Skip to main content

Environment Variables

This page provides a comprehensive reference for all the environment variables you can use to configure your self-hosted Flagsmith instance. You'll find variables for both the API and the frontend, along with a brief description of what each one does. Use this as a handy guide when setting up or tweaking your deployment, whether you're running locally, in the cloud, or on Kubernetes. If you're not sure what a particular variable does, or whether you need to set it, check the relevant section below for more details.

API Environment Variables

  • DJANGO_ALLOWED_HOSTS: Comma-separated list of domains that can access the API. Alternatively * to allow any.
  • DATABASE_URL: The URL of your PostgreSQL database. Both postgres:// and postgresql:// schemas are supported.
  • REDIS_URL: The URL of your Redis instance.
  • ENV: The environment the application is running in, e.g. "prod".
  • SENTRY_DSN: If you want to send errors to Sentry, specify the DSN here.
  • SENTRY_TRACE_SAMPLE_RATE: The percentage of transactions to trace in Sentry. See Sentry's documentation for more info.
  • LOG_LEVEL: The log level to output at. One of DEBUG, INFO, WARNING, ERROR, CRITICAL.
  • LOG_FORMAT: The format to use for logging. One of generic or json.
  • DJANGO_SECRET_KEY: A long, random and unique string used for cryptographic signing.
  • ACCESS_LOG_LOCATION: The location to store web logs generated by Gunicorn if running as a Docker container. If not set, no logs will be stored. If set to -, the logs will be sent to stdout.
  • DJANGO_SETTINGS_MODULE: Python path to settings file for the given environment, e.g. "app.settings.develop"
  • ALLOW_ADMIN_INITIATION_VIA_CLI: Enables the bootstrap management command which creates default admin user, organisation, and project.
  • ADMIN_EMAIL: Email to use for the default superuser creation.
  • ORGANISATION_NAME: Organisation name to use for the default organisation.
  • PROJECT_NAME: Project name to use for the default project.
  • ENABLE_GZIP_COMPRESSION: If Django should gzip compress HTTP responses. Defaults to False.
  • GOOGLE_ANALYTICS_KEY: If Google Analytics is required, add your tracking code.
  • GOOGLE_SERVICE_ACCOUNT: Service account JSON for accessing the Google API, used for getting usage of an organisation - needs access to analytics.readonly scope.
  • INFLUXDB_TOKEN: If you want to send API events to InfluxDB, specify this write token.
  • INFLUXDB_URL: The URL for your InfluxDB database.
  • INFLUXDB_ORG: The organisation string for your InfluxDB API call.
  • GA_TABLE_ID: GA table ID (view) to query when looking for organisation usage.
  • USER_CREATE_PERMISSIONS: Set the permissions for creating new users, using a comma-separated list of djoser or rest_framework permissions. Use this to turn off public user creation for self-hosting. e.g. 'djoser.permissions.CurrentUserOrAdmin'. Defaults to 'rest_framework.permissions.AllowAny'.
  • ALLOW_REGISTRATION_WITHOUT_INVITE: Determines whether users can register without an invite. Defaults to True. Set to False or 0 to disable. Note that if disabled, new users must be invited via email.
  • PREVENT_SIGNUP: Determines whether to prevent new signups.
  • ENABLE_EMAIL_ACTIVATION: New user registration will go via email activation flow, default False.

Frontend Environment Variables

  • FLAGSMITH_API_URL: The API to hit for requests. E.g. https://edge.api.flagsmith.com/api/v1/
  • FLAGSMITH_ON_FLAGSMITH_API_KEY: The Flagsmith environment key we use to manage features - Flagsmith runs on Flagsmith.
  • FLAGSMITH_ON_FLAGSMITH_API_URL: The API URL which the Flagsmith client should communicate with. Flagsmith runs on Flagsmith. E.g. https://edge.api.flagsmith.com/api/v1/. If you are self-hosting and using your own Flagsmith instance to manage its own features, you would generally point this to the same domain name as your own Flagsmith instance.
  • DISABLE_ANALYTICS_FEATURES: Disables any in-app analytics-related features: API Usage charts, flag analytics. E.g. DISABLE_ANALYTICS_FEATURES=1.
  • ENABLE_FLAG_EVALUATION_ANALYTICS: Determines if the Flagsmith SDK should send usage analytics. If you want to enable Flag Analytics, set this. E.g. ENABLE_FLAG_EVALUATION_ANALYTICS=1.
  • PROXY_API_URL: Proxies the API via this application. Set this to the hostname of the API being proxied. Proxies /api/v1/ through to PROXY_API_URL. If you are using this, any setting to FLAGSMITH_API_URL will be ignored and the browser will use the frontend node server to send API requests. Do not prepend api/v1/ - it will be added automatically.
  • GOOGLE_ANALYTICS_API_KEY: Google Analytics key to track API usage.
  • CRISP_WEBSITE_ID: Crisp Chat widget Website key.
  • FIRST_PROMOTER_ID: First Promoter ID for checkout affiliates.
  • ALLOW_SIGNUPS: DEPRECATED in favour of PREVENT_SIGNUP in the API. Determines whether to prevent manual signups without invites. Set it to any value to allow signups.
  • PREVENT_FORGOT_PASSWORD: Determines whether to prevent forgot password functionality, useful for LDAP/SAML. Set it to any value to prevent forgot password functionality.
  • PREVENT_EMAIL_PASSWORD: Disables email address signup, login and change email functionality.
  • ENABLE_MAINTENANCE_MODE: Puts the site into maintenance mode. Set it to any value to enable maintenance.
  • AMPLITUDE_API_KEY: The Amplitude key to use for behaviour tracking.
  • REO_API_KEY: The Reo key to use for behaviour tracking.
  • MIXPANEL_API_KEY: Mixpanel analytics key to use for behaviour tracking.
  • SENTRY_API_KEY: Sentry key for error reporting.
  • ALBACROSS_CLIENT_ID: Albacross client ID key for behaviour tracking.
  • BASE_URL: Used for specifying a base URL path that's ignored during routing if serving from a subdirectory.
  • USE_SECURE_COOKIES: Enable/disable the use of secure cookies. If deploying the frontend in a private network without a domain/SSL cert, disable secure cookies to ensure that session token is persisted. Default: true.
  • COOKIE_SAME_SITE: Define the value of the SameSite attribute for the session token cookie set by the frontend. Further reading on this value is available here. Default: 'none'.

OAuth configuration

Google OAuth

To configure Google OAuth, ensure you have set the relevant OAuth client credentials in your deployment platform, and created the Flagsmith on Flagsmith flag as described in the OAuth guide. This flag controls whether Google SSO is available in your instance.

GitHub OAuth

To configure GitHub OAuth, ensure you have set GITHUB_CLIENT_ID and GITHUB_CLIENT_SECRET in your environment, and created the Flagsmith on Flagsmith flag as described in the OAuth guide. This enables the GitHub SSO option in your instance.