typebase-io-cli env

Manage environment variables on your deployment provider.

`env <target> get <key>`

Get an environment variable from your deployment provider.

npx typebase-io-cli env dev get DATABASE_URL

npx typebase-io-cli env prod get BETTER_AUTH_SECRET

`env <target> add <key> <value>`

Set an environment variable.

npx typebase-io-cli env dev add MY_API_KEY sk-123456

npx typebase-io-cli env prod add MY_API_KEY sk-789012

Options

Flag	Description	Default
`--provider <provider>`	Deployment provider: `vercel`, `cloudflare`, or `deno`	From `typebase.json`
`--encrypted`	Encrypt the value	`true`

Secret handling differs by provider, and env get does not always return the raw value.

On Vercel, --encrypted toggles whether the variable is stored as an encrypted env var, and env get can return the stored value.

On Cloudflare, Typebase currently stores values as Worker secrets, so env get returns ENCRYPTED instead of the raw secret value.

On Deno Deploy, --encrypted controls whether the variable is marked as a secret. Non-secret values can be returned by env get, but secret values may come back as ENCRYPTED.

If env get prints ENCRYPTED, the provider is hiding the raw secret. In that case, manage or inspect the variable in your provider dashboard or go back to the original source you used when setting it.

Examples

Add an encrypted variable:

npx typebase-io-cli env dev add SECRET_KEY my-secret

Add a non-encrypted variable:

npx typebase-io-cli env dev add PUBLIC_URL https://example.com --no-encrypted

Get a variable:

npx typebase-io-cli env dev get SECRET_KEY

typebase-io-cli env

env <target> get <key>

env <target> add <key> <value>

Options

Examples

On this page

`env <target> get <key>`

`env <target> add <key> <value>`