Skip to main content

Overview

Environment variables are used to configure the application for different environments (development, staging, production) without changing code. They are typically stored in .env files.
Environment variables prefixed with NEXT_PUBLIC_ are exposed to the browser. All other variables are only available on the server side.

API Configuration

NEXT_PUBLIC_API_URL

Base URL for the backend API.
NEXT_PUBLIC_API_URL
string
required
The base URL for all API requests

Example Values

NEXT_PUBLIC_API_URL=http://localhost:3001/api

NEXT_PUBLIC_API_VERSION

API version to use.
NEXT_PUBLIC_API_VERSION
string
API version identifier (default: “v1”)

Example

NEXT_PUBLIC_API_VERSION=v2

API_TIMEOUT

Request timeout in milliseconds.
API_TIMEOUT
number
Maximum time to wait for API responses (default: 30000)

Example

API_TIMEOUT=60000

Authentication

NEXT_PUBLIC_AUTH_ENABLED

Enable or disable authentication.
NEXT_PUBLIC_AUTH_ENABLED
boolean
Whether authentication is required (default: true)

Example

NEXT_PUBLIC_AUTH_ENABLED=true

JWT_SECRET

Secret key for JWT token signing (server-side only).
JWT_SECRET
string
required
Secret key used to sign and verify JWT tokens
This variable should NEVER be exposed to the client. Do not prefix with NEXT_PUBLIC_.

Example

JWT_SECRET=your-super-secret-key-change-in-production

SESSION_SECRET

Secret for session encryption (server-side only).
SESSION_SECRET
string
required
Secret key for encrypting session data

Example

SESSION_SECRET=another-secret-key-for-sessions

TOKEN_EXPIRY

JWT token expiration time.
TOKEN_EXPIRY
string
Token expiration duration (default: “1h”)

Example

TOKEN_EXPIRY=24h

OAuth Providers

GOOGLE_CLIENT_ID

Google OAuth client ID.
GOOGLE_CLIENT_ID
string
Client ID from Google Cloud Console

GOOGLE_CLIENT_SECRET

Google OAuth client secret (server-side only).
GOOGLE_CLIENT_SECRET
string
Client secret from Google Cloud Console

Example

GOOGLE_CLIENT_ID=123456789-abcdef.apps.googleusercontent.com
GOOGLE_CLIENT_SECRET=GOCSPX-abc123def456

GITHUB_CLIENT_ID

GitHub OAuth client ID.
GITHUB_CLIENT_ID
string
Client ID from GitHub OAuth App

GITHUB_CLIENT_SECRET

GitHub OAuth client secret (server-side only).
GITHUB_CLIENT_SECRET
string
Client secret from GitHub OAuth App

Example

GITHUB_CLIENT_ID=Iv1.1234567890abcdef
GITHUB_CLIENT_SECRET=1234567890abcdef1234567890abcdef12345678

Database

DATABASE_URL

Database connection string (server-side only).
DATABASE_URL
string
required
Full database connection URL

Example

DATABASE_URL=postgresql://user:password@localhost:5432/mydb

Analytics & Tracking

NEXT_PUBLIC_GA_ID

Google Analytics tracking ID.
NEXT_PUBLIC_GA_ID
string
Google Analytics measurement ID (e.g., G-XXXXXXXXXX)

Example

NEXT_PUBLIC_GA_ID=G-XXXXXXXXXX

NEXT_PUBLIC_SEGMENT_KEY

Segment analytics write key.
NEXT_PUBLIC_SEGMENT_KEY
string
Segment write key for analytics

Example

NEXT_PUBLIC_SEGMENT_KEY=abc123def456ghi789

Feature Flags

NEXT_PUBLIC_ENABLE_BETA_FEATURES

Enable beta/experimental features.
NEXT_PUBLIC_ENABLE_BETA_FEATURES
boolean
Toggle beta features (default: false)

NEXT_PUBLIC_ENABLE_ANALYTICS

Enable analytics tracking.
NEXT_PUBLIC_ENABLE_ANALYTICS
boolean
Toggle analytics (default: true)

NEXT_PUBLIC_ENABLE_NOTIFICATIONS

Enable push notifications.
NEXT_PUBLIC_ENABLE_NOTIFICATIONS
boolean
Toggle notifications (default: true)

Example

NEXT_PUBLIC_ENABLE_BETA_FEATURES=false
NEXT_PUBLIC_ENABLE_ANALYTICS=true
NEXT_PUBLIC_ENABLE_NOTIFICATIONS=true

File Storage

AWS_S3_BUCKET

AWS S3 bucket name (server-side only).
AWS_S3_BUCKET
string
S3 bucket for file storage

AWS_ACCESS_KEY_ID

AWS access key ID (server-side only).
AWS_ACCESS_KEY_ID
string
AWS IAM access key

AWS_SECRET_ACCESS_KEY

AWS secret access key (server-side only).
AWS_SECRET_ACCESS_KEY
string
AWS IAM secret key

AWS_REGION

AWS region.
AWS_REGION
string
AWS region (e.g., us-east-1)

Example

AWS_S3_BUCKET=my-app-uploads
AWS_ACCESS_KEY_ID=AKIAIOSFODNN7EXAMPLE
AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
AWS_REGION=us-east-1

Email Service

SMTP_HOST

SMTP server hostname (server-side only).
SMTP_HOST
string
SMTP server address

SMTP_PORT

SMTP server port (server-side only).
SMTP_PORT
number
SMTP port (typically 587 or 465)

SMTP_USER

SMTP username (server-side only).
SMTP_USER
string
SMTP authentication username

SMTP_PASSWORD

SMTP password (server-side only).
SMTP_PASSWORD
string
SMTP authentication password

FROM_EMAIL

Default sender email address.
FROM_EMAIL
string
Email address to send from

Example

SMTP_HOST=smtp.gmail.com
SMTP_PORT=587
SMTP_USER=[email protected]
SMTP_PASSWORD=your-app-password
FROM_EMAIL=[email protected]

Application Settings

NODE_ENV

Current environment.
NODE_ENV
'development' | 'staging' | 'production'
required
Application environment

PORT

Server port.
PORT
number
Port for the application server (default: 3000)

NEXT_PUBLIC_APP_URL

Public application URL.
NEXT_PUBLIC_APP_URL
string
required
Full URL where the app is hosted

Example

NODE_ENV=development
PORT=3000
NEXT_PUBLIC_APP_URL=http://localhost:3000

Usage in Code

Accessing Environment Variables

// Only NEXT_PUBLIC_ prefixed variables are available
const apiUrl = process.env.NEXT_PUBLIC_API_URL;
const gaId = process.env.NEXT_PUBLIC_GA_ID;

console.log('API URL:', apiUrl);

Environment Files

File Structure

# Local development overrides (not committed to git)
NEXT_PUBLIC_API_URL=http://localhost:3001/api
DATABASE_URL=postgresql://localhost:5432/mydb_dev
The .env.local file takes precedence over other environment files and should never be committed to version control.

Validation

Validate required environment variables at startup: 
const requiredEnvVars = [
  'NEXT_PUBLIC_API_URL',
  'DATABASE_URL',
  'JWT_SECRET'
];

requiredEnvVars.forEach((envVar) => {
  if (!process.env[envVar]) {
    throw new Error(`Missing required environment variable: ${envVar}`);
  }
});

export function validateEnv() {
  console.log('✓ All required environment variables are set');
}

Build docs developers (and LLMs) love

Get started for freeTalk to us