.env Viewer Logo
.env Tools
Quick Start your .env

Generate .env Templates Instantly

Kickstart your project with commonly used environment variables. Select what you need, customize, and download for your setup.

Save Time

No more searching for the right variable names

Organized

Variables grouped by category for easy selection

Best Practices

Follow naming conventions used by popular tools

Advertisement
0 of 27 selected
Database
Authentication
API Keys
Cloud Storage
Application
OAuth
Monitoring

WHy use a generator?

Creating .env files manually can lead to inconsistencies and missing variables. With this generator you can save time during setup, ensure consistency across projects, and quickly bootstrap new environments.

Whether you're setting up a new application or standardizing your configuration, this tool provides commonly used variables out of the box.

Tips for using .env files

  • 1Always add .env to your .gitignore to keep secrets out of version control
  • 2Create a .env.example file with placeholder values for team members
  • 3Use different .env.local, .env.production files for different environments
  • 4Rotate secrets regularly and never commit real credentials to repositories
Advertisement

Understanding Variable Categories

Learn what each category is for and when to use it

Database Configuration

Database variables connect your application to data storage systems. These are critical for any application that persists data.

DATABASE_URL

The connection string for your primary database. Format varies by database type:

  • PostgreSQL: postgres://user:pass@host:5432/dbname
  • MySQL: mysql://user:pass@host:3306/dbname
  • MongoDB: mongodb+srv://user:pass@cluster.mongodb.net/dbname
REDIS_URL

Connection string for Redis, commonly used for caching, session storage, and rate limiting. Format: redis://user:pass@host:6379

Authentication & Security

These variables handle user authentication, session management, and cryptographic operations. They're essential for any application with user accounts.

JWT_SECRET / AUTH_SECRET

A random string used to sign JSON Web Tokens or session cookies. Should be at least 32 characters of random data. Generate with:

openssl rand -base64 32
NEXTAUTH_URL

Required by NextAuth.js/Auth.js. The canonical URL of your site (e.g., https://example.com). In development, use http://localhost:3000.

API Keys & External Services

API keys authenticate your application with third-party services. Each service has its own key format and naming convention.

STRIPE_SECRET_KEY / STRIPE_PUBLISHABLE_KEY

Stripe uses two keys: a secret key (sk_*) for server-side operations and a publishable key (pk_*) for client-side use. Never expose the secret key to the browser.

OPENAI_API_KEY

Your OpenAI API key for accessing GPT models, embeddings, and other AI services. Starts with sk-. Rate limits and billing are tied to this key.

RESEND_API_KEY / SENDGRID_API_KEY

Email service API keys for sending transactional emails, notifications, and marketing campaigns programmatically.

Cloud Storage & CDN

Variables for file uploads, static asset hosting, and content delivery networks.

AWS_ACCESS_KEY_ID / AWS_SECRET_ACCESS_KEY

AWS IAM credentials for accessing S3, CloudFront, and other AWS services. Follow least-privilege principles - create a dedicated IAM user with minimal permissions.

CLOUDINARY_URL

Single URL containing your Cloudinary credentials and cloud name. Used for image optimization, transformation, and CDN delivery.

Application Configuration

General application settings that control behavior, environment detection, and runtime options.

NODE_ENV

Standard Node.js variable indicating the environment: development, production, or test. Many libraries optimize behavior based on this value.

PORT

The port number your server listens on. Defaults vary by framework (3000 for Next.js, 5000 for Flask). Many hosting platforms set this automatically.

NEXT_PUBLIC_* Variables

In Next.js, variables prefixed with NEXT_PUBLIC_ are exposed to the browser. Use this prefix for values needed client-side, but never for secrets.

Framework-Specific Guides

Setup instructions for popular frameworks

Next.js

Next.js has built-in support for .env files with automatic loading based on environment.

# .env.local (not committed)
DATABASE_URL=postgres://localhost:5432/mydb
AUTH_SECRET=your-secret-here
# Public variables (exposed to browser)
NEXT_PUBLIC_API_URL=https://api.example.com
NEXT_PUBLIC_SITE_NAME=My App
Important: Only variables prefixed with NEXT_PUBLIC_ are available in client-side code. All other variables are server-only.

Express.js

Express doesn't load .env files automatically. Use the dotenv package.

# Install dotenv
npm install dotenv
// Load at the very top of your entry file
require('dotenv').config();
// Or with ES modules
import 'dotenv/config';
// Access variables
const port = process.env.PORT || 3000;

Vite

Vite has built-in .env support with a different prefix convention.

# .env
VITE_API_URL=https://api.example.com
VITE_APP_TITLE=My Vite App
# Server-only (not exposed to client)
DATABASE_URL=postgres://localhost/db
// Access in code
const apiUrl = import.meta.env.VITE_API_URL;
Note: Only variables prefixed with VITE_ are exposed to client-side code.

Create React App

CRA requires the REACT_APP_ prefix for environment variables.

# .env
REACT_APP_API_URL=https://api.example.com
REACT_APP_VERSION=1.0.0
// Access in code
const apiUrl = process.env.REACT_APP_API_URL;

Django / Flask (Python)

Python frameworks commonly use python-dotenv or django-environ.

# Install python-dotenv
pip install python-dotenv
# Python code
from dotenv import load_dotenv
import os
load_dotenv()
database_url = os.getenv('DATABASE_URL')
secret_key = os.getenv('SECRET_KEY')

Security Tips for Each Variable Type

Protect your secrets with these best practices

Database Credentials

  • DO:Use separate database users for each environment with minimal required permissions
  • DO:Enable SSL/TLS connections for all production databases
  • DON'T:Use the same credentials for development and production
  • DON'T:Include database credentials in error messages or logs

API Keys

  • DO:Use different API keys for development, staging, and production
  • DO:Set up usage alerts and rate limits on your API keys
  • DO:Rotate API keys periodically, especially after team member departures
  • DON'T:Expose secret API keys in client-side code (use publishable keys instead)

Authentication Secrets

  • DO:Generate secrets using cryptographically secure methods (openssl rand -base64 32)
  • DO:Use a unique secret for each application and environment
  • DON'T:Use predictable values like "secret" or "password" even in development
  • DON'T:Share JWT secrets between unrelated applications

Cloud Storage Credentials

  • DO:Create dedicated IAM users/roles with minimal permissions for each application
  • DO:Use temporary credentials or IAM roles when possible
  • DO:Enable MFA delete protection on S3 buckets with sensitive data
  • DON'T:Use root account credentials in applications

Quick Tips for Using Generated Files

  • 1.Always add .env to your .gitignore to keep secrets out of version control
  • 2.Create a .env.example file with placeholder values for team members
  • 3.Use different .env.local, .env.production files for different environments
  • 4.Rotate secrets regularly and never commit real credentials to repositories
  • 5.Replace placeholder values with real credentials before using in your project