Environment Variables

Configuration reference for the Marqov platform. Copy .env.example to .env.local and fill in values. Never commit .env.local to git.

Supabase

Variable	Required	Description	Example
`NEXT_PUBLIC_SUPABASE_URL`	Yes	Supabase project URL	`https://your-project.supabase.co`
`NEXT_PUBLIC_SUPABASE_ANON_KEY`	Yes	Supabase anonymous (public) key	`eyJ...`
`SUPABASE_SERVICE_ROLE_KEY`	Yes	Supabase service role key (server-side only)	`eyJ...`
`PLATFORM_ADMIN_EMAILS`	Yes	Comma-separated admin emails (platform-wide god-mode access)	`admin@example.com,team@example.com`

Upstash Redis (Rate Limiting)

Variable	Required	Description	Example
`UPSTASH_REDIS_REST_URL`	Yes	Upstash Redis REST API URL	`https://your-instance.upstash.io`
`UPSTASH_REDIS_REST_TOKEN`	Yes	Upstash Redis REST API token	`AXXXXxxx...`

Rate limiting fails open (requests are allowed) if Redis is unreachable.

Temporal

Variable	Required	Description	Example
`TEMPORAL_ADDRESS`	Yes	Temporal server gRPC address	`localhost:7233` (local) or `ns.tmprl.cloud:7233` (cloud)
`TEMPORAL_NAMESPACE`	Yes	Temporal namespace	`default` (local) or `your-namespace.xxxxx` (cloud)
`TEMPORAL_API_KEY`	Production	Temporal Cloud API key (not needed for local)	`eyJ...`
`NEXT_PUBLIC_TEMPORAL_UI_URL`	No	Temporal UI URL for “View in Temporal” links	`http://localhost:8088`

AWS / Braket

Variable	Required	Description	Example
`AWS_REGION`	Yes	Default AWS region	`us-east-1`
`AWS_ACCESS_KEY_ID`	Yes	AWS access key	—
`AWS_SECRET_ACCESS_KEY`	Yes	AWS secret key	—
`AWS_PROFILE`	No	AWS profile name (alternative to key/secret)	`marqov-dev`
`BRAKET_S3_BUCKET`	Yes	S3 bucket for Braket task results	`amazon-braket-marqov-dev`
`BRAKET_S3_PREFIX`	Yes	S3 key prefix for results	`platform-jobs`

Azure Quantum

Azure credentials are managed via team secrets (stored encrypted in the database), not environment variables. Configure via the Team Settings UI or POST /api/team/secrets.

Required secrets per team:

subscription_id
resource_group
workspace_name
location

Email (Resend)

Variable	Required	Description	Example
`RESEND_API_KEY`	Yes	Resend API key for sending emails	`re_...`
`RESEND_FROM_EMAIL`	Yes	Verified sender address	`noreply@example.com` (prod) or `onboarding@resend.dev` (dev)

Sentry (Error Tracking)

Variable	Required	Description	Example
`NEXT_PUBLIC_SENTRY_DSN`	No	Platform DSN (Next.js frontend + API)	`https://xxx@xxx.ingest.sentry.io/xxx`
`SENTRY_WORKERS_DSN`	No	Workers DSN (Python Temporal workers)	`https://xxx@xxx.ingest.sentry.io/xxx`
`SENTRY_ORG`	No	Sentry organization slug	`marqov`
`SENTRY_PROJECT`	No	Sentry project slug	`marqov-platform`
`SENTRY_AUTH_TOKEN`	No	Sentry auth token for source map uploads	`sntrys_...`

Application

Variable	Required	Description	Example
`NEXT_PUBLIC_APP_URL`	Yes	Application URL (used for CORS and CSP)	`http://localhost:3000` (dev) or `https://app.marqov.ai` (prod)
`WORKER_URL`	Yes	Worker execution endpoint URL	`http://localhost:8080/execute`
`PLAYGROUND_API_KEY`	Yes	API key for worker authentication	—

Summary by Component

Platform (Next.js)

All variables in the Supabase, Redis, Temporal, Sentry, and Application sections.

Worker (Python)

Variable	Required
`NEXT_PUBLIC_SUPABASE_URL`	Yes
`SUPABASE_SERVICE_ROLE_KEY`	Yes
`TEMPORAL_ADDRESS`	Yes
`TEMPORAL_NAMESPACE`	Yes
`TEMPORAL_API_KEY`	Production
`AWS_REGION`	Yes
`AWS_ACCESS_KEY_ID`	Yes
`AWS_SECRET_ACCESS_KEY`	Yes
`BRAKET_S3_BUCKET`	Yes
`BRAKET_S3_PREFIX`	Yes
`SENTRY_WORKERS_DSN`	No