Skip to main content

Builder configuration

Parameters marked with * are required.

General

ParameterDefaultDescription
DATABASE_URL *The database URL
ENCRYPTION_SECRET *A 256-bit key used to encrypt sensitive data. It is strongly recommended to generate a new one. The secret should be the same between builder and viewer.
NEXTAUTH_URL *The builder base URL. Should be the publicly accessible URL (i.e. https://typebot.domain.com)
NEXT_PUBLIC_VIEWER_URL *The viewer base URL. Should be the publicly accessible URL (i.e. https://bot.domain.com)
ADMIN_EMAILThe email that will get an UNLIMITED plan on user creation. The associated user will be able to bypass database rules.
NEXTAUTH_URL_INTERNALThe internal builder base URL. You have to set it only when NEXTAUTH_URL can't be reached by your builder container / server. For a docker deployment, you should set it to http://localhost:3000.
DEFAULT_WORKSPACE_PLANFREEDefault workspace plan on user creation or when a user creates a new workspace. Possible values are FREE, STARTER, PRO, LIFETIME, UNLIMITED. The default plan for admin user is UNLIMITED
DISABLE_SIGNUPfalseDisable new user sign ups. Invited users are still able to sign up.
NEXT_PUBLIC_ONBOARDING_TYPEBOT_IDTypebot ID used for the onboarding. Onboarding page is skipped if not provided.

Email (Auth, notifications)

Used for sending email notifications and authentication

ParameterDefaultDescription
SMTP_USERNAMESMTP username
SMTP_PASSWORDSMTP password
SMTP_HOSTSMTP host. (i.e. smtp.host.com)
SMTP_PORT25SMTP port
NEXT_PUBLIC_SMTP_FROMFrom name and email (i.e. 'Typebot Notifications' <notifications@host.com>)
SMTP_SECUREfalseIf true the connection will use TLS when connecting to server. If false (the default) then TLS is used if server supports the STARTTLS extension. In most cases set this value to true if you are connecting to port 465. For port 587 or 25 keep it false
SMTP_AUTH_DISABLEDfalseTo disable the authentication by email but still use the provided config for notifications

Google (Auth, Sheets, Fonts)

Used authentication in the builder and for the Google Sheets integration step. Make sure to set the required scopes (userinfo.email, spreadsheets, drive.readonly) in your console The Authorization callback URL should be $NEXTAUTH_URL/api/auth/callback/google

ParameterDefaultDescription
GOOGLE_CLIENT_IDThe Client ID from the Google API Console
GOOGLE_CLIENT_SECRETThe Client secret from the Google API Console

Used for Google Fonts (Optional):

ParameterDefaultDescription
NEXT_PUBLIC_GOOGLE_API_KEYThe API Key from the Google API Console

Configuration

https://console.developers.google.com/apis/credentials

The "Authorized redirect URIs" used when creating the credentials must include your full domain and end in the callback path:

  • For production:
    • https://{YOUR_DOMAIN}/api/auth/callback/google
    • https://{YOUR_DOMAIN}/api/credentials/google-sheets/callback
  • For development:
    • http://localhost:3000/api/auth/callback/google
    • http://localhost:3000/api/credentials/google-sheets/callback

GitHub (Auth)

Used for authenticating with GitHub. By default, it uses the credentials of a Typebot-dev app.

You can create your own GitHub OAuth app here. The Authorization callback URL should be $NEXTAUTH_URL/api/auth/callback/github

ParameterDefaultDescription
GITHUB_CLIENT_IDApplication client ID. Also used to check if it is enabled in the front-end
GITHUB_CLIENT_SECRETApplication secret

GitLab (Auth)

Used for authenticating with GitLab. Follow the official GitLab guide for creating OAuth2 applications here. The Authorization callback URL should be $NEXTAUTH_URL/api/auth/callback/gitlab

ParameterDefaultDescription
GITLAB_CLIENT_IDApplication client ID. Also used to check if it is enabled in the front-end
GITLAB_CLIENT_SECRETApplication secret
GITLAB_BASE_URLhttps://gitlab.comBase URL of the GitLab instance
GITLAB_REQUIRED_GROUPSComma-separated list of groups the user has to be a direct member of, e.g. foo,bar
GITLAB_NAMEGitLabName of the GitLab instance, used for the SSO Login Button

Facebook (Auth)

You can create your own Facebook OAuth app here. The Authorization callback URL should be $NEXTAUTH_URL/api/auth/callback/facebook

ParameterDefaultDescription
FACEBOOK_CLIENT_IDApplication client ID. Also used to check if it is enabled in the front-end
FACEBOOK_CLIENT_SECRETApplication secret

Azure AD (Auth)

If you are using Azure Active Directory for the authentication you can set the following environment variables. The Authorization callback URL should be $NEXTAUTH_URL/api/auth/callback/azure-ad

ParameterDefaultDescription
AZURE_AD_CLIENT_IDApplication client ID
AZURE_AD_CLIENT_SECRETApplication client secret. Can be obtained from Azure Portal.
AZURE_AD_TENANT_IDAzure Tenant ID

Custom OAuth Provider (Auth)

ParameterDefaultDescription
CUSTOM_OAUTH_NAMECustom OAuthProvider name. Will be displayed in the sign in form.
CUSTOM_OAUTH_CLIENT_IDOAuth client ID.
CUSTOM_OAUTH_CLIENT_SECRETOAuth client secret.
CUSTOM_OAUTH_WELL_KNOWN_URLOAuth .well-known URL (i.e. https://auth.domain.com/.well-known/openid-configuration)
CUSTOM_OAUTH_USER_ID_PATHidUsed to map the id from the user info object
CUSTOM_OAUTH_USER_NAME_PATHnameUsed to map the name from the user info object
CUSTOM_OAUTH_USER_EMAIL_PATHemailUsed to map the email from the user info object
CUSTOM_OAUTH_USER_IMAGE_PATHimageUsed to map the image from the user info object
CUSTOM_OAUTH_SCOPEopenid profile emailOAuth scope

For *_PATH parameters, you can use dot notation to access nested properties (i.e. account.name).

S3 Storage (Media uploads)

Used for uploading images, videos, etc... It can be any S3 compatible object storage service (Minio, Digital Oceans Space, AWS S3...)

ParameterDefaultDescription
S3_ACCESS_KEYS3 access key. Also used to check if upload feature is enabled
S3_SECRET_KEYS3 secret key.
S3_BUCKETtypebotName of the bucket where assets will be uploaded in.
S3_PORTS3 Host port number
S3_ENDPOINTS3 endpoint (i.e. s3.domain.com).
S3_SSLtrueUse SSL when establishing the connection.
S3_REGIONS3 region.

Note that for AWS S3, your endpoint is usually: s3.<S3_REGION>.amazonaws.com

Your bucket must have the following policy that tells S3 to allow public read when an object is located under the public folder:

{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "PublicRead",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::<BUCKET_NAME>/public/*"
}
]
}

You also need to configure CORS so that an object can be uploaded from the browser:

[
{
"AllowedHeaders": ["*"],
"AllowedMethods": ["PUT", "POST"],
"AllowedOrigins": ["*"],
"ExposeHeaders": ["ETag"]
}
]

Giphy (GIF picker)

Used to search for GIF. You can create a Giphy app here

ParameterDefaultDescription
NEXT_PUBLIC_GIPHY_API_KEYGiphy API key

Unsplash (image picker)

Used to search for images. You can create a Giphy app here

ParameterDefaultDescription
NEXT_PUBLIC_UNSPLASH_APP_NAMEUnsplash App name
NEXT_PUBLIC_UNSPLASH_ACCESS_KEYUnsplash API key

Others

Show

The official Typebot managed service uses other services such as Stripe for processing payments, Sentry for tracking bugs and Sleekplan for user feedbacks.

The related environment variables are listed here but you are probably not interested in these if you self-host Typebot.

Stripe

ParameterDefaultDescription
NEXT_PUBLIC_STRIPE_PUBLIC_KEYStripe public key
STRIPE_SECRET_KEYStripe secret key
STRIPE_STARTER_PRODUCT_IDStarter plan product ID
STRIPE_STARTER_MONTHLY_PRICE_IDStarter monthly plan price id
STRIPE_STARTER_YEARLY_PRICE_IDStarter yearly plan price id
STRIPE_PRO_PRODUCT_IDPro plan product ID
STRIPE_PRO_MONTHLY_PRICE_IDPro monthly plan price id
STRIPE_PRO_YEARLY_PRICE_IDPro yearly plan price id
STRIPE_STARTER_CHATS_MONTHLY_PRICE_IDStarter Additional chats monthly price id
STRIPE_STARTER_CHATS_YEARLY_PRICE_IDStarter Additional chats yearly price id
STRIPE_PRO_CHATS_MONTHLY_PRICE_IDPro Additional chats monthly price id
STRIPE_PRO_CHATS_YEARLY_PRICE_IDPro Additional chats yearly price id
STRIPE_STARTER_STORAGE_MONTHLY_PRICE_IDStarter Additional storage monthly price id
STRIPE_STARTER_STORAGE_YEARLY_PRICE_IDStarter Additional storage yearly price id
STRIPE_PRO_STORAGE_MONTHLY_PRICE_IDPro Additional storage monthly price id
STRIPE_PRO_STORAGE_YEARLY_PRICE_IDPro Additional storage yearly price id
STRIPE_WEBHOOK_SECRETStripe Webhook secret

Sentry

ParameterDefaultDescription
NEXT_PUBLIC_SENTRY_DSNSentry DSN
SENTRY_AUTH_TOKENUsed to upload sourcemaps on app build
SENTRY_PROJECTSentry project name
SENTRY_ORGSentry organization name

These can also be added to the viewer environment

Vercel (custom domains)

ParameterDefaultDescription
VERCEL_TOKENVercel API token
NEXT_PUBLIC_VERCEL_VIEWER_PROJECT_NAMEThe name of the viewer project in Vercel
VERCEL_TEAM_IDVercel team ID that contains the viewer project

Sleekplan

ParameterDefaultDescription
SLEEKPLAN_SSO_KEYSleekplan SSO key used to automatically authenticate a user in Sleekplan

Telemetry

ParameterDefaultDescription
TELEMETRY_WEBHOOK_URLWebhook URL called whenever a new telemetry event is captured. See this file that lists all the possible events
TELEMETRY_WEBHOOK_BEARER_TOKENBearer token to add if the request needs to be authenticated

PostHog

ParameterDefaultDescription
POSTHOG_API_KEYPostHog API Key
POSTHOG_API_HOSTPostHog API Host

note

If you're self-hosting Typebot, sponsoring me is a great way to give back to the community and to contribute to the long-term sustainability of the project.

Thank you for supporting independent creators of Free Open Source Software!