Managed Credentials

Varity Team Core Contributors Updated March 2026

Varity automatically provides all the credentials your app needs. You never need to create third-party accounts or manually configure API keys.

How It Works

When you deploy with Varity, credentials are handled automatically at every stage:

Development — The SDK auto-uses shared development credentials. No .env setup needed to start building.
Production — When you run varitykit app deploy, the CLI fetches production credentials from Varity’s credential proxy and injects them into your build.
Runtime — Your deployed app uses managed credentials. Users never see API keys or configuration prompts.

Developer runs: varitykit deploy
    |
CLI fetches credentials from Varity's credential proxy
    |
Credentials injected into build automatically
    |
App deployed with everything configured

What’s Managed

Varity provides credentials for:

Service	What It Covers	Developer Action
Authentication	User login (email, social)	None required
File Storage	Uploads, CDN delivery	None required
Infrastructure	Network access, operations	None required

Development Mode

During local development, the SDK automatically uses shared development credentials:

import { db, resolveCredentials, VARITY_DEV_CREDENTIALS } from '@varity-labs/sdk';

// Check which credentials are active
const creds = resolveCredentials();
// In development, this returns VARITY_DEV_CREDENTIALS automatically

// Use the database — credentials are resolved for you
const users = db.collection('users');
await users.add({ name: 'Alice', role: 'admin' });

Production Deployment

When you deploy, the CLI handles everything:

varitykit app deploy

Output:

✓ Credentials: Auto-provided
✓ Build complete
✓ Deployed successfully
✓ URL: https://your-app.varity.app

No manual credential setup required.

Security

Rate-limited — Credential proxy enforces per-app rate limits
API key authenticated — CLI uses embedded API keys to authenticate with the proxy
Credentials never stored on disk — Injected at build time only
Isolated per app — Each app receives its own credential scope

Verifying Credentials

Run the doctor command to verify your credential status:

varitykit doctor

Checking environment variables...
  ✓ Credentials: Auto-provided
  ✓ Storage API: Accessible

Advanced: Using Your Own Auth Credentials

Varity manages these credentials automatically. Only use this if you need custom configuration.

You can override the managed authentication credential with your own Privy app:

Authentication (Privy)

Create an account at dashboard.privy.io
Create a new app and copy your App ID
Add to your .env.local:

NEXT_PUBLIC_PRIVY_APP_ID=your_privy_app_id

Storage is handled automatically by Varity. When NEXT_PUBLIC_PRIVY_APP_ID is set, the SDK uses your own Privy app instead of the managed one.

Next Steps

Environment Variables — Variables you can customize
Deploy Your App — Deploy with one command
CLI Doctor — Verify your setup