diff --git a/.env.template b/.env.template
index 030538c..cfe2376 100644
--- a/.env.template
+++ b/.env.template
@@ -1,2 +1,2 @@
-ENOKI_PUB_KEY=
-GOOGLE_CLIENT_ID=
\ No newline at end of file
+NEXT_PUBLIC_ENOKI_PUB_KEY=
+NEXT_PUBLIC_GOOGLE_CLIENT_ID=
\ No newline at end of file
diff --git a/README.md b/README.md
index d430203..cff6375 100644
--- a/README.md
+++ b/README.md
@@ -156,7 +156,7 @@ You will need to set up a Google Auth API key to use the Google Sign-In feature
     ![Create OAuth client ID](images/create-credential.png)
 
 3. Select `Web application` as the application type.
-4. Add `http://localhost:3000/` to the `Authorized redirect URIs`.
+4. Add http://localhost:3000/ to the Authorized redirect URIs. For this project, also add http://localhost:3000/auth, otherwise Google will return a 400 error: redirect_uri_mismatch.
 
     Your setup should look something like this:
     ![OAuth setup](images/authorized-url.png)
diff --git a/app/layout.tsx b/app/layout.tsx
index b46bd8f..ef118b0 100644
--- a/app/layout.tsx
+++ b/app/layout.tsx
@@ -23,7 +23,7 @@ export default function RootLayout({
   return (
     <html lang="en">
       <SuiClientProvider networks={networkConfig} defaultNetwork="testnet">
-        <EnokiFlowProvider apiKey={process.env.ENOKI_PUB_KEY!}>
+        <EnokiFlowProvider apiKey={process.env.NEXT_PUBLIC_ENOKI_PUB_KEY!}>
           <body className={inter.className}>{children}</body>
           <Analytics />
           <Toaster closeButton  />
diff --git a/app/page.tsx b/app/page.tsx
index bfffb34..8020570 100644
--- a/app/page.tsx
+++ b/app/page.tsx
@@ -72,7 +72,7 @@ export default function Page() {
     const promise = async () => {
       window.location.href = await enokiFlow.createAuthorizationURL({
         provider: "google",
-        clientId: process.env.GOOGLE_CLIENT_ID!,
+        clientId: process.env.NEXT_PUBLIC_GOOGLE_CLIENT_ID!,
         redirectUrl: `${window.location.origin}/auth`,
         network: "testnet",
       });