Skip to main content
SlackHive stores configuration in a .env file in the install directory. slackhive init generates this file with safe defaults. Most secrets can also be managed in the dashboard under Settings → AI Backend or Settings → Env Vars.
.env contains encryption keys and admin credentials. Never commit it.

AI backend credentials

SlackHive supports multiple agent runtimes. The active runtime is selected in Settings → AI Backend and persisted in the database, while credentials can come from login files, CLI-detected auth, or API keys.

OpenAI Codex / ChatGPT

Use one of these paths:
MethodVariable / fileNotes
ChatGPT login~/.codex/auth.json or CODEX_AUTH_JSONPreferred for subscription auth. The Settings page can start device auth and persist the resulting file.
API keyOPENAI_API_KEYBest for server deployments and predictable billing.
Custom binaryCODEX_PATHOptional. Points SlackHive at a specific codex binary.
Example:
OPENAI_API_KEY=sk-...
# CODEX_PATH=/usr/local/bin/codex

Claude Code / Anthropic

Use one of these paths:
MethodVariable / fileNotes
Claude login~/.claude/.credentials.json or CLAUDE_CREDENTIALS_JSONPreferred for Claude Pro/Max subscription auth.
API keyANTHROPIC_API_KEYBest for teams and server deployments.
Custom binaryCLAUDE_BINOptional. Points SlackHive at a specific claude binary.
Example:
ANTHROPIC_API_KEY=sk-ant-api03-...
# CLAUDE_BIN=/usr/local/bin/claude
If both a provider API key and subscription login are available, the explicit API key path is treated as deliberate server auth for that provider.

Backend status and detection

The dashboard header shows the active backend status:
StatusMeaning
ConnectedSlackHive can use the active backend now.
ExpiredA login token exists but must be refreshed. Run the provider login command or paste fresh auth in Settings.
DisconnectedNo usable credentials were found for the active backend.
Use Settings → AI Backend → Detect after running codex login or claude login on the host.

Dashboard authentication

slackhive init sets these from the prompts:
VariablePurpose
ADMIN_USERNAMESuperadmin login
ADMIN_PASSWORDSuperadmin password
AUTH_SECRETSigns session cookies. Rotating logs everyone out.
ENV_SECRET_KEYEncrypts stored secrets. Rotating breaks existing stored secrets.
Generate replacement secrets with:
openssl rand -hex 32
Do not rotate ENV_SECRET_KEY after initial setup without a migration plan. Stored AI backend credentials, Slack tokens, and MCP env vars become unreadable.
For disaster recovery, export a password-protected recovery key from Settings -> Backups. That file lets you recover encrypted secrets from a database backup without storing the plaintext ENV_SECRET_KEY beside the backup.

Platform

VariableDefaultPurpose
NODE_ENVproductionRuntime mode
PORTautoWeb server port, usually 3001
RUNNER_INTERNAL_PORTautoRunner control port, usually 3002
AGENTS_TMP_DIR~/.slackhive/agentsPer-agent workspaces and session directories
DATABASE_TYPEsqliteSQLite for CLI installs
ACTIVITY_DASHBOARDunsetLegacy flag for activity collection. Current installs normally keep tracing enabled through the app defaults.

Where data lives

PathContents
~/.slackhive/data.dbSQLite database: agents, memories, skills, activities, traces, settings
~/.slackhive/backups/SQLite backups and pre-restore safety snapshots
~/.slackhive/agents/<slug>/Agent workspace, sessions, instructions, skills, assigned wiki copies
~/.slackhive/knowledge/<folderId>/wiki/Compiled wiki for one Knowledge Library folder
~/.slackhive/logs/runner.logRunner log stream
~/.slackhive/runner.lockSingleton runner lock
~/.slackhive/slackhive.pidWeb server PID file
Use Backup & Recovery for database backups and recovery-key export. Snapshot ~/.slackhive/ separately when you also need generated workspaces, compiled wiki files, and logs.

Complete .env.example

# --- OpenAI Codex / ChatGPT ---
# OPENAI_API_KEY=sk-...
# CODEX_PATH=/usr/local/bin/codex

# --- Claude Code / Anthropic ---
# ANTHROPIC_API_KEY=sk-ant-api03-...
# CLAUDE_BIN=/usr/local/bin/claude

# --- Dashboard ---
ADMIN_USERNAME=admin
ADMIN_PASSWORD=change-me
AUTH_SECRET=generate-with-openssl-rand-hex-32
ENV_SECRET_KEY=generate-with-openssl-rand-hex-32

# --- Platform ---
NODE_ENV=production
DATABASE_TYPE=sqlite

Next steps

AI Backends

Configure Codex/OpenAI or Claude/Anthropic.

MCP Servers

Use the encrypted env store to pass secrets to MCP tools.