Get Project Environment Variables

Returns all vault item fields across all vaults associated with a project as a flat key-value map. Keys are formatted as SCREAMING_SNAKE_CASE, making them directly usable as environment variables.

GET /api/v1/machine/vault/env/:projectId

Headers

Header	Type	Required	Description
`X-API-Key`	string	Yes	Your API key

Path Parameters

Parameter	Type	Required	Description
`projectId`	string	Yes	The unique identifier of the project

Response

Success (200 OK)

{
  "env": {
    "PRODUCTION_DB_USERNAME": "admin",
    "PRODUCTION_DB_PASSWORD": "s3cret_password",
    "PRODUCTION_DB_HOST": "db.example.com",
    "PRODUCTION_DB_PORT": "5432",
    "AWS_CREDENTIALS_ACCESS_KEY": "AKIAIOSFODNN7EXAMPLE",
    "AWS_CREDENTIALS_SECRET_KEY": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY",
    "STRIPE_API_KEY_KEY": "sk_live_abc123"
  },
  "projectId": "507f1f77bcf86cd799439014",
  "count": 7
}

Key Format

Keys are generated from the vault item name and field name:

{VAULT_ITEM_NAME}_{FIELD_NAME}

Both parts are converted to SCREAMING_SNAKE_CASE:

Spaces, hyphens, dots, and special characters become underscores
All characters are uppercased
Multiple consecutive underscores are collapsed

Vault Item	Field	Env Key
Production DB	Username	`PRODUCTION_DB_USERNAME`
Production DB	Password	`PRODUCTION_DB_PASSWORD`
AWS Credentials	Access Key	`AWS_CREDENTIALS_ACCESS_KEY`
my-redis-cache	connection_string	`MY_REDIS_CACHE_CONNECTION_STRING`

Response Fields

Field	Type	Description
`env`	object	Key-value map of environment variables
`projectId`	string	The project ID this env was generated from
`count`	number	Total number of env vars returned

Error Responses

404 Not Found - Project not found or not accessible

{
  "error": {
    "code": "project_not_found",
    "message": "The project with ID \"abc123\" was not found or you do not have access to it."
  }
}

Example Request

curl -X GET "https://r4.dev/api/v1/machine/vault/env/507f1f77bcf86cd799439014" \
  -H "X-API-Key: rk_abc123def456.ghijklmnopqrstuvwxyz"

Use Cases

CI/CD pipelines: Inject project secrets as environment variables before running builds or deployments
Docker/Kubernetes: Generate .env files or ConfigMaps from project vault data
Secret rotation: Programmatically read current values to detect when rotation is needed
Local development: Pull production-like config into your dev environment

Example: Generate .env file

curl -s "https://r4.dev/api/v1/machine/vault/env/PROJECT_ID" \
  -H "X-API-Key: $R4_API_KEY" \
  | jq -r '.env | to_entries[] | "\(.key)=\(.value)"' \
  > .env

Example: Use in GitHub Actions

- name: Load R4 secrets
  run: |
    ENV_JSON=$(curl -s "https://r4.dev/api/v1/machine/vault/env/${{ secrets.R4_PROJECT_ID }}" \
      -H "X-API-Key: ${{ secrets.R4_API_KEY }}")
    echo "$ENV_JSON" | jq -r '.env | to_entries[] | "\(.key)=\(.value)"' >> $GITHUB_ENV