Describe the feature you'd like to request
Description
Add an admin setting to prevent users from providing their own API keys, enforcing the use of administrator-configured API keys only.
Use Case
In enterprise environments, administrators may want stricter control over API key management:
- Ensure all API requests use centrally managed credentials
- Prevent accidental API key exposure by users
- Maintain consistent billing and usage tracking across the organization
- Reduce security risks from users storing API keys in their personal Nextcloud accounts
Current Behavior
- Users can optionally configure their own API keys in Personal Settings
- User-provided API keys take precedence over admin-configured keys
- There is no way for admins to restrict users from providing their own keys
Describe the solution you'd like
Desired Behavior
A new admin setting should allow administrators to:
- Disable personal API keys: When disabled, users cannot input their own API keys
- Enforce admin-managed keys: All API requests use only the centrally configured keys
- Backward compatibility: Default behavior remains unchanged (personal keys allowed)
- Graceful degradation: Existing user-configured keys are preserved but ignored when the setting is disabled
Implementation Details
Backend Changes
-
OpenAiSettingsService.php
- Add new config key:
allow_user_api_keys (boolean, default: true)
- Add getter:
getAllowUserApiKeys()
- Add setter:
setAllowUserApiKeys(bool $enabled)
- Include in
getAdminConfig() response
-
ConfigController.php
- Validate in
setSensitiveUserConfig(): Reject API key updates if allow_user_api_keys is false
- Return HTTP 403 (Forbidden) with message "User API keys are not allowed"
-
OpenAiAPIService.php
- Check
getAllowUserApiKeys() before falling back to user-provided keys
- Ignore user keys and use admin keys when setting is disabled
Frontend Changes
-
AdminSettings.vue
- Add new section: "User Permissions"
- Add toggle switch: "Allow users to provide their own API keys"
- Include help text explaining the impact
-
PersonalSettings.vue
- Hide API key input field when
allow_user_api_keys is false
- Show informational message: "Your administrator has disabled personal API keys"
-
Personal.php
- Provide initial state:
allow_user_api_keys value
Security Considerations
- ✅ Admin setting protected by existing
#[PasswordConfirmationRequired] validation
- ✅ Blocked API requests return HTTP 403 (not 500)
- ✅ Existing user keys preserved in database (for re-enabling the feature)
- ✅ No personal data exposure; only configuration privacy
Testing Strategy
-
When enabled (default)
- Users can configure personal API keys
- Personal keys take precedence over admin keys
- API key field visible in Personal Settings
-
When disabled
- Users cannot save personal API keys (HTTP 403)
- Existing user-configured keys are ignored
- Only admin-configured keys are used
- API key field hidden in Personal Settings
-
Setting toggle
- Admin disables the setting
- Existing user keys remain in database
- User keys are ignored
- Admin re-enables setting
- User keys resume working
Localization
New strings to translate:
- "User Permissions"
- "Allow users to provide their own API keys"
- "When disabled, users can only use the API keys configured by administrators."
- "User API keys are not allowed" (error message)
Backward Compatibility
- ✅ Default:
allow_user_api_keys = true (all existing installs unaffected)
- ✅ No database schema changes required
- ✅ Existing user keys preserved when setting changes
- ✅ No breaking changes to API endpoints
Related Issues
None (new feature request)
Additional Context
This feature enhances the enterprise suitability of the integration by providing administrators with fine-grained control over API key management policies.
Describe alternatives you've considered
Hide using Custom CSS app
Describe the feature you'd like to request
Description
Add an admin setting to prevent users from providing their own API keys, enforcing the use of administrator-configured API keys only.
Use Case
In enterprise environments, administrators may want stricter control over API key management:
Current Behavior
Describe the solution you'd like
Desired Behavior
A new admin setting should allow administrators to:
Implementation Details
Backend Changes
OpenAiSettingsService.php
allow_user_api_keys(boolean, default: true)getAllowUserApiKeys()setAllowUserApiKeys(bool $enabled)getAdminConfig()responseConfigController.php
setSensitiveUserConfig(): Reject API key updates ifallow_user_api_keysis falseOpenAiAPIService.php
getAllowUserApiKeys()before falling back to user-provided keysFrontend Changes
AdminSettings.vue
PersonalSettings.vue
allow_user_api_keysis falsePersonal.php
allow_user_api_keysvalueSecurity Considerations
#[PasswordConfirmationRequired]validationTesting Strategy
When enabled (default)
When disabled
Setting toggle
Localization
New strings to translate:
Backward Compatibility
allow_user_api_keys = true(all existing installs unaffected)Related Issues
None (new feature request)
Additional Context
This feature enhances the enterprise suitability of the integration by providing administrators with fine-grained control over API key management policies.
Describe alternatives you've considered
Hide using Custom CSS app