Secrets & Environment Variables

Encrypted variables with per-branch overrides.

Manage environment variables and secrets securely through the dashboard or CLI. Values are encrypted at rest with AES-256, injected at build or runtime, and scoped per environment or branch.

Start using Secrets Read the docs

Capabilities

What makes it powerful

AES-256 Encryption

All secret values are encrypted at rest and in transit. Values are never exposed in logs or build output.

Per-branch Scoping

Override variables per branch — use different database URLs for production, staging, and preview.

Bulk Import

Import from .env files, Doppler, Vault, or paste directly. Export to share across projects.

Change Audit Log

Every create, update, or delete of an environment variable is recorded with user, timestamp, and diff.

Use Cases

Built for teams like yours

Managing API keys across multiple environments

Rotating database credentials without redeploying

Sharing config between microservices in a team

Explore More

Other features you'll love

Git Push to Deploy

Ship on every push — zero configuration required.

Learn more

Preview Deployments

Every pull request gets its own live URL.

Learn more

Instant Rollbacks

Revert to any previous deployment in one click.

Learn more

Build Logs & Insights

Custom Domains & SSL

Ready to try Secrets & Environment Variables?

Start for free. No credit card required. Deploy your first project in under 5 minutes.

Deploy for free