Skip to main content
SENTi-radar requires several API keys and environment variables for full functionality. This guide covers setting up secrets for both frontend and backend.

Overview

SENTi-radar uses two types of environment variables:

Frontend (VITE_*)

Public variables embedded in the Vite build, accessible in the browser

Backend (Supabase Secrets)

Server-side secrets for edge functions, never exposed to the client
Never commit .env files to version control. Use .env.example as a template and add .env to .gitignore.

Required API Keys

Supabase

Required for: Database, authentication, edge functions
1

Create a Supabase project

Sign up at supabase.com and create a new project
2

Get your project credentials

Navigate to Project Settings → API:
  • Project URL: https://your-project.supabase.co
  • Anon/Public Key: Public key for client-side requests
  • Service Role Key: Secret key for server-side operations (never expose in frontend)

Scrape.do

Required for: Live X (Twitter) and Reddit data scraping
1

Sign up for Scrape.do

Create an account at scrape.do
2

Get your API token

Navigate to Dashboard → API Tokens and copy your token
3

Choose your plan

  • Free tier: 1,000 requests/month
  • Starter: 10,000 requests/month ($29)
  • Pro: 100,000 requests/month ($99)
Scrape.do is the primary data source for X/Twitter and Reddit. Without it, the app falls back to YouTube or algorithmic generation.

YouTube Data API v3

Required for: YouTube video comments (optional)
1

Go to Google Cloud Console

Visit console.cloud.google.com
2

Create a new project

Or select an existing project
3

Enable YouTube Data API v3

Navigate to APIs & Services → Library → Search for “YouTube Data API v3” → Enable
4

Create credentials

APIs & Services → Credentials → Create Credentials → API Key
5

Restrict your API key (recommended)

Edit API key → API restrictions → Select “YouTube Data API v3”
Quota: 10,000 units/day (free tier)

Gemini API

Required for: AI-powered sentiment analysis and summaries (optional)
1

Get Gemini API key

Visit ai.google.dev and sign up
2

Create an API key

Navigate to API Keys → Create API Key
3

Choose your model

SENTi-radar uses gemini-1.5-flash for fast, cost-effective analysis
Without Gemini, the app falls back to keyword-based sentiment analysis, which is less accurate but fully functional.

Groq (Optional)

Required for: Alternative LLM for summaries (optional)
1

Sign up for Groq

Visit console.groq.com
2

Generate API key

Navigate to API Keys → Create new key

Frontend Environment Variables

Local Development

Create a .env file in the project root:
.env
# Supabase Configuration
VITE_SUPABASE_URL=https://owrqiailcuwlzxeekhms.supabase.co
VITE_SUPABASE_PUBLISHABLE_KEY=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...

# Scrape.do (required for live X/Reddit data)
VITE_SCRAPE_TOKEN=your-scrape-do-token

# YouTube Data API v3 (optional)
VITE_YOUTUBE_API_KEY=AIzaSyC...

# Gemini AI (optional, falls back to keyword analysis)
VITE_GEMINI_API_KEY=AIzaSyD...

# Groq (optional, secondary LLM)
VITE_GROQ_API_KEY=gsk_...
All frontend environment variables must be prefixed with VITE_ to be accessible in the browser via import.meta.env.VITE_*.

Production

Set environment variables in your hosting platform:
  1. Go to Project Settings → Environment Variables
  2. Add each variable:
    • Name: VITE_SUPABASE_URL
    • Value: https://your-project.supabase.co
    • Environment: Production
  3. Redeploy to apply changes
  1. Go to Site Settings → Build & Deploy → Environment
  2. Click “Add variable”
  3. Add each VITE_* variable
  4. Trigger a new deploy
  1. Go to Settings → Environment Variables
  2. Add Production variables
  3. Redeploy the project
  1. Go to Project Settings → Environment Variables
  2. Add each variable with its value
  3. Deploy or redeploy to apply

Backend Secrets (Supabase)

Setting Secrets

Edge functions access secrets via Deno.env.get(). Set them using the Supabase CLI: 
supabase secrets set SCRAPE_DO_TOKEN=your-token-here

Listing Secrets

View configured secrets (values are hidden): 
supabase secrets list
Output: 
SCRAPE_DO_TOKEN
YOUTUBE_API_KEY
GEMINI_API_KEY
SUPABASE_URL
SUPABASE_SERVICE_ROLE_KEY

Unsetting Secrets

Remove a secret: 
supabase secrets unset GEMINI_API_KEY

Required Secrets by Function

Required:
  • SUPABASE_URL
  • SUPABASE_SERVICE_ROLE_KEY
Optional:
  • GEMINI_API_KEY (falls back to keyword-based analysis)
Required:
  • SUPABASE_URL
  • SUPABASE_SERVICE_ROLE_KEY
Optional (in priority order):
  • SCRAPE_DO_TOKEN (primary data source)
  • PARALLEL_API_KEY (fallback)
  • YOUTUBE_API_KEY (fallback)
Required:
  • SUPABASE_URL
  • SUPABASE_SERVICE_ROLE_KEY
Optional:
  • SCRAPE_DO_TOKEN (for Reddit JSON API)
Required:
  • SUPABASE_URL
  • SUPABASE_SERVICE_ROLE_KEY
Optional:
  • YOUTUBE_API_KEY
Required:
  • SUPABASE_URL
  • SUPABASE_SERVICE_ROLE_KEY
Note: Inherits requirements from all called functions
Required:
  • SUPABASE_URL
  • SUPABASE_SERVICE_ROLE_KEY
Optional:
  • GEMINI_API_KEY
Required:
  • SUPABASE_URL
  • SUPABASE_SERVICE_ROLE_KEY

Environment Variable Reference

Frontend Variables

VariableRequiredDescriptionExample
VITE_SUPABASE_URL✅ YesSupabase project URLhttps://abc123.supabase.co
VITE_SUPABASE_PUBLISHABLE_KEY✅ YesSupabase anon/public keyeyJhbGciOiJIUzI1NiIs...
VITE_SCRAPE_TOKEN⭐ RecommendedScrape.do API token for X/Redditscrape_do_abc123...
VITE_YOUTUBE_API_KEY❌ OptionalYouTube Data API v3 keyAIzaSyC...
VITE_GEMINI_API_KEY❌ OptionalGemini AI API keyAIzaSyD...
VITE_GROQ_API_KEY❌ OptionalGroq API keygsk_...

Backend Secrets

SecretRequiredDescriptionExample
SUPABASE_URL✅ YesSupabase project URLhttps://abc123.supabase.co
SUPABASE_SERVICE_ROLE_KEY✅ YesSupabase service role key (never expose publicly)eyJhbGciOiJIUzI1NiIs...
SCRAPE_DO_TOKEN⭐ RecommendedScrape.do API tokenscrape_do_abc123...
YOUTUBE_API_KEY❌ OptionalYouTube Data API v3 keyAIzaSyC...
GEMINI_API_KEY❌ OptionalGemini AI API keyAIzaSyD...
PARALLEL_API_KEY❌ OptionalParallel.ai API key (fallback)pk_...

Validation & Testing

Test Frontend Environment

Open browser console: 
console.log('Supabase URL:', import.meta.env.VITE_SUPABASE_URL);
console.log('Has Scrape Token:', !!import.meta.env.VITE_SCRAPE_TOKEN);
Expected output: 
Supabase URL: https://your-project.supabase.co
Has Scrape Token: true

Test Edge Function Secrets

Deploy a test function:
test-secrets.ts
import { serve } from "https://deno.land/[email protected]/http/server.ts";

serve(() => {
  const secrets = {
    hasSupabaseUrl: !!Deno.env.get("SUPABASE_URL"),
    hasServiceRoleKey: !!Deno.env.get("SUPABASE_SERVICE_ROLE_KEY"),
    hasScrapeToken: !!Deno.env.get("SCRAPE_DO_TOKEN"),
    hasGeminiKey: !!Deno.env.get("GEMINI_API_KEY"),
  };
  
  return new Response(JSON.stringify(secrets, null, 2), {
    headers: { "Content-Type": "application/json" },
  });
});
Deploy and test: 
supabase functions deploy test-secrets
curl https://your-project.supabase.co/functions/v1/test-secrets

Security Best Practices

1

Never commit secrets

Add to .gitignore:
.env
.env.local
.env.production
.env.secrets
2

Rotate keys regularly

Update API keys monthly and after any security incidents
3

Use separate keys for dev/prod

Create separate API keys for development and production environments
4

Restrict API key permissions

Enable API restrictions in Google Cloud Console, Supabase RLS, etc.
5

Monitor API usage

Set up alerts for unusual usage patterns in:
  • Supabase Dashboard
  • Scrape.do Dashboard
  • Google Cloud Console

Troubleshooting

Symptoms: import.meta.env.VITE_SUPABASE_URL returns undefinedCauses:
  1. Variable not prefixed with VITE_
  2. .env file not in project root
  3. Build cache not cleared
Solutions:
# Ensure VITE_ prefix
VITE_SUPABASE_URL=https://...

# Clear cache and rebuild
rm -rf dist node_modules/.vite
npm run build
Symptoms: Deno.env.get("SCRAPE_DO_TOKEN") returns undefined or empty stringCauses:
  1. Secrets not set via supabase secrets set
  2. Wrong project linked
Solutions:
# Verify linked project
supabase status

# List secrets
supabase secrets list

# Set missing secrets
supabase secrets set SCRAPE_DO_TOKEN=your-token
Symptoms: 429 errors from Scrape.do, YouTube, or GeminiSolutions:
  1. Check usage in provider dashboard
  2. Upgrade to higher tier
  3. Implement caching to reduce API calls
  4. Use fallback mechanisms (app already includes these)
Symptoms: 401/403 errors from external APIsSolutions:
  1. Verify API key is correct (no extra spaces)
  2. Check API key hasn’t expired
  3. Ensure API is enabled (e.g., YouTube Data API v3 in Google Cloud)
  4. Test API key directly with curl:
# Test Scrape.do
curl "https://api.scrape.do?token=YOUR_TOKEN&url=https://example.com"

# Test YouTube API
curl "https://www.googleapis.com/youtube/v3/search?part=snippet&q=test&key=YOUR_KEY"

Next Steps

Deploy Frontend

Build and deploy the React application

Deploy Edge Functions

Deploy backend edge functions to Supabase

Build docs developers (and LLMs) love

Get started for freeTalk to us