Expand description
Multi-source credential resolution.
Reads API keys from multiple sources with clear priority:
OXIOS_<PROVIDER>_API_KEYenv var (containers/K8s)config.toml→[engine].api_key(explicit override)- oxios auth store (
~/.oxios/auth.json, viaOXI_HOME) — primary - shared oxi-cli store (
~/.oxi/auth.json) — backward-compat read fallback, so keys registered via the standaloneoxiCLI are still detected - oxi-ai env var fallback (CI/CD, containers)
Writes (store/onboarding/set_api_key) always target the oxios auth store
(~/.oxios/auth.json), keeping oxios’s credentials isolated in its own
product home. The shared ~/.oxi/auth.json is treated as read-only here.
Both the modern TokenBundle and the legacy oxi-cli
({"type":"api_key","key":"..."}) shapes are honored in either store.
Structs§
- Credential
Store - Multi-source credential resolver.
Enums§
- Credential
Source - Where a credential was found.
Functions§
- discover_
auth_ store_ providers - Discover all provider names stored in either auth store.