Managing API Keys and Secrets in Python Using the Dotenv Library: A Beginner’s Guide

A guide to using the library python-dotenv for managing API keys and secrets.

Application Programming Interfaces (APIs) have become an integral part of modern web development. To use them, developers often need API keys and secrets, which can pose security risks if not managed properly. A common practice is to store these sensitive pieces of information in environment variables.

This guide will introduce you to a Python library called python-dotenv that makes it easy to manage your application's environment variables. It will help you set up a .env file to securely store your API keys and secrets and teach you how to access these values in your Python programs. By the end of this guide, you'll be able to use python-dotenv effectively and have a quick reference guide to come back to when needed.

What is python-dotenv?

The python-dotenv library allows you to specify environment variables in a file, which is typically named .env. This file can then be read to set environment variables when your application starts. By using python-dotenv, you can separate your configuration from your code, which is a best practice for twelve-factor apps.

Installing python-dotenv

Before we can start using python-dotenv, we need to install it. Open a terminal and install python-dotenv by running the following command:

pip install python-dotenv

Creating a “.env” file

Next, let’s create a .env file in the root directory of our project. It’s a simple text file that stores key-value pairs. Each pair represents an environment variable and its corresponding value. Here’s an example of what a .env file might look like:

API_KEY=your-api-key
API_SECRET=your-api-secret

Replace your-api-key and your-api-secret with your actual API key and secret.

Note: It’s crucial to add your .env file to your .gitignore file to ensure it doesn’t end up in your version control system. This is how you do it:

  1. Open your .gitignore file (create one if it doesn’t exist already)
  2. Add .env on a new line
  3. Save the .gitignore file

Using python-dotenv in Your Python Program

Now that we have our .env file set up, we can start using it in our Python program.

First, we need to import the load_dotenv function from the dotenv module. This function will read the key-value pairs from the .env file and automatically set them as environment variables.

Here is how you do it:

from dotenv import load_dotenv

load_dotenv()

Now, your environment variables are loaded and can be accessed using Python’s built-in os module. Here's how to access the API_KEY and API_SECRET variables we defined in the .env file:

import os

api_key = os.getenv("API_KEY")
api_secret = os.getenv("API_SECRET")

Wrapping Up

That’s it! You’ve now learned how to manage API keys and secrets in Python using the python-dotenv library. By following these steps, you'll be able to keep your secrets safe and your configuration separate from your code, making your applications more secure and maintainable.

Remember, always include your .env file in your .gitignore file to prevent exposing your sensitive data.

Quick Reference Guide

#!pip install python-dotenv
# always include your .env file in your .gitignore file
# to prevent exposing your sensitive data.


# Import libraries
import os
from dotenv import load_dotenv


# Load .env file
load_dotenv()

# use the variable names as defined in .env file
api_key = os.getenv("API_KEY")
api_secret = os.getenv("API_SECRET")

That's it for this topic. Thank you for reading!

Enjoyed this article?

Share it with your network to help others discover it

Continue Learning

Discover more articles on similar topics