Integration Account Console

Overview

The Integration Account Console is our LCARS-inspired command center for wiring every third-party credential that ValkyrAI touches. It unifies:

• LLM credentials (OpenAI, Gemini, internal SecureKey adapters) consumed by LlmController and AiChatModule.
• ExecModule integrations across messaging, social, billing, storage, and RevOps connectors generated by ThorAPI.
• Operational credentials used by billing (Stripe), GitHub automations, and workflow-driven GitOps.

The new console lives at /integration-accounts in the web app and ships with:

• Hero metrics for readiness/verification counts and ExecModule coverage.
• A templated catalog for every ExecModule metadata entry (getAllExecModuleMetadata) plus curated “one-click” providers (OpenAI, Gemini, Gmail, Stripe, Twilio, Slack, HubSpot, Salesforce, SecureKey).
• Inline linking that patches ExecModules via Thor’s updateExecModuleMutation immediately after an IntegrationAccount is created.
• Full reuse of Thor-generated CRUD UX (IntegrationAccountTable, RTK Query services) to stay inside the generated contract.

Why it matters

• Workflow Studio needs IntegrationAccounts to execute modules—missing credentials block the canvas.
• Billing + Credits flows rely on Stripe IntegrationAccounts so charges and usage reporting stay connected.
• GitHub/GitOps automations now have a first-class surface to manage PATs and workspace tokens.
• Zero-trust posture stays visible: any IntegrationAccount backed by SecureKey exposes its status in the hero metrics.

UI Regions

1. Hero analytics – counts total accounts, READY/VERIFIED status, SecureKey-backed records, and ExecModule linkage health.
2. Active accounts panel – embeds Thor’s IntegrationAccountTable for deep edit, QBE, and permission operations.
3. Coverage radar – contextual summary of ExecModules waiting on credentials plus quick filters/search.
4. Template grid – dynamic, category-filtered cards for every ExecModule plus curated providers. Cards surface doc links, accent colors, and existing linkage counts.

Using the Template Modal

1. Click Configure on any template (e.g. “OpenAI Platform” or “Slack Post”).
2. The modal pre-fills the IntegrationAccount form with sensible defaults (READY, verified=false, recommended field labels/placeholders).
3. Select ExecModules to auto-link. The console defaults to unlinked modules in that class to close the gap quickly.
4. Submit once—ThorAPI creates the IntegrationAccount and immediately calls updateExecModule with the new ID for each selection.

Workflow Studio Quick Create

• The IntegrationAccountSelector inside Workflow Studio now launches the same template catalog in a compact modal.
• The selector preloads context (module name, class, type) so the best-matching template is highlighted and credential fields are pre-filled.
• Saving from the quick modal patches the active ExecModule via updateExecModule, ensuring drag-and-drop nodes become runnable without leaving the canvas.
• Operators can jump to the full /integration-accounts console when they need bulk edits, but most day-to-day wiring happens inline.

Included One-click templates

• OpenAI Platform – API key + org ID bound to LlmController and OpenAI ExecModules.
• Google Gemini – AI Studio key for the Gemini multimodal adapter.
• Gmail Service Account – App password / refresh token for inbound/outbound automation.
• GitHub Enterprise – PAT for GitHub automation ExecModules and Valor GitOps.
• Stripe Billing – Secret key for Credit/Billing workflows; links to the Stripe ExecModule documentation.
• Twilio Messaging, Slack Workspace, Google Calendar, Salesforce CRM, HubSpot Automation, and SecureKey Bridge for vault-backed secrets.

Every other ExecModule is generated into the grid via getAllExecModuleMetadata(), so new modules automatically appear with default credential hints.

Security & Governance

• IntegrationAccounts persist encrypted values (apiKey, password) via ThorAPI’s secure-field pipeline; the console never renders the decrypted secret.
• SecureKey-backed accounts are highlighted and counted—operators can see how many integrations rely on vault indirections vs stored secrets.
• Forms encourage production readiness: the “verified” toggle marks Integrations that have passed smoke tests, helping change managers triage.
• Permissions remain controlled by Thor’s generated permission dialogs reachable via IntegrationAccountTable.

Operational Tips

• Testing: after creating a new IntegrationAccount, trigger a workflow from Workflow Studio that uses the linked ExecModule to verify immediately.
• GitHub & LLM pipelines: ensure PATs and API keys include billing scopes; the console surfaces accountId fields to map to organizations/projects for observability.
• Staging vs Production: duplicate credentials between environments by cloning IntegrationAccounts in the table, then swap to environment-specific SecureKey aliases.

Related Artifacts

• Workflow Engine / llm-adapter – describes how LlmController resolves IntegrationAccounts for AI providers.
• Execution-Modules / stripe-module – detailed usage of Stripe ExecModules that the console now configures in one click.
• workflow-architecture – overview of how ExecModules rely on IntegrationAccounts at runtime.

Deploy the console upstream to staging and wire at least one IntegrationAccount to validate end-to-end ExecModule execution before promoting to production.