Introducing Environment Variables: Secure, reusable hooks across multiple stores
Managing the same webhook automation across multiple Shopify stores just got simpler. Our new Environment Variables feature lets you securely store API keys, URLs, and other configuration values, making your hooks truly portable and reusable.
Note: Environment Variables are available on paid plans as part of our advanced automation features.
Why Environment Variables matter
If you've ever wanted to deploy the same hook across multiple stores—perhaps different country sites or staging and production environments—you know the challenge of hardcoded values. Previously, you'd need to manually edit each hook to change API endpoints, authentication tokens, or store-specific settings.
Environment variables solve this by separating your hook logic from configuration data. Now you can write a hook once and deploy it anywhere, with each environment using its own secure configuration values.
The hook's code remains completely unchanged when you copy it between stores—you simply configure different environment variable values in each store to account for their specific requirements.
How it works
Environment variables are key-value pairs that your hooks can access during execution. You can set them at two levels:
Store-level variables: Available to all hooks in your store. Use these for shared API keys, store-wide settings, or default configurations.
Hook-level variables: Specific to individual hooks. These override store variables with the same name.
During hook execution, access your environment variables through the context.env object:
Setting up environment variables
Store-level variables
- Navigate to your Settings page
- Find the "Environment Variables" section
- Add variables that should be available across all your hooks
(Common examples: shared API keys, default URLs, store identifiers)
Hook-level variables
- Open any hook and go to the Settings tab
- Scroll to the "Environment Variables" section
- Add variables specific to this hook
- These will override any store variables with the same name
Changes to hook environment variables follow the same pattern as other hook settings—they're saved together when you update the hook.
Security first
Your environment variables are protected with enterprise-grade encryption and security measures. We use industry-standard practices to ensure your sensitive data remains secure:
- Strong encryption for all stored values
- Professional key management through trusted cloud services
- Zero plaintext storage - your data is never stored in readable form
This means your API keys, tokens, and other sensitive information are always protected, even in the unlikely event of a security incident.
Best practices
Use descriptive names: Choose clear variable names like MAILCHIMP_API_KEY instead of KEY1.
Leverage the hierarchy: Set common values at the store level, with hook-specific overrides as needed.
Separate environments: Use different variable values for development, staging, and production hooks.
Secure sensitive data: Store API keys, tokens, and passwords as environment variables rather than hardcoding them.
Real-world example
Instead of hardcoding sensitive values:
Before (hardcoded):
After (environment variables):
Now you can deploy this same hook to your staging store with different environment variables pointing to your test CRM, or to your European store with region-specific endpoints.
Getting started
Environment variables are available now for users on paid plans. Start by identifying any hardcoded values in your existing hooks, then migrate them to environment variables for better security and reusability.
This feature represents our commitment to making Cloudhooks not just powerful, but also scalable for businesses managing complex, multi-store operations.