key-master¶
API key and secrets management
Key-Master provides secure storage and management for API keys, credentials, and other secrets used across the F3L1X ecosystem.
What It Does¶
Key-Master provides:
- Secure Key Storage - Encrypted storage for API keys and credentials
- Per-Realm Access - Control which realms can access which keys
- Key Rotation - Automated rotation schedules for security
- Audit Logging - Track all key access events
- BYOK Management - Manage your Bring-Your-Own-Keys for AI providers
Key Capabilities¶
Supported Key Types¶
| Key Type | Purpose |
|---|---|
| AI Provider Keys | Anthropic, OpenAI, Google API keys |
| Service Credentials | Supabase, Stripe, Railway tokens |
| Internal Secrets | Django SECRET_KEY, JWT signing keys |
| Custom Keys | Any key/value pair your realms need |
Access Control¶
Each realm declares which keys it needs in its CLAUDE.md. Key-Master only provides keys to authorized realms, preventing accidental exposure.
Important Notes¶
- Keys are stored locally on your machine - never uploaded to any server
- Always use Key-Master instead of hardcoding keys in .env files across realms
- Key-Master integrates with the BYOK model - your keys, your control
Related Realms¶
- Herald - Uses keys for JWT signing
- Login-Master - Uses Supabase credentials
- Sov-AI - May use API keys for cloud AI fallback
- All realms - Can request keys through Key-Master
Further Reading¶
- Security & Privacy - Data protection principles
- Installation Guide - Setting up API keys