Overview

Secrets and integrations let you connect deepset AI Platform to external models or services. These connections allow your pipeline components to use those services without including the API key directly in the component's configuration.

Scope

You can add secrets and integration at either the workspace or organization level:

• Workspace-level connections are available only to pipelines and indexes within that specific workspace.
• Organization-level connections are available to all workspaces in the organization.

If the same provider is connected at both levels, the workspace-level connection takes priority and is used in pipelines and indexes.

If you delete a workspace-level connection, but the same provider is connected at the organization level, the organization-level connection is used automatically.

How Do They Work

Each secret or integration sets an environment variable to store the API key. This way, pipeline components can access the key without you having to add it manually to the configuration. The API key is read from the environment variable.

Integrations

Integrations are most frequently used connections You can find them under Integrations in Workspace and Organization settings.

To connect to a listed provider, just enter your API key and any required details. The platform fills int he integration name for you.

Currently, on the Integrations page you can set up connections with the following model providers:

• Amazon Bedrock and SageMaker
• Azure OpenAI
• Cohere
• Google AI
• Hugging Face (only needed for private models hosted there)
• MongoDB
• NVIDIA
• OpenAI
• SearchAPI
• Together AI
• Voyage AI
• Weights & Biases

Supported integrations with data processing services and data sources are:

• Azure AI Document Intelligence
• DeepL
• Snowflake
• Unstructured

Secrets

Secrets let you connect to providers not listed on the Integrations page. Use them to:

• Securely manage API keys required for custom components to authenticate without hard coding them in pipeline YAMLs.
• Manage different API keys for development and production environments.

You can create multiple secrets for one provider, such as one for a development key and another for a production key. This makes it possible to easily swap keys in the pipeline configuration.

For Existing Components

If you're using an existing component (like LangfuseConnector), check its documentation to learn the correct name for the secret. The component reads the API key from a specific environment variable, so the secret name must match that variable name.

For Custom Components

If you're building a custom component, make sure your code uses an environment variable to get the API key. Then, use that variable name as the secret name in the platform.