A single app always runs in multiple environments, including at least on your development machine and in production on Heroku. An open-source app might be deployed to hundreds of different environments.Although these environments might all run the same code, they usually have environment-specific configurations. For example, an app’s staging and production environments might use different Amazon S3 buckets, meaning they also need different credentials for those buckets.An app’s environment-specific configuration should be stored in environment variables (not in the app’s source code). This lets you modify each environment’s configuration in isolation, and prevents secure credentials from being stored in version control.On a traditional host or when working locally, you often set environment variables in your .bashrc file. On Heroku, you use config vars.
Config var keys should use only alphanumeric characters and the underscore character (_) to ensure that they are accessible from all programming languages. Config var keys should not include the hyphen character.
Config var data (the combination of all keys and values) cannot exceed 32kb for each app.
Config var keys should not begin with a double underscore (__).
A config var’s key should not begin with HEROKU_ unless it is set by the Heroku platform itself.
If you provision an add-on for your app, it usually adds one or more config vars to the app. The values of these config vars might be updated by the add-on provider at any time.