1 minute reading time
Vercel Next.js

Vercel with NextJS

Learn how to make Vercel, NextJS, and Dotenv Vault work together. This tutorial assumes you have already created a .env file and synced it.

1. Install dotenv-vault-core

Install dotenv-vault-core.

$ npm install dotenv-vault-core --save

2. Preload dotenv-vault-core

Preload NextJS scripts using dotenv-vault-core. This will inject the environment variables ahead of NextJS.

"scripts": {
  "dev": "node -r dotenv-vault-core/config ./node_modules/.bin/next dev",
  "build": "node -r dotenv-vault-core/config ./node_modules/.bin/next build",
  "start": "node -r dotenv-vault-core/config ./node_modules/.bin/next start",
  "lint": "node -r dotenv-vault-core/config ./node_modules/.bin/next lint"


When using pnpm, add a .npmrc file with node-linker=hoisted. See pnpm/pnpm#4782 for more information.

3. Run dotenv-vault build

Run npx dotenv-vault build to build your encrypted .env.vault file.

$ npx dotenv-vault build


Run npx dotenv-vault keys production.

$ npx dotenv-vault keys production
remote:   Listing .env.vault decryption keys... done


Visit your Vercel Project > Settings > Environment Variables.

Set DOTENV_KEY to the value returned above.

5. Commit and push

That’s it!

Commit those changes safely to code and push to Vercel.

When the build runs, it will recognize the DOTENV_KEY, decrypt the .env.vault file, and load the production environment variables to ENV. If a DOTENV_KEY is not set (like during development on your local machine) it will fall back to regular dotenv.

You will know it worked when you see the message ‘Loading env from encrypted .env.vault’.

Updated Saturday (Nov 26)