
    • Model provider API keys
    • JWT secrets

Configuration Files

.env.example (Template)

Create this file in your repository root:
.env.example
# Model Provider API Keys (at least one required)
OPENAI_API_KEY=your-openai-api-key
ANTHROPIC_API_KEY=your-anthropic-api-key
GEMINI_API_KEY=your-gemini-api-key
GROK_API_KEY=your-xai-grok-key
TOGETHER_API_KEY=your-together-api-key

# Supabase Configuration
SUPABASE_URL=https://your-project.supabase.co
SUPABASE_SERVICE_KEY=your-service-key
SUPABASE_JWT_SECRET=your-jwt-secret

# Application Configuration
ENV_TYPE=dev
CORS_ORIGINS=*
LOG_LEVEL=INFO

# Frontend Variables (VITE_ prefix required)
VITE_BACKEND_URL=http://localhost:8000
VITE_SUPABASE_URL=https://your-project.supabase.co
VITE_SUPABASE_ANON_KEY=your-anon-key

.env (Local Development)

Copy .env.example and fill in actual values: 
cp .env.example .env
# Edit .env with your actual API keys

Troubleshooting

Symptoms: Application can’t find API keysSolutions:
  1. Verify .env file location (project root)
  2. Restart development server after changes
  3. Check for typos in variable names
  4. Ensure no extra spaces or quotes
  5. Use correct prefix (VITE_ for frontend)
Symptoms: Frontend can’t connect to backendSolutions:
  1. Set CORS_ORIGINS=* for development
  2. Add frontend URL to CORS_ORIGINS in production
  3. Verify VITE_BACKEND_URL is correct
  4. Check backend CORS configuration
Symptoms: Supabase authentication failingSolutions:
  1. Verify all Supabase variables are set
  2. Check Supabase project is active
  3. Ensure JWT secret matches project
  4. Verify Row Level Security policies
  5. Check service key is not exposed in frontend
Symptoms: AI model requests failingSolutions:
  1. Verify API key is valid and active
  2. Check API key has sufficient credits/quota
  3. Ensure correct key format (no extra spaces)
  4. Test key directly with provider’s API
  5. Check for rate limiting or spending limits

Verification Script

Create a script to verify your environment configuration:
check_env.py
import os
from typing import List, Tuple

def check_env_vars() -> List[Tuple[str, bool]]:
    """Check which environment variables are configured."""
    
    required = [
        "SUPABASE_URL",
        "SUPABASE_SERVICE_KEY",
        "SUPABASE_JWT_SECRET",
    ]
    
    model_providers = [
        "OPENAI_API_KEY",
        "ANTHROPIC_API_KEY",
        "GEMINI_API_KEY",
        "GROK_API_KEY",
    ]
    
    optional = [
        "ENV_TYPE",
        "CORS_ORIGINS",
        "LOG_LEVEL",
    ]
    
    results = []
    
    print("\n=== Required Variables ===")
    for var in required:
        status = bool(os.getenv(var))
        results.append((var, status))
        print(f"  {var}: {'✅' if status else '❌'}")
    
    print("\n=== Model Providers (at least one required) ===")
    model_count = 0
    for var in model_providers:
        status = bool(os.getenv(var))
        if status:
            model_count += 1
        results.append((var, status))
        print(f"  {var}: {'✅' if status else '⚠️'}")
    
    print(f"\n  Configured providers: {model_count}")
    if model_count == 0:
        print("  ❌ ERROR: At least one model provider required!")
    
    print("\n=== Optional Variables ===")
    for var in optional:
        status = bool(os.getenv(var))
        results.append((var, status))
        value = os.getenv(var, "(not set)")
        print(f"  {var}: {value}")
    
    return results

if __name__ == "__main__":
    check_env_vars()
Run with: 
python check_env.py

Next Steps

Local Setup

Set up your local development environment

Production Deployment

Deploy to production with proper configuration

Model Configuration

Configure and use different AI models

Security Guide

Advanced security best practices

Build docs developers (and LLMs) love

Get started for freeTalk to us