Skip to main content

AI-safe Keys

TL;DR

Use short-lived, scoped bundles for AI sandboxes and MCP services. Issue ephemeral tokens with TTL and audit every issuance.

Why this matters

  • Reduces blast radius of exposed model/API keys.
  • Enables safe experimentation with generative models.
  • Provides an audit trail for each issuance.

Pattern overview

  1. Create an ai-sandbox bundle that contains placeholders for model access keys and a policy with a short default TTL (e.g., 1 hour).
  2. Use a service account or Admin to issue ephemeral credentials scoped to the sandbox.
  3. The MCP or sandboxed service uses the ephemeral credential and refreshes it via a secure service account flow.

Example bundle manifest

name: my-project/ai-sandbox
description: Ephemeral keys for AI experimentation
secrets:
  - key: OPENAI_API_KEY
    type: placeholder
    env_hint: OPENAI_API_KEY
policies:
  access: [role:Developer, role:Service]
  ttl_default: 1h

Issue an ephemeral key (example CLI flow):

# Admin or service account issues ephemeral token
envcat issue --bundle my-project/ai-sandbox --ttl 60m --scopes openai.chat.create --api-base http://localhost:8888

Service integration pattern

  • MCP (machine-controlled process) requests an ephemeral key using a service account credential.
  • MCP caches the key for the TTL and refreshes automatically.
  • All issuance events are logged in Audit.

Best practices

  • Use least-privilege scopes (only allow the model endpoints required).
  • Keep TTLs short (minutes to hours) for experimentation.
  • Rotate underlying provider keys regularly.
  • Log issuance events and alert on anomalous activity.

Troubleshooting

Problem: Issued token not accepted by provider

Solution: Confirm the provider-scoped token format matches the provider requirements. If using a provider-side delegated token, ensure the MCP is exchanging correctly.

Next steps

  • See Developer guide for CI usage: ../developer/bundle-as-code.md