~/envtools
.env · generator · Firebase

Firebase .env Generator

Firebase has two halves: the public client config (safe in the browser) and the Admin SDK service account (server-only). This generator keeps them separated with the right NEXT_PUBLIC_ prefixes so you don't leak admin credentials.

.env for Firebase · 9 keys
Customize →
NEXT_PUBLIC_FIREBASE_API_KEY=
NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN=
NEXT_PUBLIC_FIREBASE_PROJECT_ID=
NEXT_PUBLIC_FIREBASE_STORAGE_BUCKET=
NEXT_PUBLIC_FIREBASE_MESSAGING_SENDER_ID=
NEXT_PUBLIC_FIREBASE_APP_ID=
FIREBASE_ADMIN_PROJECT_ID=
FIREBASE_ADMIN_CLIENT_EMAIL=
FIREBASE_ADMIN_PRIVATE_KEY=

Secrets regenerate on every page load. Want to combine stacks (e.g., Next.js + Stripe + Supabase)? Use the full generator.

How to use this .env in Firebase

  1. 1.Grab your client config from Firebase Console → Project Settings → General.
  2. 2.Grab the Admin SDK service account from Firebase Console → Project Settings → Service Accounts → Generate new private key.
  3. 3.Paste the two blocks into .env or .env.local.
  4. 4.FIREBASE_ADMIN_PRIVATE_KEY usually contains newlines — wrap in double quotes and keep \n escapes.

Gotchas

  • The private key contains literal \n sequences — JSON.parse the wrapped version at runtime, or replace(/\\n/g, '\n') before passing to cert().
  • NEXT_PUBLIC_FIREBASE_API_KEY being exposed is fine — it's not a secret, it identifies the project.
  • Enable App Check in production to stop abuse since the client key is public.

Common keys explained

NEXT_PUBLIC_FIREBASE_API_KEY

Client config. Safe to expose — Firebase security rules protect data.

NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN

Used by the Firebase Auth SDK for OAuth redirects.

NEXT_PUBLIC_FIREBASE_PROJECT_ID

Needed by both client and Admin SDK.

FIREBASE_ADMIN_CLIENT_EMAIL

Service-account email. Server-only.

FIREBASE_ADMIN_PRIVATE_KEY

Service-account RSA key. Server-only. Quote it.

Related tools

ENV Validator
Paste .env, catch every bug
ENV Leak Checker
Detect leaked secrets in seconds
.env.example Generator
Safe .env.example in one click

Other stacks

Node.js .env
/env-generator/nodejs
Next.js .env
/env-generator/nextjs
Django .env
/env-generator/django
Ruby on Rails .env
/env-generator/rails
React (Vite) .env
/env-generator/react
Python (FastAPI / Flask) .env
/env-generator/python
Go .env
/env-generator/go
Docker Compose .env
/env-generator/docker
Kubernetes .env
/env-generator/kubernetes
Stripe .env
/env-generator/stripe
Supabase .env
/env-generator/supabase
OpenAI .env
/env-generator/openai
Laravel .env
/env-generator/laravel