top of page

Environment Variables in Cypress


Hardcoding credentials, API URLs, or environment-specific values in tests is not ideal.It makes tests harder to maintain and can expose sensitive information.


Cypress provides several ways to manage environment variables, allowing tests to run across different environments (dev, QA, staging, production) without changing the test code.

This page is a reference for the most common approaches.


Why Use Environment Variables?


Environment variables help:

  • Avoid hardcoding credentials in test files

  • Run tests against different environments

  • Manage secrets securely

  • Keep test code reusable and cleaner


Common values stored as environment variables include:

  • API URLs

  • usernames and passwords

  • tokens

  • feature flags

  • environment-specific settings


1. Hardcoded Values (What NOT to Do)


Example of a login command with hardcoded credentials:

Problems with this approach:

  • credentials are exposed in the repository

  • not reusable across environments

  • difficult to maintain when values change


2. Using Environment Variables in cypress.config.js


A better approach is defining variables in the Cypress config.

These variables can now be accessed in tests using:

3. Updating the Login Command

The login command now becomes cleaner and more flexible.

Benefits:

  • credentials are no longer hardcoded

  • tests work across environments

  • easier configuration changes


4. Using Environment Variables for API URLs


Instead of hardcoding API endpoints:


Before

After

Now the same tests can run against different environments simply by changing the configuration.


5. Using cypress.env.json for Local Secrets


Another option is storing personal credentials in a separate file.

Example:


cypress.env.json

Important:

  • this file overrides values from cypress.config.js

  • it should never be committed to the repository


Add it to .gitignore.


This allows each developer to have their own credentials locally.


6. Passing Environment Variables via CLI


Environment variables can also be passed directly from the command line.

Example:


This overrides both:

  • cypress.config.js

  • cypress.env.json


Priority order:

7. Using NPM Scripts for Different Environments


You can create scripts for different environments.

Example package.json:

Run them using:

or


8. Using System Environment Variables (Best for CI)


The most secure approach is using process environment variables.

Example configuration:

Then run tests like this:

Now credentials are never stored in the project.


This approach works well with CI systems like:

  • GitHub Actions

  • GitLab CI

  • Jenkins

  • Azure DevOps


Key Takeaways


Cypress supports several ways to manage environment variables:

  1. cypress.config.js

  2. cypress.env.json

  3. CLI variables

  4. NPM scripts

  5. System environment variables


Recommended practice:

  • avoid hardcoded credentials

  • keep secrets out of the repository

  • use system environment variables in CI pipelines


Proper environment variable management keeps Cypress tests secure, reusable, and easier to maintain.

 
 
bottom of page