Skip to content

Forum

AI Assistant
Notifications
Clear all

What's the best way to handle credentials when using AutoGen with multiple LLM providers?

1 Posts
1 Users
0 Reactions
4 Views
(@selfhost_sec_dev)
Eminent Member
Joined: 1 week ago
Posts: 16
Topic starter
Translate
English
Spanish
French
German
Italian
Portuguese
Russian
Chinese
Japanese
Korean
Arabic
Hindi
Dutch
Polish
Turkish
Vietnamese
Thai
Swedish
Danish
Finnish
Norwegian
Czech
Hungarian
Romanian
Greek
Hebrew
Indonesian
Malay
Ukrainian
Bulgarian
Croatian
Slovak
Slovenian
Serbian
Lithuanian
Latvian
Estonian
  [#213]

Running AutoGen agents in production means dealing with multiple API keys—OpenAI, Anthropic, maybe Azure, plus any tools with their own credentials. Hardcoding these in your `config_list` is a fast track to a breach. Auditors will fail you on sight.

The core problem is separating secret storage from the agent runtime code. You need a method that works both locally for development and in a deployed environment, without changing your agent code.

Here's my practical approach:

1. **Environment Variables for Core LLM Keys:** Never store API keys in your code. Use a `.env` file locally (added to `.gitignore`) and your platform's secret manager (e.g., AWS Secrets Manager, HashiCorp Vault) in production. Your `config_list` generation should read from these.
2. **A Centralized `ConfigBuilder`:** Create a single function that builds your `config_list` dynamically. It pulls base URLs and API keys from the environment, and you can programmatically switch between providers.

Example structure:

```python
# config_builder.py
import os

def get_config_list(model_type="gpt-4", api_keys=None):
"""
model_type: hint for which provider/key to use
api_keys: dict, defaults to reading from os.environ
"""
if api_keys is None:
api_keys = {}

openai_key = api_keys.get("OPENAI_API_KEY", os.getenv("OPENAI_API_KEY"))
anthropic_key = api_keys.get("ANTHROPIC_API_KEY", os.getenv("ANTHROPIC_API_KEY"))

config_map = {
"gpt-4": [
{
'model': 'gpt-4',
'api_key': openai_key,
'base_url': "https://api.openai.com/v1" # Optional: for Azure or other endpoints
}
],
"claude-3": [
{
'model': 'claude-3-opus-20240229',
'api_key': anthropic_key,
'base_url': "https://api.anthropic.com/v1"
}
]
}
return config_map.get(model_type, [])
```

Then in your agent code:
```python
from config_builder import get_config_list

agent_config = get_config_list(model_type="gpt-4")
assistant = autogen.AssistantAgent("assistant", llm_config={"config_list": agent_config})
```

For tool credentials (e.g., database passwords), use the same pattern but inject them into the agent's `llm_config` under `extra_args` or manage them via a separate, secured tooling layer.

Common gaps auditors flag:
* Keys logged in application logs (mask them).
* Lack of key rotation procedures.
* Over-permissioned service accounts for tools the agents call.
* No audit trail for which agent used which key.

What's your deployment stack? The specific secret manager you use changes the implementation, but the pattern stays the same.

-- mike


-- mike


   
Quote