MCP Hub

# Basic .env template – minimum required for local dev # ─── Front-end (Vite) ───────────────────────── # Supabase public project details (required for React app) VITE_SUPABASE_URL=https://your-project-id.supabase.co VITE_SUPABASE_ANON_KEY=your-anon-public-key # ─── Back-end (Express) ─────────────────────── # CORS origin(s) allowed to call the backend (comma-separated) CORS_ORIGINS=http://localhost:5173 # 32-byte (64-char hex) key used for AES-256-GCM encryption of stored tokens ENCRYPTION_KEY=0000000000000000000000000000000000000000000000000000000000000000 # Session secret for express-session (any random string) SESSION_SECRET=replace-with-random-string # Supabase service details – required for credential DAO & Realtime SUPABASE_URL=https://your-project-id.supabase.co SUPABASE_SERVICE_ROLE_KEY=your-service-role-key # Google OAuth (Drive, Gmail, Calendar) GOOGLE_CLIENT_ID=your-google-client-id.apps.googleusercontent.com GOOGLE_CLIENT_SECRET=your-google-client-secret # GitHub OAuth (optional, PAT flow still works without) GITHUB_CLIENT_ID=your-github-oauth-client-id GITHUB_CLIENT_SECRET=your-github-oauth-client-secret # API keys for LLM providers (set any you use) OPENAI_API_KEY= ANTHROPIC_API_KEY= GEMINI_API_KEY= # Slack signing secret etc. SLACK_BOT_TOKEN= SLACK_SIGNING_SECRET= # Atlassian Jira OAuth ATLASSIAN_CLIENT_ID=your-atlassian-client-id # (Optional) If using confidential OAuth flow with client secret ATLASSIAN_CLIENT_SECRET=your-atlassian-client-secret # Must exactly match the Redirect URL set in developer.atlassian.com app settings JIRA_REDIRECT_URI=http://localhost:3001/api/auth/jira/callback # (Optional) Override default scopes; space-separated JIRA_SCOPES=read:jira-user read:jira-work write:jira-work offline_access