Environment variables for Formbricks
Variable | Description | Required | Default |
---|---|---|---|
WEBAPP_URL | Base URL of the site. | required | http://localhost:3000 |
PUBLIC_URL | Base URL for the public domain where surveys and public-facing content are served. If not set, uses WEBAPP_URL. | optional | WEBAPP_URL |
NEXTAUTH_URL | Location of the auth server. This should normally be the same as WEBAPP_URL | required | http://localhost:3000 |
DATABASE_URL | Database URL with credentials. | required | |
NEXTAUTH_SECRET | Secret for NextAuth, used for session signing and encryption. | required | (Generated by the user, must not exceed 32 bytes, openssl rand -hex 32 ) |
ENCRYPTION_KEY | Secret used by Formbricks for data encryption and audit log hashing. | required | (Generated by the user, must not exceed 32 bytes, openssl rand -hex 32 ) |
CRON_SECRET | API Secret for running cron jobs. | required | (Generated by the user, must not exceed 32 bytes, openssl rand -hex 32 ) |
LOG_LEVEL | Minimum log level (debug, info, warn, error, fatal) | optional | info |
UPLOADS_DIR | Local directory for storing uploads. | optional | ./uploads |
S3_ACCESS_KEY | Access key for S3. | optional | (resolved by the AWS SDK) |
S3_SECRET_KEY | Secret key for S3. | optional | (resolved by the AWS SDK) |
S3_REGION | Region for S3. | optional | (resolved by the AWS SDK) |
S3_BUCKET_NAME | S3 bucket name for data storage. Formbricks enables S3 storage when this is set. | optional (required if S3 is enabled) | |
S3_ENDPOINT_URL | Endpoint for S3. | optional | (resolved by the AWS SDK) |
SAML_DATABASE_URL | Database URL for SAML. | optional | postgres://postgres:@localhost:5432/formbricks-saml |
PRIVACY_URL | URL for privacy policy. | optional | |
TERMS_URL | URL for terms of service. | optional | |
IMPRINT_URL | URL for imprint. | optional | |
IMPRINT_ADDRESS | Address for imprint. | optional | |
EMAIL_AUTH_DISABLED | Disables the ability for users to signup or login via email and password if set to 1. | optional | |
PASSWORD_RESET_DISABLED | Disables password reset functionality if set to 1. | optional | |
EMAIL_VERIFICATION_DISABLED | Disables email verification if set to 1. | optional | |
RATE_LIMITING_DISABLED | Disables rate limiting if set to 1. | optional | |
INVITE_DISABLED | Disables the ability for invited users to create an account if set to 1. | optional | |
MAIL_FROM | Email address to send emails from. | optional (required if email services are to be enabled) | |
MAIL_FROM_NAME | Email name/title to send emails from. | optional (required if email services are to be enabled) | |
SMTP_HOST | Host URL of your SMTP server. | optional (required if email services are to be enabled) | |
SMTP_PORT | Host Port of your SMTP server. | optional (required if email services are to be enabled) | |
SMTP_USER | Username for your SMTP Server. | optional (required if email services are to be enabled) | |
SMTP_PASSWORD | Password for your SMTP Server. | optional (required if email services are to be enabled) | |
SMTP_AUTHENTICATED | If set to 0, the server will not require SMTP_USER and SMTP_PASSWORD(default is 1) | optional | |
SMTP_SECURE_ENABLED | SMTP secure connection. For using TLS, set to 1 else to 0. | optional (required if email services are to be enabled) | |
SMTP_REJECT_UNAUTHORIZED_TLS | If set to 0, the server will accept connections without requiring authorization from the list of supplied CAs. | optional | 1 |
TURNSTILE_SITE_KEY | Site key for Turnstile. | optional | |
TURNSTILE_SECRET_KEY | Secret key for Turnstile. | optional | |
RECAPTCHA_SITE_KEY | Site key for survey responses recaptcha bot protection | optional | |
RECAPTCHA_SECRET_KEY | Secret key for recaptcha bot protection. | optional | |
GITHUB_ID | Client ID for GitHub. | optional (required if GitHub auth is enabled) | |
GITHUB_SECRET | Secret for GitHub. | optional (required if GitHub auth is enabled) | |
GOOGLE_CLIENT_ID | Client ID for Google. | optional (required if Google auth is enabled) | |
GOOGLE_CLIENT_SECRET | Secret for Google. | optional (required if Google auth is enabled) | |
STRIPE_SECRET_KEY | Secret key for Stripe integration. | optional | |
STRIPE_WEBHOOK_SECRET | Webhook secret for Stripe integration. | optional | |
TELEMETRY_DISABLED | Disables telemetry if set to 1. | optional | |
DEFAULT_BRAND_COLOR | Default brand color for your app (Can be overwritten from the UI as well). | optional | #64748b |
DEFAULT_ORGANIZATION_ID | Automatically assign new users to a specific organization when joining | optional | |
OIDC_DISPLAY_NAME | Display name for Custom OpenID Connect Provider | optional | |
OIDC_CLIENT_ID | Client ID for Custom OpenID Connect Provider | optional (required if OIDC auth is enabled) | |
OIDC_CLIENT_SECRET | Secret for Custom OpenID Connect Provider | optional (required if OIDC auth is enabled) | |
OIDC_ISSUER | Issuer URL for Custom OpenID Connect Provider (should have .well-known configured at this) | optional (required if OIDC auth is enabled) | |
OIDC_SIGNING_ALGORITHM | Signing Algorithm for Custom OpenID Connect Provider | optional | RS256 |
OPENTELEMETRY_LISTENER_URL | URL for OpenTelemetry listener inside Formbricks. | optional | |
PROMETHEUS_ENABLED | Enables Prometheus metrics if set to 1. | optional | |
PROMETHEUS_EXPORTER_PORT | Port for Prometheus metrics. | optional | 9090 |
DOCKER_CRON_ENABLED | Controls whether cron jobs run in the Docker image. Set to 0 to disable (useful for cluster setups). | optional | 1 |
DEFAULT_TEAM_ID | Default team ID for new users. | optional | |
SENTRY_DSN | Set this to track errors and monitor performance in Sentry. | optional | |
SENTRY_ENVIRONMENT | Set this to identify the environment in Sentry | optional | |
SENTRY_AUTH_TOKEN | Set this if you want to make errors more readable in Sentry. | optional | |
SESSION_MAX_AGE | Configure the maximum age for the session in seconds. | optional | 86400 (24 hours) |
USER_MANAGEMENT_MINIMUM_ROLE | Set this to control which roles can access user management features. Accepted values: “owner”, “manager”, “disabled” | optional | manager |
REDIS_URL | Redis URL for caching and audit logging. Required for audit logging and optional for Next.js caching. | optional (required if audit logging is enabled) | |
REDIS_HTTP_URL | Redis URL for rate limiting. If not set, rate limiting uses in-memory LRU cache. | optional | |
AUDIT_LOG_ENABLED | Set this to 1 to enable audit logging. Requires Redis to be configured with the REDIS_URL env variable. | optional | 0 |
AUDIT_LOG_GET_USER_IP | Set to 1 to include user IP addresses in audit logs from request headers | optional | 0 |