Environment Variables

Some APIs require additional data to authenticate or connect to your app. You may need a custom API key to pass to the API, along with users’ authentication credentials. Or you might want to set a sub-domain, role, user permissions, or other API configurations differently for your beta integration and live, active versions of your integration.

Zapier’s environment variables let you set these on a per-version basis for your app. Much like in local development environments such as the one in Zapier’s CLI developer platform, environment variables store key and value pairs outside of your app’s API calls. Instead of hardcoding critical, secret values into your API authentication, trigger, and action calls, it’s best to add them as environment variables in your app’s Advanced settings, then reference the environment variable in your API calls.

Tip: Zapier’s built-in OAuth v2 Authentication automatically includes client ID and client secret fields, for two of the most commonly used environment variables. Only use the custom environment variables for other variables.

How to Add Environment Variables

Zapier Environment Variables Add any environment variables you need in key and value pairs

To add environment variables, open your integration in Zapier visual editor and select the Advanced tab in the left sidebar. There you can add your environment variables including a key and a value for each. Click Add to include additional environment variables, or click the x icon to remove variables if needed.

How to Reference Environment Variables

Use Zapier Environment Variable Use environment variables in Zapier’s API call forms or in custom code

The easiest way to use environment variables in any Zapier integration API call is through the Request Body form. Add your API URL, then click the Show Options link and select Request Body to see the data Zapier will send to your API. Add a new row, then enter your environment variable key as your API expects, then reference the environment variable in Zapier with the following text, replacing YOUR_KEY with your actual key:


Zapier will then replace that variable with the value for that key from your Advanced settings—and will use the correct value every time if you change it in the future.

You can reference environment variables directly in your API calls the same way—though it’s best practice to include them in Zapier’s default request body instead. You can also reference them in custom code if you switch your API call to code mode.

How to Change Environment Variables

Edit Zapier Environment Variables You can change environment variable values, but not the original keys

Need to change your environment variables for a new version of your integration, or before releasing your beta integration to the public? Open the Advanced page in Zapier visual editor, and this time edit the text in the Values column with the new variable values. You cannot edit the keys.

If you need to change a key and its value, first delete the old key, then add a new one instead.

Computed Fields

Zapier Computed Fields

When adding an input field in your integration’s authentication, Zapier includes a Field Type option with two field options: Field and Computed Field. The former is a standard input field much like those in the trigger and action input designer, where users enter info needed for authentication.

Note: Only use computed fields with session and OAuth v2 authentication.

Computed Fields, on the other hand, store values obtained from an integration’s API test call, so they can be referenced in your integration’s subsequent API calls. Use the same field key as the name your API uses for this field. Zapier then will match the API test call’s output to your computed field, make sure the response includes that field, and will show an error if that field is not included. You can then reference the field in any subsequent API call from your integration from the input bundle with the following text, replacing field with your field key:


Zapier stores all fields returned by authentication API test call and auth process. Computed fields are marked as required so Zapier watches specifically for those fields in the response data. If the auth process does not return fields marked as computed fields, Zapier will show an error. For example, if using OAuth v.2 authentication, Zapier will store all fields returned by the getAccessToken request, and will show an error if the response doesn’t include an access token along with any fields you marked as computed fields. You could use a computed field, then, to reference a field that the getAccessToken call returns if you need to use it in subsequent API calls.

How to Use a Field From the Test API Call as a Computed Field?

Zapier stores every field from the core API authentication calls in OAuth v2 and Session auth, but does not store the responses from the test API call. If you need to use the data from a test API call later in your Zapier integration, you need to instead have Zapier call that API along with your Token Exchange Endpoint or Authorization URL call.

To do that, use the Code Mode option and add custom code to have Zapier call both the URL needed for the authorization step and with your test API call. You can then include computed fields for data returned from either API call and reference them in later steps.

Zapier Data Bundles

Zapier stores data from users’ authentication and input forms for API calls in the bundle object. You can reference that data in your integration using {{bundle.bundleName.field}} text in API requests and connection labels, replacing bundleName with the bundle name and field with the input field key or API response field key you need. You can also reference bundles in custom code if you switch to code mode, using the same name but without the curly brackets, for example return bundle.bundleName.field; to have JavaScript code return a specific field.

If an API response includes a nested field, you can reference it as field.nestedfield, for example {{bundle.inputData.data.name}} to reference a name nested field inside the data field.

Zapier integrations include the following bundles:


Referenced with: {{bundle.authData.field}}

Includes data users enter into the authentication input form, including the username field for Basic Auth and any other field added to the authentication input form with other authentication methods. Additionally, with OAuth v2, Session Auth, and Digest Auth, authData includes all data returned by the Token Exchange Endpoint url, referenced with the following, replacing field with the field name from your API response:


For example, the Access Token value will often accessed via {{bundle.authData.access_token}} or {{bundle.authData.accessToken}}

Commonly used authData fields include:

  • Username: {{bundle.authData.username}}
  • Password: {{bundle.authData.password}}
  • Access Token: {{bundle.authData.access_token}} or {{bundle.authData.accessToken}}


Referenced with: {{bundle.inputData.field}}

In authentication fields and connection labels, inputData contains the output fields returned from the test API call, typically used to add a label to new integration connections.

In Trigger and Action steps, inputData contains the data from input forms that users enter themselves which Zapier passes to the app with that Trigger or Action’s API call, with {{curlies}} mapped fields from previous Zap steps rendered with their raw data.

If you want the input field data with the original {{curlies}} and not the text from previous steps, use {{bundle.inputDataRaw.field}} instead.

Commonly used inputData fields include:

  • Zapier Redirect URI: {{bundle.inputData.redirect_uri}}
  • Authentication Code: {{bundle.inputData.code}}

rawRequest and cleanedRequest

Note: Only used with the getAccessToken data from OAuth v2 authentication

Referenced with: {{bundle.rawRequest}} or {{bundle.cleanedRequest.field}}

Includes the raw or cleaned info, respectively, from the user’s browser request that triggers the getAccessToken call from OAuth v2 authentication. Can reference individual fields with cleanedRequest.


Referenced with: {{bundle.targetUrl}}

In triggers using REST hooks, this returns the URL a site should send data to, such as https://hooks.zapier.com/1234/abcd.


Referenced with: {{bundle.subscribeData}}

In triggers using REST hooks, this includes the data from the performSubscribe function which is used if you need to send a DELETE request to your server to stop sending webhook data to Zapier


Referenced with: {{process.env.field}}

Commonly used process.env fields include:

  • Client Secret: {{process.env.CLIENT_SECRET}}
  • Client ID: {{process.env.CLIENT_ID}}

Have any feedback or questions? Let us know.