The security problem of openaiApiKey in the server #176
-
|
How can I send openaiApiKey to the server through POST instead of writing API-KEY to the environment variable in advance? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
|
Hey, with 1.28.0, you can now leave {
"message": "hi",
"clientOptions": {
"openaiApiKey": "sk-xxxxxxx"
}
}Please make sure to read through the documentation for the Additionally, you should read through the comments for |
Beta Was this translation helpful? Give feedback.
Hey, with 1.28.0, you can now leave
settings.chatGptClient.openaiApiKeyblank and provide it in the POST request like this:{ "message": "hi", "clientOptions": { "openaiApiKey": "sk-xxxxxxx" } }Please make sure to read through the documentation for the
clientOptionsparameter in the readme's Endpoints > POST /conversation section.Additionally, you should read through the comments for
perMessageClientOptionsWhitelistinsettings.example.jsto ensure you only whitelist the options you want users to be able to override (otherwise they can do things like change the model or enable the client's debug mode, etc.).