Skip to content

Environment Variables & Secrets

WARNING

This page lists variable names and purposes only — never commit actual values. Frontend values live in .env.local; edge-function secrets are configured in the Supabase dashboard (Functions → Secrets) and read via Deno.env.get().

Frontend (.env.local, Vite — VITE_*)

Injected at build time into the SPA. Only public, non-secret values belong here (the Supabase anon key is safe; the service-role key is not and must never appear in src/).

VariablePurpose
VITE_SUPABASE_URLSupabase project URL (REST/RPC/Functions base).
VITE_SUPABASE_ANON_KEYPublic anon key for the browser client (src/lib/supabaseClient.js).

Confirm the exact VITE_* names against .env.local and src/lib/supabaseClient.js; add any others in use (analytics, public Cloudflare hashes already live in config/cloudflareConfig.js).

Edge function secrets (Supabase Functions → Secrets)

Read in EFs via Deno.env.get('NAME'). Never logged, never returned in responses.

VariableUsed byPurpose
SUPABASE_URL / SUPABASE_SERVICE_ROLE_KEY / SUPABASE_ANON_KEYall EFs (_shared/auth.ts)Service-role client for writes; anon client for JWT verification.
CLOUDFLARE_ACCOUNT_IDfinfluencify-get-video-upload-url, image uploadCloudflare account for Stream/Images API.
CLOUDFLARE_STREAM_API_TOKENvideo upload / deleteCloudflare Stream API token (Stream: Edit).
CLOUDFLARE_STREAM_WEBHOOK_SECRETfinfluencify-stream-webhookHMAC secret to verify Stream webhook signatures.
SHOONYA_API_KEY / SHOONYA_API_USER_ID / SHOONYA_API_PASSWORDNSE market-data fetchersBroker API auth for live indices/contributors.
Razorpay keyspayout / linked-account EFsRazorpay API for trainer payouts (see Razorpay).

This table is hand-maintained. When you add an EF that reads a new secret, add the row here and document it on the EF's page. Cross-check against Deno.env.get( usages across supabase/functions/.