Product Guides•stable•Updated 2026-06-19
Provider Keys
Store, test, and govern AI provider credentials from a dedicated secure admin surface.
What this menu is for
Provider Keys is the secure vault for AI provider credentials used by Kadryn workflows. Use it to add encrypted keys, test connectivity, review last usage, and remove stale credentials.
Provider keys are different from Kadryn API keys. Provider keys authenticate Kadryn to model providers. Kadryn API keys authenticate your systems to Kadryn.
What you can do
- Add supported provider credentials.
- Choose the provider and optional scope.
- Test whether a key can connect.
- Review last usage and last test status.
- Delete credentials that are no longer needed.
- Understand plan limits for provider count or allowed providers.
Security model
Only admins or users with explicit management permission should create, test, or delete provider keys. Read-only users can inspect posture without seeing the secret value.
Secrets should be encrypted at rest, redacted in the UI, excluded from logs, and never exposed to browser code after creation.
Recommended workflow
- Add one production provider key per provider and environment strategy.
- Test the key before relying on it.
- Route traffic or ingest usage.
- Confirm the key becomes used in runtime workflows.
- Remove stale, failed, or replaced keys.
Operational signals
- No key configured: cost visibility may require gateway or direct ingest setup.
- Not tested: validate before production.
- Last test failed: provider authorization or network access needs review.
- Last used is empty: the key may be unused or traffic may be routed differently.
- Plan limit reached: review Billing before adding more providers.