Environment Variables
Mia reads environment variables from two sources:
~/.mia/.env— Primary location. Created during setup. Takes precedence.- Process environment — Inherited from your shell.
API Keys
Section titled “API Keys”| Variable | Description |
|---|---|
ANTHROPIC_API_KEY | Anthropic API key for Claude Code plugin |
GEMINI_API_KEY | Google API key for Gemini plugin |
OPENAI_API_KEY | OpenAI API key for Codex plugin |
These keys are stored with 0o600 permissions (owner read/write only) and masked in logs (first 10 + last 4 characters shown).
Runtime Settings
Section titled “Runtime Settings”| Variable | Default | Description |
|---|---|---|
MIA_MAX_ITERATIONS | 15 | Maximum iterations per dispatch (limits tool use loops) |
MIA_DEBUG | 0 | Set to 1 to enable debug-level logging |
Authentication
Section titled “Authentication”Claude Max/Pro
Section titled “Claude Max/Pro”If you’re using Claude Code with a Claude Max or Pro subscription, authentication is handled via browser login:
mia setup# or directly:claude setup-tokenThis stores a long-lived token in ~/.mia/.env as ANTHROPIC_API_KEY.
Gemini OAuth
Section titled “Gemini OAuth”For Gemini, you can use either:
- API key: Set
GEMINI_API_KEYin~/.mia/.env - OAuth: Browser-based login flow (handles token refresh automatically)
Token Management
Section titled “Token Management”# View current auth statusmia doctor
# Re-authenticatemia setup
# Remove stored credentials# Delete the relevant line from ~/.mia/.envSecurity Notes
Section titled “Security Notes”- API keys in
~/.mia/.envare file-permission protected (0o600) - Keys are never logged in full — always masked
- P2P connections are encrypted end-to-end
- No credentials are sent to any server except the respective AI provider