AI Startup Analyzer is configured entirely through environment variables. CopyDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/Abbaddii-99/AI-Startup-Analyzer/llms.txt
Use this file to discover all available pages before exploring further.
.env.example to .env at the repository root and fill in values before starting the backend. The frontend uses a separate apps/frontend/.env.local file with a single variable. The sections below document every variable, note which ones are required, and explain the effect each one has at runtime.
Database
AI Startup Analyzer uses Neon Postgres. Neon provides two connection strings per branch: a pooled string routed through PgBouncer that the running application uses for all queries, and a direct string that bypasses the pooler for operations that require a persistent connection — most importantly, Prisma migrations.Pooled Neon connection string used by the running application for all database
queries. Must include The URL must point to the pooler endpoint (hostname contains
?sslmode=require. Example:-pooler).
Using the direct endpoint here will exhaust connection limits under load.Direct (non-pooled) Neon connection string used exclusively by Prisma
migrations (This variable is read only during schema migration commands. The running
application never uses it for live traffic.
prisma migrate deploy / prisma migrate dev). Example:Redis
Redis is used for two purposes: BullMQ job queues that distribute analysis work to background workers, and an in-process response cache inAIService that stores AI-generated text for 24 hours to avoid redundant API calls. Both consumers connect using the same REDIS_HOST, REDIS_PORT, and REDIS_PASSWORD values.
Hostname of the Redis server. Defaults to
localhost when not set. For
managed services such as Upstash, the AIService automatically enables TLS
when the hostname contains upstash.TCP port the Redis server listens on. Defaults to
6379 when not set.Password for Redis authentication. Leave empty for local development instances
running without authentication. Required in production — any deployment using
Redis without a password is an open cache.
AI Providers
At least one AI provider key must be set for the analysis pipeline to run.AIService checks for OPENROUTER_API_KEY first; if that key is present and not the placeholder value it calls OpenRouter (defaulting to openai/gpt-4o-mini). If only GEMINI_API_KEY is set, all generation goes through Google Gemini 2.0 Flash. Both keys may be set simultaneously — OpenRouter always wins in that case.
API key for the Google AI Studio Gemini API.
The service uses the
gemini-2.0-flash model. Required when
OPENROUTER_API_KEY is not set. The placeholder value
your-gemini-api-key is treated as absent by the service.API key for OpenRouter. When present and valid, this
provider takes priority over Gemini. The default model is
openai/gpt-4o-mini with a 4 000-token response limit. The placeholder
value your-openrouter-api-key is treated as absent by the service.Authentication
Secret key used to sign and verify JSON Web Tokens for session authentication.
Must be a long, random string. All existing tokens are invalidated when this
value changes, so treat it as a permanent production secret.
Expiry duration for issued JWTs in ms format.
Defaults to
7d (seven days). Use shorter values such as 1d for
higher-security deployments.OAuth 2.0 client ID from the Google Cloud Console.
Required only when Google OAuth login is enabled. Leave empty to disable the
/auth/google endpoint.OAuth 2.0 client secret corresponding to
GOOGLE_CLIENT_ID. Keep this value
private; it must never be exposed to browser clients.Full URL that Google redirects to after OAuth consent. Must match an
Authorized redirect URI configured in the Google Cloud Console exactly.
Default:
http://localhost:4000/auth/google/callback.Grounding
Grounding is the quality assurance layer applied to the final report after initial generation. Two independent strategies exist: a fast, deterministic rule-based pass and a heavier AI-assisted pass. Each is controlled by its own flag so you can disable AI grounding to reduce API quota consumption without disabling structural normalization.Set to
"false" to disable AI-based grounding. Any value other than
"false" — including absent — is treated as enabled (default: true). When
enabled and the quality evaluator detects low confidence or too many issues
in the generated report, the system sends a targeted re-generation prompt for
the weak sections only, up to one AI call per analysis request.Set to
"false" to disable rule-based grounding. Any value other than
"false" — including absent — is treated as enabled (default: true). When
enabled, deterministic normalization fixes are applied to the report (whitespace
normalization, duplicate risk de-duplication, score clamping to the 0–10 range)
without making any additional AI calls.Application
Runtime environment. Accepted values are
development, test, and
production. Affects NestJS logging verbosity and exception filter behaviour.
Default: development.TCP port the NestJS HTTP server listens on. Default:
4000.Full base URL of the frontend application. Used by the backend for CORS
configuration and OAuth redirect validation. Default:
http://localhost:3000.
Must be set to the public frontend URL in production.Full base URL of the backend API. Used internally for self-referential links
and health checks. Default:
http://localhost:4000.Frontend
The frontend reads a single environment variable fromapps/frontend/.env.local.
Base URL that the Next.js frontend uses for all API requests. Must point to
the running backend. Default:
http://localhost:4000. For Netlify deployments,
set this in the site’s environment variable settings to the production backend
URL.