Managed Credentials
Varity automatically provides all the credentials your app needs. You never need to create third-party accounts or manually configure API keys.
How It Works
Section titled “How It Works”When you deploy with Varity, credentials are handled automatically at every stage:
-
Development — The SDK auto-uses shared development credentials. No
.envsetup needed to start building. -
Production — When you run
varitykit deploy, the CLI fetches production credentials from Varity’s credential proxy and injects them into your build. -
Runtime — Your deployed app uses managed credentials. Users never see API keys or configuration prompts.
Developer runs: varitykit deploy |CLI fetches credentials from Varity's credential proxy |Credentials injected into build automatically |App deployed with everything configuredWhat’s Managed
Section titled “What’s Managed”Varity provides credentials for:
| Service | What It Covers | Developer Action |
|---|---|---|
| Authentication | User login (email, social) | None required |
| File Storage | Uploads, CDN delivery | None required |
| Infrastructure | Network access, operations | None required |
Development Mode
Section titled “Development Mode”During local development, the SDK automatically uses shared development credentials:
import { db, resolveCredentials, VARITY_DEV_CREDENTIALS } from '@varity-labs/sdk';
// Check which credentials are activeconst creds = resolveCredentials();// In development, this returns VARITY_DEV_CREDENTIALS automatically
// Use the database — credentials are resolved for youconst users = db.collection('users');await users.add({ name: 'Alice', role: 'admin' });Production Deployment
Section titled “Production Deployment”When you deploy, the CLI handles everything:
varitykit app deployOutput:
✓ Credentials: Auto-provided✓ Build complete✓ Deployed successfully✓ URL: https://your-app.varity.appNo manual credential setup required.
Security
Section titled “Security”- Rate-limited — Credential proxy enforces per-app rate limits
- API key authenticated — CLI uses embedded API keys to authenticate with the proxy
- Credentials never stored on disk — Injected at build time only
- Isolated per app — Each app receives its own credential scope
Verifying Credentials
Section titled “Verifying Credentials”Run the doctor command to verify your credential status:
varitykit doctorChecking environment variables... ✓ Credentials: Auto-provided ✓ Storage API: AccessibleAdvanced: Using Your Own Credentials
Varity manages these credentials automatically. Only use this if you need custom configuration.
Power users can override managed credentials with their own. Set these environment variables to use your own accounts:
Authentication (Privy)
Section titled “Authentication (Privy)”- Create an account at dashboard.privy.io
- Create a new app and copy your App ID
- Add to your
.env.local:
NEXT_PUBLIC_PRIVY_APP_ID=your_privy_app_idStorage (thirdweb)
Section titled “Storage (thirdweb)”- Create an account at thirdweb.com/dashboard
- Create a project and copy your Client ID
- Add to your
.env.local:
THIRDWEB_CLIENT_ID=your_thirdweb_client_idWhen these variables are set, the SDK and CLI will use your credentials instead of the managed ones.
Next Steps
Section titled “Next Steps”- Environment Variables — Variables you can customize
- Deploy Your App — Deploy with one command
- CLI Doctor — Verify your setup