Environment Variables

Complete reference for all environment variables used by Igris.

Required

These must be set for the application to start.

Variable	Description	Example
`DATABASE_URL`	Neon PostgreSQL connection string	`postgresql://user:pass@ep-cool-name.us-east-2.aws.neon.tech/igris?sslmode=require`
`BETTER_AUTH_SECRET`	Secret key for session encryption (min 32 chars)	`a-long-random-string-at-least-32-characters`
`BETTER_AUTH_URL`	Public URL of the API server	`https://igris-api.fly.dev`

Redis (Upstash)

Required for policy caching, rate limiting, and SSE.

Variable	Description	Example
`UPSTASH_REDIS_REST_URL`	Upstash Redis REST API URL	`https://usw1-example.upstash.io`
`UPSTASH_REDIS_REST_TOKEN`	Upstash Redis REST API token	`AXxxASQ...`

OAuth Providers (Optional)

Enable social login. If not set, only email/password auth is available.

GitHub

Variable	Description
`GITHUB_CLIENT_ID`	GitHub OAuth App client ID
`GITHUB_CLIENT_SECRET`	GitHub OAuth App client secret

Create a GitHub OAuth App at github.com/settings/developers. Set the callback URL to {BETTER_AUTH_URL}/api/auth/callback/github.

Google

Variable	Description
`GOOGLE_CLIENT_ID`	Google OAuth client ID
`GOOGLE_CLIENT_SECRET`	Google OAuth client secret

Create credentials in the Google Cloud Console. Set the redirect URI to {BETTER_AUTH_URL}/api/auth/callback/google.

Payments (Dodo Payments)

Required for billing features. If not set, all organizations default to the Free plan.

Variable	Description
`DODO_API_KEY`	Dodo Payments API key
`DODO_WEBHOOK_SECRET`	Dodo Payments webhook signature secret

Application

Variable	Default	Description
`PORT`	`3100`	Port the API server listens on
`NODE_ENV`	`development`	Set to `production` for production deployments
`TRUSTED_ORIGINS`	—	Comma-separated list of allowed CORS origins (e.g., `https://app.igris.dev,https://igris-api.fly.dev`)

Frontend (Next.js)

Set these on the web frontend deployment:

Variable	Description
`NEXT_PUBLIC_API_URL`	URL of the Igris API server
`NEXT_PUBLIC_APP_URL`	Public URL of the frontend app

Example `.env` File

# Database
DATABASE_URL="postgresql://igris_user:password@ep-cool-name.us-east-2.aws.neon.tech/igris?sslmode=require"

# Auth
BETTER_AUTH_SECRET="change-me-to-a-random-string-at-least-32-characters"
BETTER_AUTH_URL="http://localhost:3100"

# Redis
UPSTASH_REDIS_REST_URL="https://usw1-example.upstash.io"
UPSTASH_REDIS_REST_TOKEN="AXxxASQgODM..."

# OAuth (optional)
GITHUB_CLIENT_ID="Iv1.abc123"
GITHUB_CLIENT_SECRET="secret123"
GOOGLE_CLIENT_ID="123-abc.apps.googleusercontent.com"
GOOGLE_CLIENT_SECRET="GOCSPX-secret"

# Payments (optional)
DODO_API_KEY="dodo_live_abc123"
DODO_WEBHOOK_SECRET="whsec_abc123"

# Application
PORT=3100
NODE_ENV=development
TRUSTED_ORIGINS="http://localhost:3200"

Never commit .env files to version control. Use your deployment platform’s secret management (Fly.io secrets, Vercel env vars, etc.).

Getting Started

Igris Scanner

MCP Governance

Log Ingestion

Compliance

API

Self-Hosted

Environment Variables

Environment Variables

Required

Redis (Upstash)

OAuth Providers (Optional)

GitHub

Google

Payments (Dodo Payments)

Application

Frontend (Next.js)

Example `.env` File

Getting Started

Igris Scanner

MCP Governance

Log Ingestion

Compliance

API

Self-Hosted

​Environment Variables

​Required

​Redis (Upstash)

​OAuth Providers (Optional)

​GitHub

​Google

​Payments (Dodo Payments)

​Application

​Frontend (Next.js)

​Example .env File

Environment Variables

Required

Redis (Upstash)

OAuth Providers (Optional)

GitHub

Google

Payments (Dodo Payments)

Application

Frontend (Next.js)

Example `.env` File