Environment variables
The only environment variables you need. Copy them to your .env (or secret manager).
Backend (server-side)
These two live on your server. Never in the browser.
| Variable | Value | Purpose |
|---|---|---|
NEUROON_API_KEY | sk_… (same format in both environments) | Authenticates every server-to-server call |
NEUROON_SHOP_ID | shop_… | Identifies your shop |
NEUROON_API_URL | https://api.neuroon.ai or https://dev-api.neuroon.ai | API base URL |
Frontend (browser)
The widget only needs the Widget Token (which you mint server-side and pass as data-token). There is no other client-side variable.
| Variable | Value | Purpose |
|---|---|---|
NEUROON_WIDGET_TOKEN (server-side) | 24 h token | Your server mints it and prints it into the HTML as data-token |
Per stack
Node / Express / NestJS
# .env
NEUROON_API_KEY=sk_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
NEUROON_SHOP_ID=shop_xxxxxxxxxxxxxxxxxxxxxxxxxxxx
NEUROON_API_URL=https://api.neuroon.ai
const res = await fetch(`${process.env.NEUROON_API_URL}/api/plugin/shops/${process.env.NEUROON_SHOP_ID}/products/sync`, {
headers: { 'X-Shop-API-Key': process.env.NEUROON_API_KEY, ... }
})
Next.js
.env.local:
NEUROON_API_KEY=sk_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
NEUROON_SHOP_ID=shop_xxxxxxxxxxxxxxxxxxxxxxxxxxxx
NEUROON_API_URL=https://api.neuroon.ai
Do not prefix with NEXT_PUBLIC_. This is server-only. To mint the Widget Token use a Route Handler (app/api/.../route.ts) that returns it to the frontend.
.NET
appsettings.json (or an equivalent secret manager):
{
"Neuroon": {
"ApiKey": "sk_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"ShopId": "shop_xxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"ApiUrl": "https://api.neuroon.ai"
}
}
var apiKey = configuration["Neuroon:ApiKey"];
PHP / WordPress
wp-config.php (preferred over storing the key in wp_options):
define('NEUROON_API_KEY', 'sk_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx');
define('NEUROON_SHOP_ID', 'shop_xxxxxxxxxxxxxxxxxxxxxxxxxxxx');
define('NEUROON_API_URL', 'https://api.neuroon.ai');
Python / Django / Flask
# .env
NEUROON_API_KEY=sk_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
NEUROON_SHOP_ID=shop_xxxxxxxxxxxxxxxxxxxxxxxxxxxx
NEUROON_API_URL=https://api.neuroon.ai
import os
api_key = os.environ['NEUROON_API_KEY']
Switching between Production and Development
You change just two things:
- NEUROON_API_URL=https://dev-api.neuroon.ai
+ NEUROON_API_URL=https://api.neuroon.ai
- NEUROON_API_KEY=sk_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+ NEUROON_API_KEY=sk_xxxxxxxxxxxxxxxxxxxxxxxx
NEUROON_SHOP_ID may differ if you registered your shop in both environments separately.
The widget CDN (https://cdn.neuroon.ai/widget.js) is the same on production and development.
Rules
- Never commit them to git.
.envbelongs in.gitignore. - Never put them in the frontend (
NEXT_PUBLIC_*,VITE_*, etc.) — all are server-only. - Never mix Production and Development keys.