You can store secrets, keys, and API tokens as Environment Variables via the val’s left side bar.
Environment variables can be accessed via Deno.env or process.env within any file in your val.
- The “key” and “value” of each environment variable can be any string
- Vals can’t set environment variables programmatically: Environment variables are only set via the settings page. Trying to update an environment variable, for example by using
Deno.env.set, is a no-op.
Deno.env
Section titled “Deno.env”This uses the Deno-default Deno.env variable, which is available globally.
const secret = Deno.env.get("someSdkSecret");export let sdk = new SomeSDK(secret);process.env
Section titled “process.env”This is the conventional way to access environment variables when you’re in a Node.js environment.
const secret = process.env.someSdkSecret;export let sdk = new SomeSDK(secret);Environment variables are private
Section titled “Environment variables are private”It is safe to reference environment variables in public vals. Others can see that they’re being used, but not their values.
For example, in this public val, you can see that I’m using a Discord bot’s environment variable, but you cannot run this code or get the value of the environment variable.
If you expose an HTTP or Email trigger, the underlying code can be triggered by anyone who knows the URL or email address, but they still can’t access your environment variables directly. This is how server-side code normally works. If someone wants to run your code with their environment variables, they need to remix your val and run their copy.