Homebreadcumb forward arrow iconBlogbreadcumb forward arrow iconSoftware Developmentbreadcumb forward arrow iconHow to Read Environment Variables in Node.js? Why Use, Best Practices

How to Read Environment Variables in Node.js? Why Use, Best Practices

Last updated:
1st Jun, 2023
Read Time
8 Mins
share image icon
In this article
Chevron in toc
View All
How to Read Environment Variables in Node.js? Why Use, Best Practices

Environment variables play a crucial role in Node.js applications. They offer developers a secure means of storing and retrieving sensitive information specific to their environment. 

Reading Node.js environment variables is paramount, as it safeguards the security and customisability of applications. By leveraging environment variables as storage for sensitive data such as API keys, database credentials, and access tokens, developers can effectively shield these invaluable assets from being hard-coded in source code and exposed to potential vulnerabilities. 

Accessing Node.js environment variables is a straightforward process facilitated by the process.env object, which grants developers a convenient interface for retrieving these variables. Whether it’s ensuring the security of sensitive information or facilitating application configuration across environments, leveraging Node.js environment variables is an indispensable practice for building robust and adaptable applications. 

What are Environment Variables?

Developers can effectively separate sensitive or environment-specific data from their codebase by leveraging environment variables. This approach simplifies the handling and deploying of applications across different environments while fortifying security measures by isolating and encrypting confidential information. This mitigates the potential for unauthorised access and strengthens data protection. 

Ads of upGrad blog

Additionally, environment variables facilitate streamlined configuration management by enabling distinct settings for various environments (e.g., development, staging, production) without necessitating codebase modifications. This flexibility ensures seamless adaptation and scalability while promoting efficient collaboration among developers. 

This flexibility ensures seamless deployment and scalability and simplified collaboration among team members. This practice also bolsters security by isolating and encrypting confidential information, mitigating the risk of unauthorised access. 

Node.js environment variables allow for easy configuration management, as they can be set differently across various environments (development, staging, production) without modifying the codebase. This flexibility ensures seamless deployment and scalability and simplified collaboration among team members.

Checkout Software Development Courses at upGrad to upskill. 

Why Use Environment Variables in Node.js?

Using Node.js environment variables comes with several benefits:

  • Better security: Environment variables offer more security when storing sensitive data like API keys, access tokens, and database credentials. It minimises the risk of exposing valuable assets.
  • Streamlined configuration management: Node.js environment variables enable easy customisation across different environments (e.g., development, staging, production) without altering the codebase. This ensures smooth deployment and scalability.
  • Improved collaboration: Environment variables establish a standardised method for managing application settings, facilitating seamless collaboration among team members.
  • Protection against hardcoded values: Utilising Node.js environment variables eliminates hardcoded values, reducing the likelihood of inadvertent exposure or unauthorised access to sensitive information.
  • Increased flexibility: Modifying environment variables allows for the effortless adaptation of application behaviour without necessitating code changes, simplifying customisation and adjusting application settings as required.

To learn more about working with Node.js environment variables, consider exploring the opportunities offered by the Master of Science in Computer Science from LJMU.

Setting Environment Variables in Node.js

Follow the steps below to start setting Node.js environment variables: 

  • Step 1: Launch the terminal or the command line.
  • Step 2: Establish an environment variable for the current session using the “export” command followed by the desired variable name and value. For instance, export VARIABLE_NAME=my_value.
  • Step 3: In the case of setting multiple variables, ensure spaces separate them. Use the following format: employ spaces: export VAR1=value1 VAR2=value2.
  • Step 4: Modify system configuration files such as “.bashrc” or “.bash_profile” to ensure persistent environment variable configuration. Add export statements for the desired variables, allowing them to persist across sessions.
  • Step 5: Save the changes and restart the terminal or execute the source followed by the file name to apply modifications to the current session.
  • Step 6: Employ a package like “dotenv” to handle environment variables. Install the package via npm install dotenv.
  • Step 7: Create a file named “.env” Within your project directory, and define key-value pairs using VARIABLE_NAME=variable_value.
  • Step 8: Import the “dotenv” package at the outset of your Node.js application using require(‘dotenv’).config().
  • Step 9: You can access the environment variables in your application using process.env.VARIABLE_NAME after this.

By adhering to this procedure, you can effortlessly establish and retrieve Node.js environment variables, enabling greater adaptability and configuration management within your application.

Explore Our Software Development Free Courses

Accessing Environment Variables Using process.env in Node.js

Accessing Node.js environment variables is a straightforward process using the process.env object. This feature lets developers easily retrieve the values stored in environment variables within their application code. Developers can access the associated value by referring to process.env followed by the variable name. 

For instance, for accessing an environment variable named VARIABLE_1, one would use process.env.VARIABLE_1

This helps extract sensitive data, configuration settings, or other information stored in environment variables. Utilising process.env in Node.js provides developers with a convenient and secure method to access and utilise environment variables in their Node.js applications, enhancing flexibility and configurability.

Default Values for Environment Variables

Including default values for Node.js environment variables adds a practical and sophisticated touch to your Node.js applications. Setting default values acts as a safety net, allowing your application to continue functioning smoothly even when specific environment variables are not explicitly defined. By incorporating this feature, developers can ensure a seamless experience for users. 

It provides a reliable fallback, instilling confidence and stability. Whether it’s an essential API key, a vital database URL, or any other crucial configuration, implementing default values ensures that your application remains resilient and dependable. Embrace this practice to enhance the reliability and robustness of your Node.js application. Default values for Node.js environment variables can be added by following the steps elucidated below:

  • First, you should establish the environment variable you desire using the process.env.VARIABLE_NAME syntax, where “VARIABLE_NAME” represents the name of the specific variable.
  • Employ the logical OR (||) operator to assign a default value to the variable. For example, process.env.

VARIABLE_NAME = process.env.VARIABLE_NAME || ‘default_value’.

  • Ensure to substitute ‘default_value’ with your preferred default value. This assigned value will be utilised if the environment variable is not explicitly defined.
  • Repeat this process for each environment variable requiring a default value.

In-Demand Software Development Skills

Using Third-Party Libraries for Managing Environment Variables

Using external libraries to manage Node.js environment variables enhances convenience and functionality within your application. These libraries streamline the process of loading and handling environment variables, simplifying configuration management. One well-known library is “dotenv,” designed to store environment variables separately in a dedicated configuration file, often named “.env”. 

By defining key-value pairs in this file, you can effortlessly load them into your application using a concise line of code. This eliminates the need for manual variable handling and enhances code readability. Additional libraries like “config” or “env-cmd” offer advanced features such as environment-specific configurations and command-line support. 

Embracing these third-party solutions elevates your development experience, fostering maintainable and scalable code. 

Follow these steps to use third-party libraries for efficient environment variable management:

  • Install the desired library via a package manager like npm or yarn. For instance, npm install dotenv.
  • Import the library at the start of the code file by using require(‘dotenv’).config() for “dotenv”.
  • Make a specific configuration file (e.g., “.env”) in your project directory that is dedicated to only storing environment variables as key-value pairs.
  • Define variables in the configuration file with the VARIABLE_NAME=variable_value format.
  • Use the process.env.VARIABLE_NAME to access environment variables in your code.
  • The library automatically loads variables from the configuration file, making them accessible in your application.
  • Repeat the process for each chosen library to manage environment variables.

Following these steps, you can effectively use third-party libraries, such as “dotenv,” to simplify environment variable management in your Node.js application, enhancing convenience and maintainability.

Check out our free technology courses to get an edge over the competition.

Best Practices for Working with Environment Variables

Efficiently handling Node.js environment variables requires adhering to a set of recommended practices. These guidelines ensure optimal performance, security, and code maintenance. 

Ads of upGrad blog

Consider the following suggestions:

  • Opt for descriptive and consistent names when defining environment variables, promoting readability and preventing confusion.
  • Exercise caution when version-controlling environment variable files, such as .env files, to avoid unintentionally disclosing sensitive data. Leverage tools like .gitignore to exclude these files appropriately.
  • Keep sensitive data like API keys and database credentials stored as environment variables to protect them. Hardcoding them into the codebase directly can result in a risk of inadvertent exposure.
  • Consider utilising third-party libraries such as “dotenv” to streamline the loading and management of Node.js environment variables from a separate configuration file. This simplifies the process and consolidates variable handling.
  • Document the essential environment variables and their purposes in documentation or a readme file, fostering collaboration and ensuring all project contributors are well-informed.
  • Separate environment-specific configurations to accommodate varying settings across development, staging, and production environments. This approach maintains consistency and minimises deployment issues.
  • Prioritise input and environment variable validation and sanitisation to fortify the application against potential security vulnerabilities, including injection attacks.
  • Regularly review and update your environment variable setup to align with evolving application requirements and uphold robust security practices.

Explore our Popular Software Engineering Courses

Security Considerations

Maintaining robust security measures is crucial when working with Node.js environment variables. Consider the following security considerations:

  • Protect sensitive information: Take precautions to prevent the exposure of confidential data through environment variables.
  • Encrypt sensitive values: Apply encryption techniques to safeguard sensitive values stored within environment variables, bolstering their security.
  • Restrict access: Limit access to environment variables to authorised individuals or processes, ensuring unauthorised parties cannot gain access.
  • Regularly review and rotate: Conduct regular audits and rotate environment variables to minimise the risk of prolonged exposure.
  • Secure storage: Store environment variables in a secure location, such as a trusted key management system, to prevent unauthorised access.

Read our Popular Articles related to Software Development


In essence, Node.js environment variables offer a robust solution for effectively configuring and handling applications while maintaining security. Developers can use these variables to enhance data protection, simplify configuration management, and foster collaboration within their Node.js projects. If this interests you, why not turn it into a full-blown career option? Enrol yourself on the top-tier Executive PG Programme in Full Stack Development from IIITB, offered by upGrad, to upskill yourself and be a prime candidate in the job market. 


Pavan Vadapalli

Blog Author
Director of Engineering @ upGrad. Motivated to leverage technology to solve problems. Seasoned leader for startups and fast moving orgs. Working on solving problems of scale and long term technology strategy.

Frequently Asked Questions (FAQs)

1What is .env file in Node.js?

The .env file in Node.js serves as a storage mechanism for environment variables. These variables are essential for securely storing sensitive information, such as passwords and API credentials, which should not be hardcoded in the codebase. Instead, they are stored in the .env file to ensure proper configuration and adaptability across different environments.

2Where can you store Node.js environment variables?

Node.js environment variables are typically not stored in a file. Instead, they are set through the system shell, such as bash. The environment variables are stored within the shell used to initiate the Node.js application.

3What is NODE_ENV used for?

The purpose of NODE_ENV, as commonly practised, is to indicate whether the environment is in production or development. By setting NODE_ENV, developers can determine the environment type, make specific adjustments, or enable additional debugging or logging functionalities tailored to the specific environment.