Skip to main content
GET
/
configuration
List Variables by Scope
curl --request GET \
  --url https://api.env0.com/configuration \
  --header 'Authorization: Basic <encoded-value>'
[
  {
    "name": "<string>",
    "scope": "SET",
    "type": 0,
    "organizationId": "<string>",
    "overwrites": {
      "scope": "SET",
      "scopeId": "<string>",
      "value": "<string>",
      "schema": {
        "type": "<string>",
        "enum": [
          "<string>"
        ],
        "format": "HCL"
      },
      "isReadonly": true,
      "isRequired": true,
      "isSensitive": true,
      "regex": "<string>"
    },
    "createdAt": "2023-11-07T05:31:56Z",
    "updatedAt": "2023-11-07T05:31:56Z",
    "value": "<string>",
    "id": "<string>",
    "userId": "<string>",
    "isSensitive": true,
    "isReadonly": true,
    "isRequired": true,
    "regex": "<string>",
    "scopeId": "<string>",
    "toDelete": true,
    "projectId": "<string>",
    "schema": {
      "type": "<string>",
      "enum": [
        "<string>"
      ],
      "format": "HCL"
    },
    "description": "<string>",
    "isOutput": true
  }
]

Authorizations

Authorization
string
header
required

env0 API authentication is done via API keys. An API Key can either be created by an organization administrator, in which case it will not be connected to any specific user, or via Personal API Keys to authenticate as a user.

Creating an API Key with a Specific Role

  • Once you've created your organization, you can set up and manage API Keys.

  • Navigate to the Organization Settings page and click the API Keys tab.

  • Click Add API Key and enter a name for your key in the Name field. This name is for reference purposes only and isn't used directly in authentication.

    ❗️Save Your API Key ID and secret The secret will not be available after you close this window.

Creating a Personal API Key

  • Click on your avatar (located on the top right of the screen)

  • Click on Personal Settings

  • Select the API Keys tab

  • Click Add API Key, and enter a name for your key in the Name field. This name is for reference purposes and isn't used directly in authentication.

    ❗️Save your API Key ID & secret The secret will not be available after you close this window.

Using an API Key to Authenticate

Authentication of the env0 API is done using the Basic Authentication method. Each request made should include the API Key ID as the username, and the API Key secret as the password. For example, when using curl, we can include these parameters via flag --user {API Key ID}:{API Key Secret}.

API Key Permissions

When creating an API key through the organization settings, you will need to choose if you’d like to grant it Organization Admin or User permissions. In case of the latter, you can assign fine-grained permissions per project. Personal API Keys can be created through the user’s profile page and will have the same permissions as the user has.

Rate Limits

env0 API allows up to 1K requests per 60 seconds, requests are aggregated by IP, HTTP Method and URI. If you exceed this limit, you will receive a 429 status code.

Query Parameters

organizationId
string
required

Used for querying variables defined on organization level

projectId
string

Used for querying variables defined on project level

blueprintId
string

Used for querying variables defined on blueprint level

environmentId
string

Used for querying variables defined on environment level

deploymentLogId
string

Used for querying variables defined for a specific deployment

workflowEnvironmentId
string

Used for querying variables defined on workflow environment level

workflowBlueprintId
string

Used for querying variables defined on workflow blueprint level

workflowBlueprintIdSubAlias
string

Used for querying sub environment blueprint variables, constructed as {workflowBlueprintId}:{subAlias}

setId
string

Used for querying variables defined in a configuration set

Response

200 - application/json
name
string
required
scope
enum<string>
required
Available options:
SET,
GLOBAL,
BLUEPRINT,
SUB_ENVIRONMENT_BLUEPRINT,
PROJECT,
WORKFLOW,
ENVIRONMENT,
DEPLOYMENT,
SET,
GLOBAL,
BLUEPRINT,
SUB_ENVIRONMENT_BLUEPRINT,
PROJECT,
WORKFLOW,
ENVIRONMENT,
DEPLOYMENT,
SET,
GLOBAL,
BLUEPRINT,
SUB_ENVIRONMENT_BLUEPRINT,
PROJECT,
WORKFLOW,
ENVIRONMENT,
DEPLOYMENT,
SET,
GLOBAL,
BLUEPRINT,
SUB_ENVIRONMENT_BLUEPRINT,
PROJECT,
WORKFLOW,
ENVIRONMENT,
DEPLOYMENT,
SET,
GLOBAL,
BLUEPRINT,
SUB_ENVIRONMENT_BLUEPRINT,
PROJECT,
WORKFLOW,
ENVIRONMENT,
DEPLOYMENT
type
enum<number>
required

Whether it is an Environment or Terraform variable 0 value maps to an Environment variable 1 value maps to an Terraform variable

Available options:
0,
1,
0,
1,
0,
1,
0,
1,
0,
1
organizationId
string
required
overwrites
object
createdAt
string<date-time>
updatedAt
string<date-time>
value
string
id
string

The ID of the configuration property. If provided, will act as an update. Otherwise, a new configuration property will be created.

userId
string
isSensitive
boolean
isReadonly
boolean
isRequired
boolean
regex
string
scopeId
string

The ID of the entity of the provided scope. e.g. a project's ID when the provided scope is PROJECT. Inapplicable for GLOBAL scope, as it has no specific entity.

toDelete
boolean
projectId
string
schema
object
  • type?: "string"
  • format: HCL | JSON | ENVIRONMENT_OUTPUT # default: null
    • ENVIRONMENT_OUTPUT is a special type used to indicate that the value is an output from the environment. The value format is: ${env0::} it will be resolved before deployment.
  • enum?: ["option1", "option2"]
    • Optional, for UI dropdown, works only without format. Note that if you want to update this list, you must provide the full updated list each time.
description
string
isOutput
boolean