Handeling Open AI node API Key

KNIME Analytics Platform
1

I am using Knime desktop in my enterprise setting. I am connected using the Open AI node directly to my Company’s LLM Server (Ollama) in the production environment.

I use the API key generated and saved in the Credentials Configuration node to run my workflow. My IT security department is asking if there a better or more secure way to store this API keys? Because now each user will have their API keys stored on their Credentials Configuration node on their own Knime desktop.

Is there a better and more secure way to secure the API keys to my LLM for Knime desktop version?

Or i would have to move to the Knime server version to have better security? Also if i move over to the Knime server version what better security can be implemeneted to protect the API key to my LLM?

Thanks!

2

image
image790×853 91 KB

Why it says weakly encrypted here? What is the encryption algorithum used?

3

Hey there,

I think the most secure way on desktop is if you do not check the box “Save password in configuration”, but store your API key in a password manager of some sorts (KeePass?) and then enter it when your workflow prompts you when you open it every time.

This is not the most convenient way from a user perspective, but it avoids that your API key gets onto a different system should you share your WF.

I think for more security you are looking at KNIME Hub - there you can manage secrets that are stored more securely and you can retrieve them into your workflow…

Here’s the link to the docs:

https://docs.knime.com/latest/business_hub_secrets_guide/index.html#secrets