Environment Variables Reference
Auto-generated
This page is auto-generated from backend/.env.example. Do not edit manually.
Generalβ
| Variable | Default | Required | Description |
|---|---|---|---|
PORT | 4000 | Yes | Tenable Dashboard Backend Environment Configuration Copy this file to .env and fill in your values Server Configuration |
NODE_ENV | development | Yes | β |
ALLOW_DEMO_LOGIN | true # Only set to true in development! Enables demo credentials. | No | Security Configuration |
ENCRYPTION_KEY | your_32_character_encryption_key | Yes | Encryption Key for API keys at rest (REQUIRED - exactly 32 characters) Generate with: openssl rand -hex 16 |
INITIAL_ADMIN_EMAIL | admin@company.com | No | Initial Admin User (only used if no admin exists in database) These credentials are used for first-time bootstrap; change password after first login! |
INITIAL_ADMIN_PASSWORD | changeme123 | No | β |
INITIAL_ADMIN_NAME | System Administrator | No | β |
TENABLE_ACCESS_KEY | your_tenable_access_key_here | Yes | Tenable API Configuration Get your API keys from https://cloud.tenable.com/ |
TENABLE_SECRET_KEY | your_tenable_secret_key_here | Yes | β |
TENABLE_API_URL | https://cloud.tenable.com | No | β |
DATABASE_URL | postgresql://tenable:tenable_secure_password_change_me@localhost:5432/tenable_dashboard | Yes | Database Configuration (PostgreSQL) |
DB_HOST | localhost | No | β |
DB_PORT | 5432 | No | β |
DB_NAME | tenable_dashboard | No | β |
DB_USER | tenable | No | β |
DB_PASSWORD | tenable_secure_password_change_me | No | β |
REDIS_URL | redis://localhost:6379 | No | Redis Configuration |
REDIS_HOST | localhost | No | β |
REDIS_PORT | 6379 | No | β |
JWT_SECRET | your_super_secret_jwt_key_change_in_production_min_32_chars | Yes | JWT Configuration |
JWT_EXPIRES_IN | 1d | No | β |
JWT_REFRESH_SECRET | your_refresh_token_secret_change_in_production | No | β |
JWT_REFRESH_EXPIRES_IN | 7d | No | β |
SESSION_TIMEOUT_MINUTES | 30 | No | Session Configuration |
RATE_LIMIT_WINDOW_MS | 60000 | No | Rate Limiting |
RATE_LIMIT_MAX_REQUESTS | 100 | No | β |
CORS_ORIGIN | http://localhost:3000 | No | CORS Configuration |
AZURE_CLIENT_ID | β | No | SSO Configuration (Optional) Azure AD |
AZURE_CLIENT_SECRET | β | No | β |
AZURE_TENANT_ID | β | No | β |
OKTA_DOMAIN | β | No | Okta |
OKTA_CLIENT_ID | β | No | β |
OKTA_CLIENT_SECRET | β | No | β |
GOOGLE_CLIENT_ID | β | No | Google OAuth |
GOOGLE_CLIENT_SECRET | β | No | β |
LOG_LEVEL | debug | No | Logging |
CACHE_TTL | 3600 | No | Cache TTL (in seconds) |
API_CACHE_TTL | 21600 | No | β |
Generated on 2026-04-05