😎 Discover cool tips and tricks for customization in our next Developer Deep Dive virtual event - sign up now!

.Env.Local File Configuration not working with Next.js Application

13 replies
Last updated: Jul 9, 2021
Hello Sanity, My .env.local file contains my project id and dataset name. I'm accessing them in my sanity configuration. However my NextJs application complains that I have to specify my projectId. If I hardcode the id to the sanity configuration, it works. What is actually going wrong here?
Jul 9, 2021, 6:49 AM
A next issue perhaps? Have you tried prefixing it with NEXT_PUBLIC_?
Jul 9, 2021, 6:53 AM
Eg it might be available in getStaticProps but not getInitialProps which is client side.
Jul 9, 2021, 6:53 AM
Aren't Project ID and dataset name secret?
Jul 9, 2021, 6:55 AM
I'm confused about the way NEXT_PUBLIC prefix works actually. If it exposes the variables to the browser environment, does that mean someone can steal it and tamper my data?
Jul 9, 2021, 6:56 AM
You tell me.
For our public datasets they are not secret as the data is public anyways. For our private datasets you need a login so no issue there either.

For your use case it might be they are? If so, you wont be able to use it on the frontend. If you restrict yourself to getStaticProps and similar it should still work.
Jul 9, 2021, 6:57 AM
Well they'll need to be logged in to EDIT or ADD data, but they'll have read access to all of your data if it's a public dataset.
Jul 9, 2021, 6:57 AM
Overall I see little reason to keep it secret, the project id will be leaked the moment you introduce any assets such as images.
Jul 9, 2021, 6:59 AM
Project IDs and dataset names shouldn't be considered secret - if you want your data to be private, you should be using a private dataset. In that case, you want to use a read token and do data fetching on the server side only (be sure to not prefix the token variable with
NEXT_PUBLIC
).
Jul 9, 2021, 7:00 AM
user A
user Z
Thank you for help
Jul 9, 2021, 7:02 AM
user T
There's a mistake in what I told you that day. Project ID and dataset shouldn't be secret. Please read this thread for more information
Jul 9, 2021, 7:03 AM
ll
Jul 9, 2021, 7:51 AM

Sanity– build remarkable experiences at scale

Sanity is a modern headless CMS that treats content as data to power your digital business. Free to get started, and pay-as-you-go on all plans.

Was this answer helpful?