Secrets Redacted
Hosted Environment Validation
Overall status: fail. Secret-like values are redacted and `.env` files are not read.
Hosted environment validation checks app-only configuration names and redacts secret-like values. It does not read .env files, print secrets, validate broker credentials, connect accounts, or change runner state.
Checks
| Variable | Status | Preview | Message |
|---|---|---|---|
| OMNIMINT_APP_ENVApplication environment label. | pass | production | Present and valid. |
| OMNIMINT_PUBLIC_BASE_URLExternal HTTPS URL for hosted app links. | missing | Required for hosted mode. | |
| OMNIMINT_ALLOWED_HOSTSComma-separated host allowlist for hosted requests. | missing | Required for hosted mode. | |
| OMNIMINT_DATABASE_URLHosted app database URL stored by the platform secret manager. | pass | [redacted] | Present and valid. |
| OMNIMINT_SECRET_KEYHosted session/signing secret stored by the platform secret manager. | missing | Required for hosted mode. | |
| OMNIMINT_SESSION_COOKIE_SECUREMust be true for hosted HTTPS environments. | missing | Required for hosted mode. | |
| OMNIMINT_CSRF_PROTECTION_ENABLEDMust be true before accepting hosted browser writes. | missing | Required for hosted mode. | |
| OMNIMINT_PAYMENT_PROVIDER_MODEProvider mode flag; credentials stay outside this validator. | pass | Optional and not set. | |
| OMNIMINT_BROKER_CONNECT_MODEBroker-connect capability flag for app previews only. | pass | Optional and not set. | |
| OMNIMINT_VERIFICATION_DELIVERY_MODEReal account verification delivery mode. Console preview is local-only. | pass | resend | Present and valid. |
| OMNIMINT_RESEND_API_KEYResend API key used to send real email confirmation codes. | pass | [redacted] | Present and valid. |
| OMNIMINT_RESEND_FROMVerified Resend sender for OmniMint account confirmation emails. | pass | OmniMint <verify@auth.omnimint.dev> | Present and valid. |
| OMNIMINT_RESEND_API_URLOptional override for the Resend email API endpoint. | pass | Optional and not set. | |
| OMNIMINT_RESEND_TIMEOUTOptional timeout in seconds for Resend verification delivery. | pass | Optional and not set. | |
| OMNIMINT_SMTP_HOSTSMTP host used to send real email confirmation codes. | pass | Optional and not set. | |
| OMNIMINT_SMTP_PORTSMTP port for verification email delivery. | pass | Optional and not set. | |
| OMNIMINT_SMTP_USERNAMESMTP username stored by the platform secret manager when required. | pass | Optional and not set. | |
| OMNIMINT_SMTP_PASSWORDSMTP password stored by the platform secret manager when required. | pass | Optional and not set. | |
| OMNIMINT_SMTP_FROMVerified sender address for OmniMint account confirmation emails. | pass | Optional and not set. | |
| OMNIMINT_SMTP_USE_TLSWhether SMTP STARTTLS should be used. | pass | Optional and not set. | |
| OMNIMINT_SMTP_USE_SSLWhether SMTP SSL should be used instead of STARTTLS. | pass | Optional and not set. | |
| OMNIMINT_SMS_WEBHOOK_URLSMS webhook endpoint for future phone verification delivery. | pass | Optional and not set. | |
| OMNIMINT_SMS_WEBHOOK_BEARER_TOKENOptional bearer token for the SMS verification webhook. | pass | Optional and not set. |
Prohibited Environment Names
- No prohibited names detected.