Hi,
I’ve created my forest admin back end for use with my local development environment. The generated code includes a .env files with values for FOREST_AUTH_SECRET and FOREST_ENV_SECRET.
I don’t understand where these come from. I’ve scoured all the settings I could find in the admin interface, but I can’t see them there. It’s not clear if these are per project, or per developper.
For this reason, it’s also not clear how another develop would check out the project. If I add a developer to the team, would they need the exact same .env file to work locally?
Hello @timothyarmes, and welcome to our community 
Using forest-cli, the generated .gitignore ignore the .env, and it’s the expected behavior.
FOREST_AUTH_SECRET is used for the authentication process, and should be kept secret (And, for security purposes, different for every environment). You can set it to whatever you’d like, and it’s not a value that forest can access.
FOREST_ENV_SECRET however, is related to the current environment you are using. When deploying remote (Either staging or production environment), the forestadmin UI will give you new values for this environment variable.
You should also be able to create new development environment, either using forest-cli, or the Project settings > Environments tabs from the UI. This value can be seen as an API Key, and should not be shared. You should be able to read more infos about this here. A ForestAdmin project will most likely have multiple environments. Usually, one environment per developers, remote environment as you need them, and one production environment.
You can also read this part of the documentation about our development workflow, that contains a few commands to help onboard new developers on a projects, as well as collaborative work on your forestadmin UI layout.
Let me know if it was enough, or if you need more details 
1 Like
Hi,
Thanks for your response.
It’s clearer, but not totally clear 
.
So, can/should more than one developer work on the same development environment, or should they create one each?
Can you confirm that once they checked out the project, they’ll need the exact same .env, but with potentially a different FOREST_ENV_SECRET (depending on your answer to the above)
I’ve read through the branching page. Can more than one developer work on the same branch? If so, they presumable have to work on the same development environment…
1 Like
So, can/should more than one developer work on the same development environment, or should they create one each?
This is a potential source of conflict, and even though it may work, I would highly suggest to avoid sharing the same development environment/FOREST_ENV_SECRET.
Can you confirm that once they checked out the project, they’ll need the exact same .env, but with potentially a different FOREST_ENV_SECRET (depending on your answer to the above)
A few tweaks might be necessary (DATABASE_URL, APPLICATION_PORT, ...), but normally, except for FOREST_ENV_SECRET (and FOREST_AUTH_SECRET if you consider it useful/have security concerns), other environment variables can remain the same.
I’ve read through the branching page. Can more than one developer work on the same branch? If so, they presumable have to work on the same development environment…
Currently, it’s not possible to have multiple developers on the same branch. Our branching/development workflow is still “new”, but more features may come in the future.
Hope it’s clearer now, don’t hesitate if you have anymore question regarding this topic
1 Like
Good to know.
I’m marking the thread as resolved, but do not hesitate to open a new thread if you have any other questions