> ## Documentation Index
> Fetch the complete documentation index at: https://ona.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Environment variables reference

> Reference for environment variable behavior and availability in Ona environments.

Environment variable secrets are injected as standard environment variables when your environment starts. The secret name becomes the variable name.

## Behavior

| Aspect                 | Detail                                                                                                                                                                                         |
| ---------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| **Injection timing**   | At environment start                                                                                                                                                                           |
| **Naming**             | Secret name becomes the variable name                                                                                                                                                          |
| **Update propagation** | Changes are automatically propagated to running environments (within 2 minutes). Running processes won't see the new value until the environment is restarted or the Dev Container is rebuilt. |

## Access

```bash theme={null}
# Shell
echo $APP_ENV

# Node.js
process.env.APP_ENV

# Python
os.environ['APP_ENV']
```

## Security considerations

For sensitive credentials like passwords and private keys, [file secrets](/ona/configuration/secrets/files) are more secure. Environment variables are suitable for API keys and non-sensitive configuration values.

## Related

* [Create environment variable secrets](/ona/configuration/secrets/environment-variables) - step-by-step setup
* [File secrets](/ona/configuration/secrets/files) - more secure alternative
* [User secrets](/ona/configuration/secrets/user-secrets) - personal scope
* [Project secrets](/ona/projects/project-secrets) - project scope
* [Organization secrets](/ona/organizations/organization-secrets) - org-wide scope
