Skip to main content
When you deploy your app, Vybe automatically injects all the environment variables your app needs to connect to its database, integrations, and the Vybe platform. You do not need to configure these manually.

Auto-injected variables

Vybe sets the following environment variables during deployment:
VariableDescription
DATABASE_URLPostgreSQL connection string for your app’s built-in database
External database credentialsConnection strings for any external databases you have connected (PostgreSQL, MySQL, Redshift)
Custom API credentialsCredentials for each custom API you have configured (e.g., CUSTOM_API_MY_SERVICE)
Integration credentialsAccess tokens and keys for server-side integration access
VYBE_SERVER_SECRETSecret token for server-to-server authentication between your app and Vybe APIs
Vybe framework URLsInternal URLs used by the Vybe platform for framework communication
You never need to copy and paste credentials or manually set environment variables. Vybe handles all of this automatically when you deploy.

Accessing variables in your code

Environment variables are available in server-side code via process.env: 
// In an API route or server component
const dbUrl = process.env.DATABASE_URL;
const serverSecret = process.env.VYBE_SERVER_SECRET;
The AI uses these variables when it generates code for your app. When it creates database connections, API calls, or integration logic, it references the correct environment variable names automatically.

Security

Environment variables are handled securely throughout the deployment pipeline:
  • Variables are encrypted at rest and in transit
  • Variables are injected at build time and are only available on the server
  • Variables are never exposed to the client side — they cannot be accessed from browser-side JavaScript
  • Credentials are not visible in your app’s source code
Never hardcode secrets, API keys, or database credentials directly in your code. Always reference environment variables through process.env. The AI follows this pattern by default.

When variables update

Environment variables are set at deployment time. If you make changes to your integrations or data connections after deploying, the updated credentials are not automatically applied to your running app. You need to redeploy in these situations:
  • You connect a new external database
  • You add or update a custom API
  • You connect a new integration that your app uses server-side
  • You rotate or refresh credentials for an existing connection
After making changes to your integrations or custom APIs, click Deploy again to inject the updated environment variables into your app.

Built-in database

Every Vybe app gets its own PostgreSQL database. The connection string is automatically available as DATABASE_URL. The AI uses this to:
  • Create and manage tables
  • Run queries from API routes and server components
  • Execute migrations when your schema changes
You do not need to provision or configure the database — it is created when your app is created and connected automatically.

External databases

When you connect external databases through the Integrations page, their connection credentials are injected as environment variables during deployment. This lets your app query external databases directly from server-side code. Each external database gets its own environment variable with a name based on the connection you configured.

Custom APIs

Custom API credentials you create on the Integrations page are injected as environment variables named after the API. For example, if you create a custom API called “My Service”, the credentials are available as CUSTOM_API_MY_SERVICE. The AI references these variables when it generates code that calls your custom APIs.

Server secret

The VYBE_SERVER_SECRET variable enables server-to-server authentication between your deployed app and Vybe platform APIs. This is used internally for features like:
  • User authentication verification
  • Accessing organization data
  • Integration proxy calls
The AI handles this automatically when generating server-side code. You do not need to use this variable directly in most cases.

What is next