Environments & Variables
Creating an environment
Open the environment selector in the top-right corner of the window. Click New environment, give it a name, and add key-value pairs. Switch environments at any time; variable values update immediately across all open requests.
Variable syntax
Reference a variable anywhere in a request (URL, headers, query parameters, or body) using double curly braces:
https://{{base_url}}/api/users/{{user_id}}
Authorization: Bearer {{token}}
Variables are resolved at send time from the active environment. Unresolved variables are highlighted in the editor and interpolate to an empty string at send time.
Scripts can read and write variables at run time with ic.env.get() and ic.env.set(). Changes propagate to later requests in a collection run. See Scripts.
Folder variables
Each folder can define its own variables, separate from environments. Folder variables are scoped to requests within that folder and its subfolders. They are useful for base URLs or shared tokens specific to a service group.
Resolution order, from highest precedence to lowest: the nearest folder, then ancestor folders outward, then the active environment. The closest definition of a key wins.
Secrets
Mark any variable as a secret by enabling the Secret flag. Secret values are:
- Masked in the UI
- Encrypted at rest in the local database
- Replaced with
REDACTEDin collection exports (the key is kept, the value is not) - Never transmitted in telemetry or bug reports
Secret values are encrypted at rest with AES-256-GCM. The encryption key is derived from a machine identifier, so the database file cannot be decrypted if copied to another machine. It does not protect against software running as you on this machine, which can derive the same key. Treat your machine and user account as the trust boundary. For full details, see Privacy & Data.