Features Locations Pricing FAQ Docs Blog
Log in Get Started →

Environment Variables

Backends read their configuration — PocketBase URLs, API keys, third-party secrets — from environment variables. PocketBase Cloud stores them encrypted at rest and injects them into your container at startup, so secrets never live in your code or your ZIP archive.

Adding variables

  1. Open your backend and go to the Env Vars page
  2. Click Add Variable, enter a key and value
  3. Save

You can also paste an entire .env file to set many variables at once — each KEY=value line becomes one variable.

Using variables in your code

Variables are available through the standard runtime APIs:

// Node.js / Bun / Next.js
const apiKey = process.env.STRIPE_SECRET_KEY;
// Deno
const apiKey = Deno.env.get("STRIPE_SECRET_KEY");

Applying changes

Environment variables are injected when the container starts. After adding or changing variables, redeploy (or restart) the backend for the new values to take effect.

Reserved variables

PocketBase Cloud manages a few variables for you:

  • PORT — the port your app must listen on. Don’t override it; read it and bind to it.

Deployments created from a template also come pre-configured with POCKETBASE_URL, ENV, and CORS settings pointing at the template’s PocketBase instance.

Security notes

  • Values are encrypted at rest and only decrypted when your container starts
  • Values are write-only in the dashboard — treat them like a password manager entry and keep a copy of anything you can’t regenerate
  • Prefer environment variables over committing secrets to your repository, even for “temporary” testing

Next steps