@@ -8,7 +8,6 @@ directly from user input) and conveniently set them in the environment before ru
8
8
A credential provider tool looks just like any other GPTScript, with the following caveats:
9
9
- It cannot call the LLM and must run a command.
10
10
- It must print contents to stdout in the format ` {"env":{"ENV_VAR_1":"value1","ENV_VAR_2":"value2"}} ` .
11
- - Any args defined on the tool will be ignored.
12
11
13
12
Here is a simple example of a credential provider tool that uses the builtin ` sys.prompt ` to ask the user for some input:
14
13
@@ -50,6 +49,30 @@ credentials: credential-tool-1.gpt, credential-tool-2.gpt
50
49
(tool stuff here)
51
50
```
52
51
52
+ ## Credential Tool Arguments
53
+
54
+ Your credential tool may define arguments. Here is an example:
55
+
56
+ ``` yaml
57
+ name : my-credential-tool
58
+ args : env: the environment variable to set
59
+ args : val: the value to set it to
60
+
61
+ # !/usr/bin/env bash
62
+
63
+ echo "{\"env\":{\"$ENV\":\"$VAL\"}}"
64
+ ```
65
+
66
+ When you reference this credential tool in another file, you can use syntax like this to set both arguments:
67
+
68
+ ``` yaml
69
+ credential : my-credential-tool.gpt with MY_ENV_VAR as env and "my value" as val
70
+
71
+ (tool stuff here)
72
+ ```
73
+
74
+ In this example, the tool's output would be ` {"env":{"MY_ENV_VAR":"my value"}} `
75
+
53
76
## Storing Credentials
54
77
55
78
By default, credentials are automatically stored in a config file at ` $XDG_CONFIG_HOME/gptscript/config.json ` .
@@ -67,16 +90,30 @@ is called `gptscript-credential-wincred.exe`.)
67
90
There will likely be support added for other credential stores in the future.
68
91
69
92
::: note
70
- Credentials received from credential provider tools that are not on GitHub (such as a local file) will not be stored
71
- in the credentials store.
93
+ Credentials received from credential provider tools that are not on GitHub (such as a local file) and do not have an alias
94
+ will not be stored in the credentials store.
72
95
:::
73
96
97
+ ## Credential Aliases
98
+
99
+ When you reference a credential tool in your script, you can give it an alias using the ` as ` keyword like this:
100
+
101
+ ``` yaml
102
+ credentials : my-credential-tool.gpt as myAlias
103
+
104
+ (tool stuff here)
105
+ ```
106
+
107
+ This will store the resulting credential with the name ` myAlias ` , rather than using the name of the tool (if it comes from GitHub).
108
+ This is useful when you want to reference the same credential tool in scripts that need to handle different credentials,
109
+ or when you want to store credentials that were provided by a tool that is not on GitHub.
110
+
74
111
## Credential Contexts
75
112
76
- Each stored credential is uniquely identified by the name of its provider tool and the name of its context. A credential
77
- context is basically a namespace for credentials. If you have multiple credentials from the same provider tool, you can
78
- switch between them by defining them in different credential contexts. The default context is called ` default ` , and this
79
- is used if none is specified.
113
+ Each stored credential is uniquely identified by the name of its provider tool (or alias, if one was specified) and the name of its context.
114
+ A credential context is basically a namespace for credentials. If you have multiple credentials from the same provider tool,
115
+ you can switch between them by defining them in different credential contexts. The default context is called ` default ` ,
116
+ and this is used if none is specified.
80
117
81
118
You can set the credential context to use with the ` --credential-context ` flag when running GPTScript. For
82
119
example:
@@ -97,13 +134,17 @@ credentials in all contexts with `--all-contexts`.
97
134
You can delete a credential by running the following command:
98
135
99
136
``` bash
100
- gptscript credential delete --credential-context < credential context> < credential tool name>
137
+ gptscript credential delete --credential-context < credential context> < credential name>
101
138
```
102
139
103
140
The ` --show-env-vars ` argument will also display the names of the environment variables that are set by the credential.
104
141
This is useful when working with credential overrides.
105
142
106
- ## Credential Overrides
143
+ ## Credential Overrides (Advanced)
144
+
145
+ ::: note
146
+ The syntax for this will change at some point in the future.
147
+ :::
107
148
108
149
You can bypass credential tools and stored credentials by setting the ` --credential-override ` argument (or the
109
150
` GPTSCRIPT_CREDENTIAL_OVERRIDE ` environment variable) when running GPTScript. To set up a credential override, you
0 commit comments