API Keys & Integrations

Configure external services like database, AI providers, and maps. For security, secrets are managed via environment variables, not stored in the browser.

Environment-based configuration

Canopy Sight uses `.env` files and server-side configuration to keep secrets safe.

This demo build intentionally does not expose or edit API keys from the browser. Instead, keys are managed in your development or deployment environment as documented in the setup guide.

See SETUP_ENV.md or DEPLOYMENT.md in the repository for a full list of required environment variables.

Key categories

High-level view of what you configure via environment variables.

Authentication & Demo Mode

Demo login and access level
Demo login (auth can be re-added later)

Database & Storage

PostgreSQL connection string
Object storage for video clips (S3, etc.)

AI & Analytics

Anthropic / OpenAI keys
Telemetry and observability endpoints

Maps & External APIs

Google Maps key
3rd-party safety platforms

How to rotate keys safely

Operational guidance for production deployments.

In production you should:

Store secrets in your cloud provider's secret manager (not in Git).
Rotate keys regularly and immediately after any suspected leak.
Use separate keys for dev, staging, and production.