docs(js): Quick Start guides: Auth tokens in env files

docs/platforms/javascript/guides/nextjs/manual-setup.mdx

@@ -16,7 +16,13 @@ description: "Learn how to manually set up Sentry in your Next.js app and captur
 Choose the features you want to configure, and this guide will show you how:
 
 <OnboardingOptionButtons
-  options={["error-monitoring", "performance", "session-replay", "user-feedback", "logs"]}
+  options={[
+    "error-monitoring",
+    "performance",
+    "session-replay",
+    "user-feedback",
+    "logs",
+  ]}
 />
 
 <PlatformContent includePath="getting-started-features-expandable" />
@@ -90,6 +96,7 @@ export default withSentryConfig(nextConfig, {
 ### Initialize Sentry Client-Side and Server-Side SDKs
 
 Create three files in your application's root directory:
+
 - `sentry.server.config.(js|ts)`
 - `sentry.edge.config.(js|ts)`
 - `instrumentation-client.(js|ts)`
@@ -220,7 +227,8 @@ Sentry.init({
 ```
 
 <Alert title="Tip">
-  Include your DSN directly in these files, or use a _public_ environment variable like `NEXT_PUBLIC_SENTRY_DSN`.
+  Include your DSN directly in these files, or use a _public_ environment
+  variable like `NEXT_PUBLIC_SENTRY_DSN`.
 </Alert>
 
 ### Register Sentry Server-Side SDK Initialization
@@ -433,7 +441,7 @@ module.exports = withSentryConfig(nextConfig, {
 });
 ```
 
-Alternatively, set the `SENTRY_AUTH_TOKEN` environment variable in your `.env` file:
+Set the `SENTRY_AUTH_TOKEN` environment variable in your `.env` file:
 
 ```sh {filename:.env}
 SENTRY_AUTH_TOKEN=___ORG_AUTH_TOKEN___

docs/platforms/javascript/guides/nuxt/manual-setup.mdx

@@ -51,7 +51,13 @@ Add the following overrides:
 Choose the features you want to configure, and this guide will show you how:
 
 <OnboardingOptionButtons
-  options={["error-monitoring", "performance", "session-replay", "user-feedback", "logs"]}
+  options={[
+    "error-monitoring",
+    "performance",
+    "session-replay",
+    "user-feedback",
+    "logs",
+  ]}
 />
 
 <PlatformContent includePath="getting-started-features-expandable" />
@@ -218,20 +224,29 @@ Check out the <PlatformLink to="/install/cli-import">`--import` CLI flag</Platfo
 
 To upload source maps for clear error stack traces, add your Sentry auth token, organization, and project slugs in the `sentry.sourceMapsUploadOptions` inside your configuration file:
 
-```javascript {filename:nuxt.config.ts} {3-9}
+<Alert>These `sentry` options only affect the **build time** of the SDK.</Alert>
+
+```javascript {filename:nuxt.config.ts} {3-10}
 export default defineNuxtConfig({
   modules: ["@sentry/nuxt/module"],
   sentry: {
     sourceMapsUploadOptions: {
       org: "___ORG_SLUG___",
       project: "___PROJECT_SLUG___",
-      authToken: "___ORG_AUTH_TOKEN___",
+      // store your auth token in an environment variable
+      authToken: process.env.SENTRY_AUTH_TOKEN,
     },
   },
 });
 ```
 
-<Alert>These `sentry` options only affect the **build time** of the SDK.</Alert>
+To keep your auth token secure, always store it in an environment variable instead of directly in your files:
+
+<OrgAuthTokenNote />
+
+```bash {filename:.env}
+SENTRY_AUTH_TOKEN=___ORG_AUTH_TOKEN___
+```
 
 While Nuxt generates source maps on the server side by default, you need to explicitly enable client-side source maps in your Nuxt configuration: