Skip to main content

Overview

AiVault requires several environment variables to connect with external services. Create a .env.local file in the root directory and configure the following variables.

Gemini AI Configuration

These variables are automatically injected by AI Studio at runtime.
GEMINI_API_KEY
string
required
Required for Gemini AI API calls. In AI Studio, this is automatically injected from user secrets configured via the Secrets panel.
GEMINI_API_KEY="your_gemini_api_key_here"
APP_URL
string
required
The URL where this applet is hosted. AI Studio automatically injects this at runtime with the Cloud Run service URL. Used for self-referential links, OAuth callbacks, and API endpoints.
APP_URL="https://your-app-url.com"

Clerk Authentication

Configure Clerk for user authentication and session management.
NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY
string
required
Your Clerk publishable key. Get this from your Clerk Dashboard.
NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY="pk_test_..."
CLERK_SECRET_KEY
string
required
Your Clerk secret key. Keep this secure and never commit it to version control.
CLERK_SECRET_KEY="sk_test_..."
NEXT_PUBLIC_CLERK_SIGN_IN_URL
string
default:"/sign-in"
The URL path for the sign-in page.
NEXT_PUBLIC_CLERK_SIGN_IN_URL=/sign-in
NEXT_PUBLIC_CLERK_SIGN_UP_URL
string
default:"/sign-up"
The URL path for the sign-up page.
NEXT_PUBLIC_CLERK_SIGN_UP_URL=/sign-up

Convex Database

Configure Convex for real-time database and backend functionality.
CONVEX_DEPLOYMENT
string
required
Your Convex deployment name. This is generated when you run npx convex dev for the first time.
CONVEX_DEPLOYMENT="your-deployment-name"
NEXT_PUBLIC_CONVEX_URL
string
required
Your Convex deployment URL. This is automatically generated by Convex and displayed when running convex dev.
NEXT_PUBLIC_CONVEX_URL="https://your-deployment.convex.cloud"
CONVEX_DEPLOY_KEY
string
Required for production deployments. Get this from your Convex dashboard under deployment settings.
CONVEX_DEPLOY_KEY="your_convex_deploy_key"
This is only needed for CI/CD and production deployments. Not required for local development.

Admin Configuration

Control who has access to the admin dashboard.
NEXT_PUBLIC_ADMIN_USER_IDS
string
required
Comma-separated list of Clerk user IDs that should have admin access. Users listed here can access the /admin dashboard to approve or reject tool submissions.
NEXT_PUBLIC_ADMIN_USER_IDS="user_2th...,user_2tj..."
Only add trusted user IDs here. Admins have full control over tool approvals and rejections.
To find your Clerk user ID:
  1. Sign in to your application
  2. Open browser dev tools
  3. Check the network tab or localStorage for your user ID
  4. Or use Clerk Dashboard to view user IDs

Email Configuration (Optional)

Configure Resend for transactional email notifications.
RESEND_API_KEY
string
Your Resend API key for sending transactional emails. Get this from resend.com.
RESEND_API_KEY="re_..."
Email notifications are optional but recommended for production deployments.
FROM_EMAIL
string
default:"AiVault <[email protected]>"
The email address that will appear in the “From” field of sent emails. Must be verified in your Resend dashboard.
FROM_EMAIL="AiVault <[email protected]>"
NEXT_PUBLIC_ADMIN_EMAIL
string
Admin email address for receiving notifications about new tool submissions.
NEXT_PUBLIC_ADMIN_EMAIL="[email protected]"

Example Configuration

Here’s a complete example .env.local file: 
# Gemini AI (Auto-injected by AI Studio)
GEMINI_API_KEY="your_gemini_api_key"
APP_URL="http://localhost:3000"

# Clerk Authentication
NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY="pk_test_..."
CLERK_SECRET_KEY="sk_test_..."
NEXT_PUBLIC_CLERK_SIGN_IN_URL=/sign-in
NEXT_PUBLIC_CLERK_SIGN_UP_URL=/sign-up

# Convex Database
CONVEX_DEPLOYMENT="prod:your-deployment"
NEXT_PUBLIC_CONVEX_URL="https://your-deployment.convex.cloud"
CONVEX_DEPLOY_KEY="" # Only for production

# Admin Access
NEXT_PUBLIC_ADMIN_USER_IDS="user_2th1234567890"

# Email (Optional)
RESEND_API_KEY="re_..."
FROM_EMAIL="AiVault <[email protected]>"
NEXT_PUBLIC_ADMIN_EMAIL="[email protected]"

Security Best Practices

Never commit .env.local or any file containing secrets to version control. Make sure .env.local is in your .gitignore file.
  1. Use Different Keys for Development and Production - Create separate Clerk and Convex projects for development and production
  2. Rotate Keys Regularly - Especially if they may have been exposed
  3. Limit Admin Access - Only add trusted user IDs to NEXT_PUBLIC_ADMIN_USER_IDS
  4. Use Environment-Specific Variables - Use different values for development, staging, and production

Verifying Configuration

After setting up your environment variables:
  1. Restart both development servers (Convex and Next.js)
  2. Check the browser console for any authentication errors
  3. Try signing in to verify Clerk is working
  4. Check the Convex dashboard to ensure database connection is active
  5. Test admin access by navigating to /admin (if your user ID is in the admin list)

Next Steps

Configuration

Learn about Next.js and configuration files

Database Schema

Understand the Convex database schema

Build docs developers (and LLMs) love

Get started for freeTalk to us