Announcing the Variables API: Manage function, site, and project variables from your Server SDKs

Environment variables have always been part of Appwrite. You could set them on a function, on a site, or on the project as a whole, and your code would pick them up at build and runtime. The catch was that all of this lived inside the Appwrite Console. If you wanted to provision configuration as part of a script, rotate a secret across environments, or bootstrap a new project from a template, you had to click through the UI.

Today, we are announcing the Variables API, a unified set of endpoints for managing environment variables on functions, sites, and projects programmatically through the Appwrite Server SDKs.

This is part of a wider effort to make everything in Appwrite accessible through the API. Anything you can do in the Console should be doable from code, and variables are now a first-class part of that surface.

Why this matters

Configuration drift, manual secret rotation, and click-ops bootstrapping are some of the easiest ways to break a production environment. The Variables API removes them from the loop:

• Provision configuration as code as part of CI/CD, infrastructure scripts, or project templates.
• Rotate secrets across environments without opening the Console for each function, site, and project.
• Bootstrap new projects with the same baseline of variables every time.
• Build internal tooling that lets your team manage shared configuration in one place.
• Audit and reconcile what is set against what should be set, programmatically.

Three scopes, one API surface

The Variables API covers all three scopes Appwrite already supported in the Console:

• Function variables live on a single function and are set on the Functions service.
• Site variables live on a single site and are set on the Sites service.
• Project variables are shared across every function and site in the project and are set on the Project service.

Each scope exposes the same five operations: create, list, get, update, and delete. At build and runtime, project variables load first, function or site variables override matching keys, and Appwrite-injected variables (those prefixed with APPWRITE_) take final precedence.

How it works

The relevant API key scopes are:

• functions.read / functions.write for function variables
• sites.read / sites.write for site variables
• project.read / project.write for project variables

Create a project variable

The new Project service exposes createVariable for shared configuration:

import { Client, Project, ID } from 'node-appwrite';

const client = new Client()
    .setEndpoint('https://<REGION>.cloud.appwrite.io/v1') // Your API Endpoint
    .setProject('<YOUR_PROJECT_ID>') // Your project ID
    .setKey('<YOUR_API_KEY>'); // Your API key

const project = new Project(client);

const result = await project.createVariable({
    variableId: ID.unique(),
    key: 'STRIPE_KEY',
    value: 'sk_live_...',
    secret: true // optional
});

Create a function variable

The same shape applies on the Functions service for variables scoped to a single function:

import { Client, Functions } from 'node-appwrite';

const client = new Client()
    .setEndpoint('https://<REGION>.cloud.appwrite.io/v1') // Your API Endpoint
    .setProject('<YOUR_PROJECT_ID>') // Your project ID
    .setKey('<YOUR_API_KEY>'); // Your API key

const functions = new Functions(client);

const result = await functions.createVariable({
    functionId: '<FUNCTION_ID>',
    key: 'OPENAI_API_KEY',
    value: 'sk-...',
    secret: true // optional
});

Create a site variable

And on the Sites service for variables scoped to a single site:

import { Client, Sites } from 'node-appwrite';

const client = new Client()
    .setEndpoint('https://<REGION>.cloud.appwrite.io/v1') // Your API Endpoint
    .setProject('<YOUR_PROJECT_ID>') // Your project ID
    .setKey('<YOUR_API_KEY>'); // Your API key

const sites = new Sites(client);

const result = await sites.createVariable({
    siteId: '<SITE_ID>',
    key: 'NEXT_PUBLIC_ANALYTICS_ID',
    value: 'G-XXXXXXX',
    secret: false // optional
});

Update a project variable

updateVariable exists on all three services with the same shape. Updating a variable lets you rotate a value or change its secret flag without recreating it. Marking a variable as secret cannot be reversed. To replace a secret value, delete the variable and create a new one with the same key.

import { Client, Project } from 'node-appwrite';

const client = new Client()
    .setEndpoint('https://<REGION>.cloud.appwrite.io/v1') // Your API Endpoint
    .setProject('<YOUR_PROJECT_ID>') // Your project ID
    .setKey('<YOUR_API_KEY>'); // Your API key

const project = new Project(client);

const result = await project.updateVariable({
    variableId: '<VARIABLE_ID>',
    key: 'STRIPE_KEY', // optional
    value: 'sk_live_rotated_...', // optional
    secret: false // optional
});

Delete a project variable

deleteVariable is available on each service. Once deleted, the variable stops appearing in subsequent function and site deployments.

import { Client, Project } from 'node-appwrite';

const client = new Client()
    .setEndpoint('https://<REGION>.cloud.appwrite.io/v1') // Your API Endpoint
    .setProject('<YOUR_PROJECT_ID>') // Your project ID
    .setKey('<YOUR_API_KEY>'); // Your API key

const project = new Project(client);

const result = await project.deleteVariable({
    variableId: '<VARIABLE_ID>'
});

Get started

The Variables API is available on Appwrite Cloud today, across every Appwrite Server SDK. Complete code examples for every supported language and every operation live in the documentation:

• Project variables
• Function variables
• Site variables