Backend environment quickstart

This guide helps you configure your server to programmatically manage backend wallets. Unlike client-side integrations, backend setup requires an additional layer of security to protect the developer-controlled private keys managed by your application.

1. Get your credentials

To interact with backend wallets, you need two distinct credentials from the Openfort Dashboard.

2. Install the SDK

Openfort provides a high-level Node.js SDK to handle the heavy lifting of transaction signing and wallet orchestration.

npm install @openfort/openfort-node

3. Configure environment variables

Create a .env file in your project root. Add this file to your .gitignore to prevent leaking sensitive credentials.

# Your API Secret Key (starts with sk_test_ or sk_live_)
OPENFORT_SECRET_KEY=sk_test_...

# The Wallet Secret you generated in the dashboard
OPENFORT_WALLET_SECRET=ws_...

4. Initialize the SDK

To enable backend wallet functionality (create, sign, or export), pass the walletSecret into the Openfort configuration object during initialization.

import Openfort from '@openfort/openfort-node';
 
// Initialize with both API Secret and Wallet Secret
const openfort = new Openfort(process.env.OPENFORT_SECRET_KEY, {
  walletSecret: process.env.OPENFORT_WALLET_SECRET,
});
 
export default openfort;

Security best practices

To maintain the integrity of your backend wallets, follow these security guidelines:

• Never expose secrets: Ensure OPENFORT_WALLET_SECRET never reaches your frontend or client-side logs.
• Use a secret manager: For production, use services like AWS Secrets Manager, Google Secret Manager, or Doppler instead of plain .env files.
• Rotation policy: Periodically rotate your wallet secret to mitigate the risk of long-term credential exposure.

Next steps

Now that your environment is ready, you can start creating and managing programmatic accounts.