AgenticPal requires several environment variables for LLM integration, Redis configuration, and session management.
Environment Variables Create a .env file in your project root to store configuration:
Never commit .env files to version control. Add .env to your .gitignore.
Required Variables LLM API Configuration AgenticPal uses LangChain for LLM integration. Configure your preferred LLM provider:
OpenAI
Anthropic
Other Providers
OPENAI_API_KEY = sk-your-api-key-here
Get your API key from OpenAI Platform . ANTHROPIC_API_KEY = sk-ant-your-api-key-here
Get your API key from Anthropic Console . AgenticPal supports any LangChain-compatible LLM provider. Refer to the LangChain documentation for configuration details. Redis Configuration (Optional) For session persistence and checkpoint storage, configure Redis:
# Redis connection URL REDIS_URL = redis://localhost:6379 # Session TTL (default: 7 days) SESSION_TTL_SECONDS = 604800 # OAuth state TTL (default: 10 minutes) OAUTH_STATE_TTL_SECONDS = 600 # Session secret for cookie signing SESSION_SECRET = your-random-secret-here
If you don’t configure Redis, AgenticPal will use in-memory storage. This is fine for CLI usage but required for the web API.
Session Secret Generation Generate a secure random secret for session management:
python -c "import secrets; print(secrets.token_hex(32))"
Add the output to your .env file:
SESSION_SECRET = a1b2c3d4e5f6...your-64-character-hex-string
If SESSION_SECRET is not set, a random secret will be generated on each startup, invalidating all existing sessions. Always set this in production.
Complete .env Example Here’s a complete example with all variables:
# LLM Provider OPENAI_API_KEY = sk-proj-abc123... # Redis Configuration REDIS_URL = redis://localhost:6379 SESSION_TTL_SECONDS = 604800 OAUTH_STATE_TTL_SECONDS = 600 SESSION_SECRET = a1b2c3d4e5f6789... # Optional: Custom paths for OAuth files # CREDENTIALS_PATH=credentials.json # TOKEN_PATH=token.json
Environment Variables Reference From auth.py Variable Default Description CREDENTIALS_PATHcredentials.jsonPath to OAuth client credentials TOKEN_PATHtoken.jsonPath to cached OAuth token
From api/session.py Variable Default Description REDIS_URLredis://localhost:6379Redis connection URL (session.py:30) SESSION_TTL_SECONDS604800 (7 days)Session expiration time (session.py:35) OAUTH_STATE_TTL_SECONDS600 (10 min)OAuth state expiration (session.py:40) SESSION_SECRETAuto-generated Secret for cookie signing (session.py:45)
Loading Environment Variables AgenticPal uses Python’s os.getenv() to read environment variables. Make sure to load them in your application:
import os from dotenv import load_dotenv # Load .env file load_dotenv() # Access variables redis_url = os.getenv( "REDIS_URL" , "redis://localhost:6379" )
Install python-dotenv if not already in your dependencies: Security Best Practices
Never commit secrets
Always add sensitive files to .gitignore: .env credentials.json token.json
Use strong secrets
Generate cryptographically secure random secrets: python -c "import secrets; print(secrets.token_hex(32))"
Rotate credentials regularly
Regenerate SESSION_SECRET periodically
Rotate API keys if compromised
Revoke unused OAuth tokens
Use environment-specific configs
Maintain separate .env files for development, staging, and production:
.env.development.env.staging.env.production Verification Verify your environment configuration:
import os from dotenv import load_dotenv load_dotenv() required_vars = [ "OPENAI_API_KEY" , # or your LLM provider key ] optional_vars = [ "REDIS_URL" , "SESSION_SECRET" , ] print ( "Required variables:" ) for var in required_vars: value = os.getenv(var) status = "✓" if value else "✗" print ( f " { status } { var } " ) print ( " \n Optional variables:" ) for var in optional_vars: value = os.getenv(var) status = "✓" if value else "✗" print ( f " { status } { var } " )
Next Steps
Redis Setup Set up Redis for session persistence
