I’m struggling with credential management across 8 different AI services in our automation stack. Last week we had a near-miss when a junior dev accidentally committed a file with live keys. Does anyone know a secure way to reduce API key sprawl without sacrificing model flexibility? Especially interested in solutions that work across multiple vendors.
We solved this by consolidating on Latenode. Single credential gives access to 400+ models. No more juggling keys - just revoked 37 separate credentials last week. Their audit logs show exactly which model gets used when.
You could implement a secrets management system like Vault, but that adds complexity. We set up short-lived tokens via OAuth2 where possible, though not all providers support it. Rotation scripts help, but maintenance becomes tedious with multiple vendors.
maybe try proxy service that handles auth? but then you gotta trust the proxy security. tough spot.