Skip to content

docs: add API key permissions/scopes documentation (#1841) #2005

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

docs: add API key permissions/scopes documentation (#1841) #2005

wants to merge 1 commit into from

Conversation

saifyxpro
Copy link

Summary

Adds comprehensive documentation for required permissions/scopes of all API keys used in bolt.diy to improve security and help users configure minimal required access.

Changes

  • New docs/api-keys.md file - Comprehensive API key permissions documentation
  • Updated README.md - Added reference link to new documentation
  • 📋 Documented 19+ AI providers with minimal required permissions
  • 🔐 Security best practices included for key management
  • 🛠️ Troubleshooting guide for common permission issues
  • 🌐 Cloud service integrations (GitHub, GitLab, Vercel, Netlify, Supabase)

Features Added

  • Detailed permission requirements for each API provider
  • Security best practices and key rotation guidelines
  • Environment variable setup instructions
  • Troubleshooting section for common issues
  • Links to provider documentation for obtaining keys

Related Issue

Fixes #1841

Testing

  • ✅ All API key environment variables documented
  • ✅ Documentation organized with clear table of contents
  • ✅ Security considerations properly addressed
  • ✅ Integration with existing README.md

@Stijnus Stijnus self-assigned this Sep 19, 2025
@Stijnus Stijnus self-requested a review September 19, 2025 20:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Stijnus Stijnus Awaiting requested review from Stijnus

Assignees

@Stijnus Stijnus

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Document required permissions/scopes for each API key

2 participants

@saifyxpro @Stijnus