{# Plan 61/2b W2 — "Provider keys" tab body of /admin/llm. Lifted from the old `admin/pages/llm_keys.html` body (drop {% extends %}). The page-header lives in the parent (`llm.html`) so we only render the business chrome here. #} {% from 'admin/components/ui.html' import card, input, select, modal, empty_state, tooltip %}
Per-server credentials. Plaintext keys are encrypted at rest and never returned by the API. The boot health-check probes each row at startup — rotate any row flagged corrupt below. For a guided walkthrough use Add LLM key.
Run cmdop-admin llm-keys migrate-secret-box to re-encrypt rows with the new key, or deactivate-corrupt to soft-revoke unrecoverable rows. See troubleshooting.
will be marked inactive. Any in-flight calls finish, but new dispatches skip it. This is a soft-revoke; the row remains for audit.
| Provider | Name | Preview | Default {{ tooltip('Used for any model from this provider unless an alias overrides.') }} | Status | Created | Actions |
|---|---|---|---|---|---|---|
| default — | active revoked | — |