Env Vars Manager
Secrets configuration table with mono keys, sha256 hash chips, a disabled reveal button, target Badges, and a write-only honesty note.
Secrets configuration table with mono keys, sha256 hash chips, a disabled reveal button, target Badges, and a write-only honesty note.
The Application Collection unlocks the source for every Application block. All Access unlocks every Collection.
Already purchased? Log in
Env Vars Manager is the secrets configuration table for the Acme workspace, seven rows spanning DATABASE_URL, STRIPE_SECRET_KEY, NEXT_PUBLIC_API_URL, and RESEND_API_KEY across Production, Preview, and Development targets. Each row shows the KEY in mono, a sha256 hash in a muted code chip, an eye button that is disabled (the reveal affordance that cannot reveal), a target Badge, and who updated it last and when. The header banner states the honest constraint up front: secret values are write-only, we store a hash, not the value. The footer repeats it with the AES-256 note and the rotation advice.
Rows are one typed const array; target badge variants are a Record so Production, Preview, and Development each get a distinct visual weight. The inline add-variable row sits inside the same Table so focus order never breaks.
Reach for this block on the project settings or secrets page, wired to your secrets API. Wire the eye button to a copy-hash action, not a reveal, and pair the add row with a real encryption call on save.
A natural flow around it on an Application Pro page:
Before
After
One strong use is the project secrets manager. Other env var surfaces:
Tip: disabled eye buttons communicate the write-only contract better than a hidden button; show the control, just make it non-functional and aria-disabled.