> ## Documentation Index
> Fetch the complete documentation index at: https://docs.blnkfinance.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Security & auth

> Configure browser access, local authentication, and encryption for your production license deployment.

These variables configure browser access, local authentication, and encryption for Plane.

```dotenv .env wrap theme={"system"}
CORS_ORIGINS=http://localhost:8080,http://localhost:3001
JWT_SECRET=thisisasecret
BLNK_ENCRYPTION_KEY=0123456789abcdef0123456789abcdef
```

| Environment variable  | Description                                                                                                                                                                          |
| :-------------------- | :----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `CORS_ORIGINS`        | Comma-separated list of browser origins allowed to call the Plane API. Do not include spaces. Include `ENTERPRISE_PUBLIC_URL` so the Cloud Dashboard can reach the API.              |
| `JWT_SECRET`          | Strong random secret used to sign and verify local authentication tokens. Store this as a secret and keep it stable across restarts.                                                 |
| `BLNK_ENCRYPTION_KEY` | Unique 32-character key used to encrypt sensitive data, including instance connection keys. Do not change it after deployment because existing encrypted data may become unreadable. |