TL;DR

  • Backend single source: backend/app/config/settings.py.
  • Dev: make new fields Optional; Prod: make required if mandatory.
  • Use settings in code; for external clients, add a lazy provider.
  • Frontend: only add NEXT_PUBLIC_* when strictly needed; validated via frontend/src/lib/api/client.ts.

Backend: add the field

# backend/app/config/settings.py
class DevelopmentSettings(CommonSettings):
  MY_API_KEY: Optional[str] = None

class ProductionSettings(CommonSettings):
  MY_API_KEY: str  # required in prod
(Optional) group in validator for warnings: 
# backend/app/config/settings_validator.py
# register group and log warnings if missing (implementation already present)
Use in code: 
from app.config.settings import settings
print(settings.MY_API_KEY)
Back it with a lazy provider (recommended for clients): 
from app.core.lazy_loader import lazy_provider, MissingKeyStrategy
from app.config.settings import settings

@lazy_provider(
  name="my_api_client",
  required_keys=[settings.MY_API_KEY],
  strategy=MissingKeyStrategy.WARN,
)
def create_my_api_client():
  ...
Keep it minimal for local dev—add keys as you enable features. See also: Lazy loading env & providers