>>> [!note] Migrated issue <!-- Drupal.org comment --> <!-- Migrated from issue #3559849. --> Reported by: [mxr576](https://www.drupal.org/user/315522) >>> <h3 id="summary-problem-motivation">Problem/Motivation</h3> <p> The amazee.ai AI Provider module currently allows Amazee AI and vector database credentials to be stored in configuration by completing the authentication and setup flow at <code>/admin/config/ai/providers/amazeeio</code>.<br> Because active configuration is stored in the database by default and can also be exported to configuration files, using this flow in non-demo/trial environments encourages patterns where sensitive credentials end up inside the database and potentially in configuration exports. </p> <p> This behavior conflicts with common security expectations for production sites, where secrets are typically injected through environment-specific overrides (for example, in <code>settings.php</code>), not written into the site database.<br> The project&rsquo;s current documentation (project page and <code>README.md</code>) does not clearly explain how to configure credentials securely in production or how this differs from the demo/trial experience. </p> <h4 id="summary-steps-reproduce">Steps to reproduce</h4> <ol> <li>Install <code>ai_provider_amazeeio</code> on a non-demo environment (for example, staging or production).</li> <li>Visit <code>/admin/config/ai/providers/amazeeio</code> and complete the authentication / setup flow so that credentials are stored via the current UI.</li> <li>Inspect the database and configuration to see that credentials and environment-specific connection details are stored as active configuration. (See also <span class="drupalorg-gitlab-issue-link project-issue-status-info project-issue-status-7"><a href="https://www.drupal.org/project/ai_provider_amazeeio/issues/3559845" title="Status: Closed (fixed)">#3559845: Ignore environment-specific credentials in configuration for amazee.ai AI Provider</a></span>).</li> </ol> <h3 id="summary-proposed-resolution">Proposed resolution</h3> <p> Add and update documentation (on the Drupal.org project page and in <code>README.md</code> in the repository) to clearly distinguish between: </p> <ul> <li>A demo/trial setup path where credentials may stored in configuration for convenience by using the current setup flow on <code>/admin/config/ai/providers/amazeeio</code>.</li> <li>A recommended production setup path where Amazee AI and vector database credentials are provided via configuration overrides in <code>settings.php</code> or <code>settings*.php</code>, and not written into the database by using the setup flow at <code>/admin/config/ai/providers/amazeeio</code>.</li> </ul> <p> The documentation should explicitly recommend that in non-demo/trial environments, the relevant configuration keys for host, database, username, and password values are set by config overrides in PHP and are not created or updated by running the in-UI authentication process.<br> It should also reference the meta issue (<span class="drupalorg-gitlab-issue-link drupalorg-gitlab-link-wrapper"><a href="https://git.drupalcode.org/project/ai_provider_amazeeio/-/work_items/3559854" class="drupalorg-gitlab-link">https://git.drupalcode.org/project/ai_provider_amazeeio/-/work_items/3559854</a></span>) as related background on the module&rsquo;s evolving security model. </p> <h3 id="summary-remaining-tasks">Remaining tasks</h3> <ul> <li>Update the Drupal.org project page text to: <ul> <li>Describe the difference between demo/trial and production credential handling.</li> <li>Explain that in production, credentials must be provided via config overrides in <code>settings*.php</code>, and that running the UI authentication flow to persist secrets in configuration is discouraged.</li> </ul> </li> <li>Update <code>README.md</code> in the repository with: <ul> <li>A &ldquo;Security / Production configuration&rdquo; section explicitly outlining how to define credentials via config overrides.</li> <li>Example snippets for setting configuration overrides in <code>settings.php</code> (without including real secrets).</li> <li>References to the meta issue and <span class="drupalorg-gitlab-issue-link drupalorg-gitlab-link-wrapper"><a href="https://git.drupalcode.org/project/ai_provider_amazeeio/-/work_items/3559854" class="drupalorg-gitlab-link">https://git.drupalcode.org/project/ai_provider_amazeeio/-/work_items/3559854</a></span> for additional context on why this pattern is recommended.</li> </ul> </li> <li>Optionally add a note to the UI at <code>/admin/config/ai/providers/amazeeio</code> indicating that, for non-demo/trial environments, credentials should be configured via <code>settings*.php</code> and that this page is primarily intended for local/demo setups.</li> </ul> <h3 id="summary-ui-changes">User interface changes</h3> <ul> <li>Optional: Add help text or a link to documentation on <code>/admin/config/ai/providers/amazeeio</code> explaining that in production environments, credentials should be set via <code>settings*.php</code> overrides rather than stored in configuration.</li> <li>Optional: Add an administrative warning when credentials are stored in the database.</li> </ul> <h3 id="summary-api-changes">API changes</h3> <p>None.</p> <h3 id="summary-data-model-changes">Data model changes</h3> <p>None.</p>