Provider credentials
Connect, validate, rotate, and remove model-provider credentials.
Connect your own provider credentials. LegionCode uses them to authenticate requests to the provider you choose; it does not resell model access.
How credentials are used
In the hosted product, provider credentials are submitted over HTTPS and stored server-side in encrypted form. The workspace returns connection metadata such as provider, status, and fingerprint; it does not return the secret value.
Cloud credentials are not local-only
Hosted cloud runs need server-side credentials to call your selected provider. Do not treat cloud credentials as browser-only or local-only secrets.
Plaintext credentials are used only when the runtime needs to call the selected provider for an approved run.
Connect and validate
Open provider settings, choose a provider, and enter the credential issued by that provider. LegionCode can validate supported credentials before marking the connection ready.
Validation confirms that the credential can reach the provider API at that moment. It does not guarantee access to every model in the provider catalog.
Rotation and removal
To rotate a key, create the replacement with the provider, update the LegionCode connection, verify it, and then revoke the old key at the provider.
Disconnecting removes the LegionCode credential record for that provider. You should still revoke a compromised or retired credential in the provider's own console.
Never paste credentials into chat messages, repository files, screenshots, logs, support tickets, or GitHub issues.