Skip to main content
FirstFlow is configured almost entirely through the Supabase client and provider props you pass in code. The only environment variables it relies on are your Supabase keys and, optionally, an AI provider key for the server SDK. There is no FirstFlow server, so there are no service secrets, ports, or database URLs to manage.

Supabase

There are three values: a project URL and anon key (both browser-safe, used by the runtime) and a service-role key (server-only, used by @firstflow/runtime-server). The runtime takes plain strings you read them however your stack exposes env. The two browser-safe values must use your bundler’s client-env prefix so they reach the browser; the service-role key must never carry such a prefix.
A client-env prefix (NEXT_PUBLIC_, VITE_, REACT_APP_) inlines a value into your browser bundle, where end users can read it. Only the URL and anon key may carry one. The service_role key bypasses Row Level Security keep it on the server with a plain name, and never commit it.

AI provider

Needed only if you wrap an LLM client with @firstflow/runtime-server or use the intent classifier. The widget, experiences, persistence, resume, and triggers all run without any AI key. FirstFlow reads no API key. It wraps an LLM client you construct, so the key comes from wherever you supply it there is no FIRSTFLOW-owned key variable. There are three ways to provide it:
Each provider SDK reads its own conventional variable. Set it and construct the client with no arguments:
In every case ff.wrap(...) / createAIClient(...) returns a normal client FirstFlow only observes the calls, it never owns the credentials. See the Server SDK.

Where the rest of the config lives

Most of what other tools put in environment variables, FirstFlow puts in code, because there is no server reading a .env:

Linking the front-end and back-end

user.id ties a person’s experiences (front-end) to their LLM activity (server SDK) pass the same one to both. The server SDK also takes a conversationId/sessionId, an id your own chat code owns, to group a transcript; FirstflowProvider does not use it. See Identity & auth.

Next

Lock down table access with Row Level Security, then review Identity & auth and the production checklist.