Live demo of the InMemoryAiKeyVault + MapRichTextBoxAiKeyVaultAdmin()
admin REST endpoints. The form below calls POST, GET, and
DELETE on /richtextbox/ai/vault/keys — the same endpoints a
tenant-settings UI in your own app would call. Server-side state vanishes on app restart, so
feel free to upsert and revoke at will.
This demo registers the admin endpoints without auth so you can interact with them
directly. In production you wrap .MapRichTextBoxAiKeyVaultAdmin() with
.RequireAuthorization("AdminOnly") (or your own scheme) and call into them
from your tenant-settings page using the typed
@richscripts2/richtexteditor/admin client SDK.
| Key id | Tenant | Provider | Created | Last rotated | Action |
|---|---|---|---|---|---|
| Click List all to load the current state. | |||||
Same behaviour with the typed npm client — tenant-settings UIs use this in production:
import { createAdminClient } from "@richscripts2/richtexteditor/admin";
const admin = createAdminClient({
baseUrl: "/richtextbox/ai/vault/keys",
fetch: (url, init) => fetch(url, {
...init,
headers: { ...init?.headers, "Authorization": "Bearer " + adminJwt },
}),
});
await admin.upsert({ tenantId: "acme-corp", provider: "OpenAI", apiKey: "sk-..." });
const keys = await admin.list("acme-corp");
await admin.delete(keys[0].keyId);