The sandbox env API manages a key-value store of environment variables attached to a sandbox. Variables are encrypted at rest and injected into the sandbox process environment on start. The API never returns plaintext values - only key names and metadata.
Base path: /api/v1/sandboxes/{id}/env
Endpoints
| Method | Path | Description |
|---|---|---|
GET | /api/v1/sandboxes/{id}/env | List all env vars (names only, no values) |
PUT | /api/v1/sandboxes/{id}/env | Bulk set or update env vars |
DELETE | /api/v1/sandboxes/{id}/env/{key} | Delete a single env var |
List Env Vars
GET /api/v1/sandboxes/{id}/env
Returns all variable names. Values are never returned.
Auth
Requires sandboxes:read scope.
Authorization: Bearer msk_...Response - 200 OK
{
"data": [
{ "key": "DATABASE_URL", "encrypted": true },
{ "key": "API_SECRET", "encrypted": true },
{ "key": "LOG_LEVEL", "encrypted": false }
]
}Set Env Vars
PUT /api/v1/sandboxes/{id}/env
Bulk upsert. Existing keys are updated; new keys are created. Keys not present in the request are left unchanged.
Auth
Requires sandboxes:write scope.
Authorization: Bearer msk_...Request Body
{
"vars": [
{ "key": "DATABASE_URL", "value": "postgres://...", "encrypted": true },
{ "key": "LOG_LEVEL", "value": "debug" }
]
}| Field | Type | Required | Description |
|---|---|---|---|
vars[].key | string | Yes | Variable name ([A-Z][A-Z0-9_]*) |
vars[].value | string | Yes | Variable value |
vars[].encrypted | boolean | No | Store encrypted at rest (default: true) |
Response - 200 OK
{
"data": [
{ "key": "DATABASE_URL", "encrypted": true },
{ "key": "LOG_LEVEL", "encrypted": false }
]
}Delete Env Var
DELETE /api/v1/sandboxes/{id}/env/{key}
Removes a single variable.
Response - 200 OK
{
"deleted": true,
"name": "LOG_LEVEL"
}Errors
| Status | Code | Cause |
|---|---|---|
| 400 | INVALID_ID | Sandbox ID is not a valid UUID |
| 400 | invalid vars | vars missing or a key fails name validation |
| 404 | NOT_FOUND | Sandbox does not exist or wrong tenant |
| 404 | NOT_FOUND | Key does not exist (on DELETE) |