# --- Arcade ----------------------------------------------------------------- # Create a key at https://api.arcade.dev/dashboard (or https://docs.arcade.dev) ARCADE_API_KEY=arc_... # Stable identifier for the end user Arcade acts on behalf of. In production, # set this per-request from your own auth/session instead of a single value. # For local testing, use the email you signed up to Arcade with. ARCADE_USER_ID=you@example.com # --- Model ------------------------------------------------------------------ # CopilotKit's Built-in Agent calls this model. Key from platform.openai.com OPENAI_API_KEY=sk-... # Optional. Override the default model ("provider/model" or "provider:model"). # OPENAI_MODEL=openai/gpt-4o # --- CopilotKit ------------------------------------------------------------- # The CopilotKit runtime sends anonymous telemetry by default. Opt out here. COPILOTKIT_TELEMETRY_DISABLED=true # --- Security (see "Deploying publicly" in the README) ---------------------- # The agent runtime can send/read email on your keys. Before any public or # multi-user deployment, protect /api/copilotkit. Setting this requires every # request to send `Authorization: Bearer ` (a starter gate; replace with # your real session auth). Leave unset for local dev. # COPILOTKIT_RUNTIME_TOKEN= # LOCAL EXPERIMENTS ONLY: lets the client pass `x-arcade-user-id` to scope tool # calls per user. Client headers are spoofable, so in production derive the user id # from a server-verified session instead. Leave unset. # ARCADE_ALLOW_HEADER_USER_ID=true