Back to homeContact support
Try it free
Menu
Close
Help Center
>
Using Cloudhooks
>
Environment variables

Environment variables

Environment variables allow you to securely store API keys, URLs, and other configuration values that your hooks can access during execution. This makes your hooks portable and reusable across different stores without hardcoding sensitive information.

Note: Environment Variables are available on paid plans as part of our advanced automation features.

How environment variables work

Environment variables are key-value pairs that your hooks can access during execution. You can set them at two levels:

Store-level variables: Available to all hooks in your store. Use these for shared API keys, store-wide settings, or default configurations.

Hook-level variables: Specific to individual hooks. These override store variables with the same name.

During hook execution, access your environment variables through the context.env object:

module.exports = async function(payload, actions, context) {
  const apiKey = context.env.EXTERNAL_API_KEY;
  const baseUrl = context.env.API_ENDPOINT;
  
  // Your hook code using these variables
  await actions.http.post(baseUrl + "/webhook", {
      headers: { "Authorization": `Bearer ${apiKey}` },
      body: payload
  });
}

Setting up environment variables

Store-level variables

  1. Navigate to your Settings page
  2. Find the "Environment Variables" section
  3. Add variables that should be available across all your hooks:

Hook-level variables

  1. Open any hook and go to the Settings tab
  2. Scroll to the "Environment Variables" section
  3. Add variables specific to this hook
  4. These will override any store variables with the same name

Changes to hook environment variables are updated when you save the hook.

Security

Your environment variables are protected with:

  • Strong encryption for all stored values
  • Professional key management through trusted cloud services
  • Zero plaintext storage - your data is never stored in readable form

Best practices

Use descriptive names: Choose clear variable names like MAILCHIMP_API_KEY instead of KEY1.

Leverage the hierarchy: Set common values at the store level, with hook-specific overrides as needed.

Separate environments: Use different variable values for development, staging, and production hooks.

Secure sensitive data: Store API keys, tokens, and passwords as environment variables rather than hardcoding them.

Example

Instead of hardcoding sensitive values:

Before (hardcoded):

const crmUrl = 'https://api.mycompany-prod.com';
const apiKey = 'sk_live_abc123...';

After (environment variables):

const crmUrl = context.env.CRM_API_URL;
const apiKey = context.env.CRM_API_KEY;

This allows you to deploy the same hook to different stores with different configuration values, such as:

  • Regional stores with region-specific URLs
  • A staging store with test API endpoints
  • Multiple production stores with different API keys
Related articles
Hook context
Copyright © 2025 Infinea Consulting Ltd
ArticlesAffiliatesTermsPrivacy Policy