| | 39 | |
| | 40 | === Configuration of the API secrets |
| | 41 | Commercial AI models require user validation with credentials or an API secret connected to a user account to allow the model's operator to charge for using the model. //dj//**AI** hides these API secrets inside the web service so neither users nor briefing authors know them. If you have a large group of users, this reduces the risk that some users take the secrets home and use the company's account for their own purposes. Instead, //dj//*AI** asks the users for its own API secrets that users can only use in conjunction with predefined briefings that are normally not very useful for other types of application that they were meant for. |
| | 42 | |
| | 43 | In addition, since users only have the keys to an internal service, it's easier to restrict access to that service, for example, to a VPN, and to track usage per API secret. |
| | 44 | |
| | 45 | There are two different levels of API secrets: //user// and //briefing author// secrets. The different license models allow a different number of the two types of secrets. |
| | 46 | |
| | 47 | User secrets may only use the functions necessary to use the predefined briefings: |
| | 48 | * List the briefing names. |
| | 49 | * Use inference with one of the briefings. |
| | 50 | |
| | 51 | Briefing authors, in addition, may: |
| | 52 | * Create, modify or delete briefings. |
| | 53 | * Obtain a list of models available. |
| | 54 | * Use inference with a briefing other than the predifined ones, by passing the briefing to be used together with the input data. This is necessary for dynamically created briefings from terminology, ontology or other databases. |
| | 55 | |
| | 56 | The **FREE** edition only allows one briefing author secret and no user secrets. That means, you have exactly one user context with unlimited permissions. Apart from not being licensed to run the **FREE** edition in a multi-user context, this feature would make this quite unsafe. The editions with commercial licenses have a defined, maximum number of user and briefing author keys. If you configure more keys than allowed, the server will terminate with an error message. |
| | 57 | |
| | 58 | API secrets are configured in the file {{{appsettings.json}}} in the {{{djAI}}} program folder. This is the file content as you download it: |
| | 59 | {{{ |
| | 60 | { |
| | 61 | "Logging": { |
| | 62 | "LogLevel": { |
| | 63 | "Default": "Information", |
| | 64 | "Microsoft.AspNetCore": "Warning" |
| | 65 | } |
| | 66 | }, |
| | 67 | "AllowedHosts": "*", |
| | 68 | "Secrets": { |
| | 69 | "User": [ ], |
| | 70 | "BriefingAuthor": [ "7654321" ] |
| | 71 | }, |
| | 72 | "License": "" |
| | 73 | } |
| | 74 | }}} |
| | 75 | |
| | 76 | The secrets are configured in the fields {{{Secrets:User}}} and {{{Secrets:BriefingAuthor}}}. There is one briefing author secret configured, "7654321". Please change the secret to a safe value that's hard to guess. To add more values to one of the key types (for which you need a commercial license), add more api secrets in double quotes, separated by commas, like in this example: |
| | 77 | {{{ |
| | 78 | { |
| | 79 | ... |
| | 80 | "Secrets": { |
| | 81 | "User": [ "first_new_secret", "second_new_secret" ], |
| | 82 | "BriefingAuthor": [ "7654321", "another_briefing_author_secret" ] |
| | 83 | }, |
| | 84 | ... |
| | 85 | } |
| | 86 | }}} |
| | 87 | |
| | 88 | The field {{{ |
