From f6fb4a58657169747cd427a827f7a330f2b21a7a Mon Sep 17 00:00:00 2001 From: Ashwin Bharambe Date: Tue, 20 May 2025 19:41:43 -0700 Subject: [PATCH] add context to distinguish multiple credentials for the same (user, provider) --- docs/_static/llama-stack-spec.html | 9 ++++++++- docs/_static/llama-stack-spec.yaml | 11 ++++++++++- llama_stack/apis/credentials/credentials.py | 6 +++++- 3 files changed, 23 insertions(+), 3 deletions(-) diff --git a/docs/_static/llama-stack-spec.html b/docs/_static/llama-stack-spec.html index 974f20754..42afdae0d 100644 --- a/docs/_static/llama-stack-spec.html +++ b/docs/_static/llama-stack-spec.html @@ -577,7 +577,7 @@ "tags": [ "Credentials" ], - "description": "Create a new set of credentials for a given provider.", + "description": "Create a new set of credentials for a given provider. The unique key is (provider_id, context)", "parameters": [], "requestBody": { "content": { @@ -6750,6 +6750,13 @@ "ttl_seconds": { "type": "integer", "description": "The time to live for the credential in seconds. Defaults to 3600 seconds. When token_type is oauth2_authorization_code, the TTL is ignored and is obtained from the provider when exchanging the code for an access token." + }, + "context": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Context to distinguish between different credentials for the same provider. For example, for the MCP provider, this could be the toolgroup_id (which corresponds to a unique MCP endpoint)." } }, "additionalProperties": false, diff --git a/docs/_static/llama-stack-spec.yaml b/docs/_static/llama-stack-spec.yaml index d8f715a63..370a56a7e 100644 --- a/docs/_static/llama-stack-spec.yaml +++ b/docs/_static/llama-stack-spec.yaml @@ -394,7 +394,8 @@ paths: tags: - Credentials description: >- - Create a new set of credentials for a given provider. + Create a new set of credentials for a given provider. The unique key is (provider_id, + context) parameters: [] requestBody: content: @@ -4787,6 +4788,14 @@ components: The time to live for the credential in seconds. Defaults to 3600 seconds. When token_type is oauth2_authorization_code, the TTL is ignored and is obtained from the provider when exchanging the code for an access token. + context: + type: object + additionalProperties: + type: string + description: >- + Context to distinguish between different credentials for the same provider. + For example, for the MCP provider, this could be the toolgroup_id (which + corresponds to a unique MCP endpoint). additionalProperties: false required: - provider_id diff --git a/llama_stack/apis/credentials/credentials.py b/llama_stack/apis/credentials/credentials.py index 8ab4f7ab6..259403c10 100644 --- a/llama_stack/apis/credentials/credentials.py +++ b/llama_stack/apis/credentials/credentials.py @@ -59,8 +59,9 @@ class Credentials(Protocol): token: str, nonce: str | None = None, ttl_seconds: int = 3600, + context: dict[str, str] | None = None, ) -> str: - """Create a new set of credentials for a given provider. + """Create a new set of credentials for a given provider. The unique key is (provider_id, context) :param provider_id: The ID of the provider to create credentials for. :param token_type: The type of token to create. This is provided in the API to serve as lightweight @@ -70,6 +71,9 @@ class Credentials(Protocol): :param ttl_seconds: The time to live for the credential in seconds. Defaults to 3600 seconds. When token_type is oauth2_authorization_code, the TTL is ignored and is obtained from the provider when exchanging the code for an access token. + :param context: Context to distinguish between different credentials for the same provider. For example, + for the MCP provider, this could be the toolgroup_id (which corresponds to a unique MCP + endpoint). :returns: The ID of the created credential. """ ...