AuthSection: Model Provider Setup
TheAuthSection manages the AuthProfileRegistry by allowing operators to configure credentials for AI providers (OpenAI, Anthropic). It supports two primary credential types: static API keys and managed OAuth flows.
Implementation Details
- Profile Inventory: Displays a list of
AuthProfileViewobjects retrieved viaapi.listAuthProfiles()apps/web/src/console/hooks/useAuthDomain.ts#102-102. - Credential Storage: API keys are never stored in the clear within the configuration. They are persisted to the
palyra-vaultand referenced via aVaultRefcrates/palyra-daemon/src/openai_surface.rs#40-46. - Validation: Before saving a profile, the daemon performs a provider-specific probe (e.g., calling
/v1/models) to ensure the token is valid crates/palyra-daemon/src/openai_surface.rs#32-38.
Data Flow: API Key Connection
The following diagram illustrates the flow from the UI to the secure vault storage. Auth Credential Flow Sources: apps/web/src/console/sections/AuthSection.tsx#62-111, apps/web/src/console/hooks/useAuthDomain.ts#130-166, crates/palyra-daemon/src/openai_surface.rs#16-76.ConfigSection: palyra.toml Mutation
TheConfigSection provides a controlled interface for modifying the daemon’s configuration without manual TOML editing. It operates on a “Redact-Inspect-Mutate” lifecycle to prevent leaking secrets in the UI.
Key Functions
- Inspect: Retrieves a redacted version of the configuration and a list of available backups apps/web/src/console/sections/ConfigSection.tsx#174-200.
- Validate: Checks the current or proposed configuration against the internal schema apps/web/src/console/sections/ConfigSection.tsx#85-95.
- Mutate: Applies targeted changes to specific keys using the
mutateConfigSurfacefunction apps/web/src/console/hooks/useConfigDomain.ts. - Recover: Restores a previous configuration from a backup file apps/web/src/App.config-access-support.test.tsx#65-69.
Configuration Operations
| Operation | Code Entity | Description |
|---|---|---|
| Migrate | migrateConfigSurface | Upgrades palyra.toml to the latest schema version. |
| Mutate | mutateConfigSurface | Updates a specific key-value pair in the TOML document. |
| Recover | recoverConfigSurface | Replaces the current config with a selected backup. |
AccessSection & Node Pairing
TheAccessSection manages the security perimeter of the Palyra deployment. It handles device identity, mTLS trust states, and the pairing of new nodes (e.g., CLI instances or mobile companions).
Node Pairing Flow
Palyra uses a multi-step pairing process to establish trust:- Minting: An administrator generates a temporary PIN or pairing code apps/web/src/console/hooks/useSupportDomain.ts#119-142.
- Request: The remote node submits a pairing request using the code.
- Approval: The administrator reviews the request (device ID, IP fingerprint) in the
AccessSectionand approves or rejects it apps/web/src/console/sections/AccessSection.tsx#118-127.
Implementation Entities
useInventoryDomain: Manages the state of known devices and their trust status (Trusted, Revoked, Rotated) apps/web/src/console/sections/AccessSection.tsx#73-78.DeploymentPostureSummary: Provides details on network binding (loopback vs remote) and TLS status apps/web/src/console/fixtures/m56ControlPlane.ts#107-140.
SecretsSection
TheSecretsSection provides a dedicated interface for managing the palyra-vault. Unlike the ConfigSection, which handles structural settings, this section handles raw sensitive values.
Security Features
- Redaction by Default: Values are masked in the UI until an explicit “Reveal” action is taken apps/web/src/App.config-access-support.test.tsx#137-142.
- Scoped Storage: Secrets can be scoped to
globalor specific agents apps/web/src/App.config-access-support.test.tsx#70-73. - Metadata Visibility: The UI displays when a secret was last updated and its
VaultRef, but never the plaintext unless requested viaPOST /console/v1/secrets/revealapps/web/src/App.config-access-support.test.tsx#81-84.