Documentation
SDK References
Environment Vars

Environment Variables

Consult your deployment and framework documentation on how to set these the environment variables.

Required

COOKIE_SECRET

or HELLO_COOKIE_SECRET

This environment variable must be set. It should be a different value for each environment such as development and production. This is the key used to encrypt and decrypt the cookies the client uses to manage state. It is a 32 byte random / 64 character hex value. You can generate a value with:

node -e "console.log(crypto.randomBytes(32).toString('hex'))"

CLIENT_ID

or HELLO_CLIENT_ID

The client_id for your app from the Hellō Developer Console (opens in a new tab).

This environment variable must be set when using the hellocoop/client (opens in a new tab) Docker Image or the @hellocoop/cdk-client (opens in a new tab) CDK Construct which don't not use hello.config.js.

Optionally use with the SDKs to override the client_id value set in hello.config.js if you need different client_id values for different environments.

Recommended

HOST

or HELLO_HOST

The hostname component of the redirect_uri for your application. If set, the redirect_uri will be

https://${HOST}/api/hellocoop

unless API_ROUTE is set, and then it will be

https://${HOST}${API_ROUTE}

If HOST is not set, the client will send a script to the browser to detect the end point on the first call. This allows the client to be used by developers in development environments where the hostname is dynamically generated.

Advanced

HELLO_API_ROUTE

Defaults to /api/hellocoop. Change if you have a different path for the Hellō Endpoint.

HELLO_COOKIE_TOKEN

Include the value of the Hellō cookie when calling op=auth. This is an encrypted value that can be used with AWS API Gateway. Details TBD.

HELLO_COOKIE_DOMAIN

Set the domain for authentication cookies (e.g., .example.com). This enables auth cookies to work across all subdomains of the specified domain. If not set, cookies are restricted to the current host only.

Security Note: Only set this if you control all subdomains, as any subdomain will have access to the authentication cookies.

Example: Setting HELLO_COOKIE_DOMAIN=.mycompany.com allows authentication to work across app.mycompany.com, api.mycompany.com, etc.

HELLO_LOGGED_IN

Override the path to redirect after successful login (default: /).

HELLO_LOGGED_OUT

Override the path to redirect after logout (default: /).

HELLO_ERROR

Override the path to redirect on error (default: built-in error page).

HELLO_PROVIDER_HINT

Override the provider hint. Space-separated list of provider hints.

HELLO_SAME_SITE_STRICT

Use same_site=strict in the cookies set. Will cause additional redirects, and cookies will not be passed if a user links into your site from another site.

HELLO_SCOPES

Override the scope requested from Hellō. Space-separated list of scopes.

HELLO_DEBUG

Enable debug logging for Hellō SDK operations.

HELLO_*

If there is a conflict with any of the variable names above that don't start with Hello_, you can prefix the variable name with HELLO_, which will take precedence over the the other value. For example HELLO_HOST will have precedence over HOST.

HELLO_WALLET

Defaults to wallet.hello.coop. Change when using a mock server of the Wallet such as mockin during development or testing.

HELLO_DOMAIN

Defaults to hello.coop. Used by Hellō for development and internal testing. Will change the domain used for the Wallet, Quickstart, and Console SPAs.

Environment Variable Precedence

Environment variables take precedence over hello.config.js values in the following order:

  1. HELLO_* prefixed environment variables (highest priority)
  2. Non-prefixed environment variables
  3. hello.config.js configuration values (lowest priority)

For example:

  • HELLO_CLIENT_ID takes precedence over CLIENT_ID
  • CLIENT_ID takes precedence over client_id in hello.config.js
hello.config.jsFAQs