Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/nayalsaurav/resume-analyzer/llms.txt

Use this file to discover all available pages before exploring further.

Resume Check Karo integrates four external services — PostgreSQL (via Prisma), Google Gemini AI, Clerk authentication, and ImageKit file storage — each of which requires credentials supplied through environment variables. This page is the authoritative reference for all eight required variables: what each one controls, an example value, and exactly where to obtain it.

Quick-Start Template

Copy this block into a .env.local file at the root of your project and replace every placeholder with your real credentials before running npm run dev.
# .env.local — never commit this file to version control

# Database (Prisma / PostgreSQL)
DATABASE_URL="postgresql://user:password@host:5432/dbname"

# Google Gemini AI
GOOGLE_API_KEY="AIza..."
GOOGLE_AI_MODEL="gemini-1.5-flash"

# Clerk Authentication
NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY="pk_test_..."
CLERK_SECRET_KEY="sk_test_..."

# ImageKit File Storage
NEXT_PUBLIC_IMAGEKIT_URL_ENDPOINT="https://ik.imagekit.io/your_imagekit_id"
IMAGEKIT_PUBLIC_KEY="public_..."
IMAGEKIT_PRIVATE_KEY="private_..."
CLERK_SECRET_KEY and IMAGEKIT_PRIVATE_KEY are server-only secrets. Never prefix them with NEXT_PUBLIC_ and never reference them in any client component or client-side utility. Doing so would bundle them into the browser JavaScript bundle and expose them publicly.

Variable Reference

Database

DATABASE_URL
string
required
The full PostgreSQL connection string used by Prisma to connect to your database. This must point to a running PostgreSQL instance — locally or hosted.Example value:
postgresql://user:password@host:5432/dbname
Where to get it: Copy the connection string directly from your database provider’s dashboard:
  • Neon → Your project → Connection Details → Connection string
  • Supabase → Project Settings → Database → Connection string (URI mode)
  • Railway → Your PostgreSQL service → Connect tab → Postgres Connection URL
After setting this variable, run npx prisma migrate deploy (production) or npx prisma migrate dev (local) to apply the schema.

Google Gemini AI

GOOGLE_API_KEY
string
required
Your Google Gemini API key, used by lib/google.ts to authenticate every call to the Gemini generative AI API. This key grants access to all Gemini models available on your Google AI account.Example value:
AIzaSyD...
Where to get it: Go to Google AI StudioGet API keyCreate API key in new project (or select an existing project). The key is prefixed with AIza.
GOOGLE_AI_MODEL
string
required
The name of the Gemini model Resume Check Karo should use for resume analysis. This value is read at runtime from lib/google.ts, so you can switch models without changing any source code.Example value:
gemini-1.5-flash
Recommended values:
ModelBest For
gemini-1.5-flashFaster responses, lower cost — suitable for most resumes
gemini-1.5-proMore accurate analysis for complex or senior-level resumes
Where to get it: Pick a model name from the Google AI model catalog. No separate credential is needed — your GOOGLE_API_KEY covers all models.

Clerk Authentication

NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY
string
required
The Clerk publishable key used by the @clerk/nextjs client-side SDK to initialize the Clerk authentication UI (sign-in, sign-up, user button). Because this key is prefixed with NEXT_PUBLIC_, it is bundled into the browser JavaScript and is safe to expose.Example value:
pk_test_aGVsbG8td29ybGQtMC5jbGVyay5hY2NvdW50cy5kZXYk
Where to get it: Clerk Dashboard → Select your application → API KeysPublishable key.
CLERK_SECRET_KEY
string
required
The Clerk secret key used by the @clerk/nextjs server-side SDK to verify session tokens, protect API routes, and fetch user data from Clerk’s API. This key is server-only and must never be exposed to the browser.Example value:
sk_test_...
Where to get it: Clerk Dashboard → Select your application → API KeysSecret keys → reveal and copy.
Do not prefix this variable with NEXT_PUBLIC_. If exposed client-side, an attacker could impersonate any user in your Clerk application.

ImageKit File Storage

NEXT_PUBLIC_IMAGEKIT_URL_ENDPOINT
string
required
The base URL of your ImageKit media endpoint. Every uploaded resume or image asset is served from this URL. Because it is prefixed with NEXT_PUBLIC_, it is available in client components (e.g., app/providers.tsx) for rendering images directly in the browser.Example value:
https://ik.imagekit.io/your_imagekit_id
Where to get it: ImageKit DashboardURL endpoints → copy the default endpoint URL. It follows the pattern https://ik.imagekit.io/<your_imagekit_id>.
IMAGEKIT_PUBLIC_KEY
string
required
The ImageKit public key used to authenticate client-side upload requests. It is paired with an upload signature generated server-side using IMAGEKIT_PRIVATE_KEY to authorize the upload without exposing the private key.Example value:
public_abc123...
Where to get it: ImageKit DashboardDeveloper optionsAPI keysPublic key.
IMAGEKIT_PRIVATE_KEY
string
required
The ImageKit private key used server-side only to generate signed upload tokens. This key must never be sent to the browser or referenced in any client-side code.Example value:
private_xyz789...
Where to get it: ImageKit DashboardDeveloper optionsAPI keysPrivate key → reveal.
The private key grants full write and delete access to your ImageKit media library. Store it only in server-side environment variables and never log or return it in API responses.

Client vs. Server Variables

Variables prefixed with NEXT_PUBLIC_ are statically inlined into the client-side JavaScript bundle at build time. They are visible to anyone who inspects your site’s source code or network requests. Only use this prefix for values that are intentionally public (UI configuration, public API keys, public endpoints).
VariableVisibilitySafe to expose?
DATABASE_URLServer only❌ Never
GOOGLE_API_KEYServer only❌ Never
GOOGLE_AI_MODELServer only✅ Not sensitive, but no need to expose
NEXT_PUBLIC_CLERK_PUBLISHABLE_KEYClient + Server✅ Designed to be public
CLERK_SECRET_KEYServer only❌ Never
NEXT_PUBLIC_IMAGEKIT_URL_ENDPOINTClient + Server✅ Designed to be public
IMAGEKIT_PUBLIC_KEYClient + Server✅ Safe (used for upload auth only)
IMAGEKIT_PRIVATE_KEYServer only❌ Never

Local vs. Production Setup

For local development, place all variables in a .env.local file at the project root. Next.js loads this file automatically and it is listed in .gitignore by default — your credentials will never be accidentally committed.For production on Vercel, enter each variable through Vercel Dashboard → Settings → Environment Variables. Vercel encrypts secrets at rest and injects them as environment variables at build and runtime, so you never need a .env file on the server.For other hosting providers, use their equivalent secret manager (e.g., Railway variables, Render environment groups, or AWS Secrets Manager) rather than committing any .env file to your repository.

Build docs developers (and LLMs) love