API keys not persisted?
Last updated
Last updated
If your API keys are not persisted between app launches, it's likely that BoltAI wasn't able to access Apple Keychain. Follow this guide to grant BoltAI the permission.
Go to the Keychain Access app on your Mac. To open Keychain Access, search for it in Spotlight, then press Return.
Select "login" keychain. Search for the key BoltAI_openAIKey
(screenshot 1)
Open the password entry. Select tab "Access Control" (screenshot 2)
Click the + Plus button and select the BoltAI app.
Click "Save Changes" and restart BoltAI.
Keychain Access is a password management system used in Apple’s macOS and iOS operating systems. It securely stores and manages passwords, encryption keys, certificates, and sensitive data for applications and websites. Apple uses Keychain to allow users and apps to securely store credentials like passwords and tokens without requiring the user to manually re-enter them every time.
Why Keychain Access is More Secure
Encryption: All data stored in the Keychain is encrypted using strong encryption algorithms (AES-256). Only authorized apps or services can decrypt and access the stored data, ensuring that sensitive information is protected even if the device is compromised.
Access Control: Keychain restricts access to items using Access Control Lists (ACLs), allowing the owner to specify which applications or processes are permitted to access a given Keychain item. The user must authorize access through Face ID, Touch ID, or a password.
Hardware Integration: On devices with a Secure Enclave (like iPhones and newer Macs), the encryption keys for the Keychain are stored in this secure hardware, which is isolated from the rest of the system. This makes it incredibly difficult for attackers to access the keys, even if they have physical access to the device.
User Prompts for Sensitive Data: When an application requests access to a Keychain item, the system prompts the user for consent (e.g., Face ID, Touch ID, or password). This ensures that unauthorized apps cannot silently retrieve data without user awareness.
Protection Across Multiple Devices: On macOS and iOS, Keychain data can be synced across devices using iCloud Keychain. This ensures that even sensitive credentials can be accessed on multiple trusted devices securely.
MacOS may occasionally asks you if BoltAI can access secure data in your Keychain. Always click accept. Otherwise, BoltAI won't be able to persist your API keys.