Software Product Template

Athenian Secure API & Credentials Manager
product details.

Athenian Secure API & Credentials Manager centralizes encrypted API credential storage, admin management, and server-side access patterns for WordPress and Athenian integrations. It helps teams govern external API keys, secrets, and integration settings without exposing credentials across plugin code or frontend workflows while keeping data, permissions, and automation aligned with the broader Athenian Platform Ecosystem.

Woo product fieldsDescription HTMLACF media fieldsTheme-token styling

Athenian Secure API Key Manager is the credential security layer for Athenian WordPress and WooCommerce plugin ecosystems. It centralizes third-party API credentials into an encrypted, service-by-service storage model so integrations can safely retrieve secrets server-side without scattering raw keys across theme files, plugin options, frontend scripts, or one-off settings screens.

The plugin provides a WordPress-native admin interface, AES-256-GCM encryption at rest, masked credential display, PHP helper functions, admin-only REST routes, an OpenAI Responses API proxy, and WP-CLI commands for operational management. It is designed to support credentials for services such as OpenAI, Google Maps, Google SSO, Twilio, Facebook/Meta, Stripe, PayPal, AWS, SendGrid, and custom Athenian service registries.

For integration-heavy commerce environments, ASAKM creates a safer and more maintainable operating model. Administrators can see whether services are configured without exposing raw values, developers can retrieve credentials from one trusted server-side API, and support or DevOps teams can validate, rotate, and inspect credential status through admin tools or WP-CLI.

Within the broader Athenian Platform, Secure API Key Manager fits as the shared credential backbone for AI tools, quote intelligence, payment workflows, payout systems, messaging, mapping, social sign-on, shipping, vendor integrations, marketplace services, and future platform orchestration.

$99.99

SKU

Product Type

simple

Stock

In Stock
This item is available for immediate shipment.
Lead Time: 1-2 Business Days

Status

instock

Credential Security

Centralize Third-Party API Credentials in Encrypted WordPress Storage

Athenian Secure API Key Manager stores API keys, OAuth secrets, webhook
secrets, access tokens, cloud keys, and AI service credentials in encrypted
service-specific WordPress options, giving integrations a safer alternative
to hardcoded constants, scattered settings pages, or browser-exposed secrets.

Security Layer Operational Value
Encrypted Storage Encrypts each service configuration with aes-256-gcm, including IV, authentication tag, and ciphertext fields.
WordPress-Derived Keys Derives encryption material from WordPress authentication keys and salts instead of shipping a static plugin key.
Service Groups Stores credentials by service slug, such as OpenAI, Google Maps, Google SSO, Twilio, Meta, Stripe, PayPal, AWS, and SendGrid.
Non-Autoloaded Options Saves each encrypted credential group as a separate non-autoloaded WordPress option to avoid loading secrets on every request.
  • Stores service options using the asakm_<service_slug> option pattern, such as asakm_openai, asakm_stripe, and asakm_paypal.
  • Includes a filterable service registry through asakm/services_meta.
  • Allows other plugins to register custom credential groups while reusing the same secure storage and admin interface.
  • Defines ASAKM_LOADED so dependent plugins can detect whether the credential manager is available.

Operational Controls

Manage, Rotate, Validate, and Inspect Credential Status Without Revealing Secrets

ASAKM adds a WordPress admin workspace, masked credential display, safe
save behavior, admin-only REST diagnostics, and WP-CLI commands so teams
can configure and support integrations without exposing raw credential values.

Admin Workspace
Configure service credentials under Settings > Athenian API Keys
Masked Display
Show configured values safely without rendering raw secrets back to the browser
CLI Operations
Run diagnostics, validation, get/set/delete, and scripted credential rotation

Operations Layer How It Helps
Safe Updates Blank fields preserve existing values, a single hyphen clears a stored field, and delete actions remove the full service group.
Service Health Admin-only REST endpoints show configured/missing service status and masked service details without revealing secret values.
OpenAI Proxy Provides an admin-only server-side proxy pattern for OpenAI Responses API calls using stored OpenAI credentials.
WP-CLI Support Supports doctor checks, service listing, masked or raw reads, set/replace operations, deletion, and service validation from trusted shell environments.
  • Registers admin routes such as admin_post_asakm_save and admin_post_asakm_delete.
  • Provides REST routes such as /wp-json/asakm/v1/health, /wp-json/asakm/v1/status/<service>, and /wp-json/asakm/v1/proxy/openai.
  • Includes WP-CLI commands such as wp asakm doctor, wp asakm services, wp asakm get, wp asakm set, wp asakm delete, and wp asakm validate.
  • Restricts admin pages, save/delete actions, REST diagnostics, and proxy routes to users with manage_options.

Platform Credential Backbone

Give Athenian Plugins a Shared Server-Side Secret Retrieval Pattern

Athenian Secure API Key Manager exposes trusted PHP helper functions so
other plugins can fetch credentials server-side, register new service
groups, and build AI, payment, messaging, mapping, shipping, and marketplace
integrations without duplicating secret-storage logic.

Integration Surface Operational Purpose
Server-Side Helpers Provides PHP functions to fetch, read, save, and delete service credential groups from trusted plugin code.
Extensible Services Lets platform modules register their own credential fields through the shared service metadata filter.
AI Workflows Supports OpenAI-backed features such as quote intelligence, generation tools, admin assistants, and secure backend proxy patterns.
Athenian Ecosystem Fit Can support credentials for OwlPay, shipping managers, social sign-on, Twilio messaging, Google Maps, Stripe, PayPal, SendGrid, vendor APIs, and future Platform Core services.

One secure credential layer:
ASAKM gives administrators configuration visibility, developers a consistent
retrieval API, and operations teams safer tooling for supporting complex
API-driven WordPress and WooCommerce sites.

  • Provides helper functions including asakm_fetch(), asakm_get(), asakm_save(), and asakm_delete().
  • Supports usage patterns such as asakm_get('openai', 'api_key') and asakm_get('paypal', 'environment', 'sandbox').
  • Keeps raw credential access server-side and avoids exposing secrets through frontend-localized JavaScript variables.
  • Builds toward provider validation checks, audit logs, key-age tracking, rotation reminders, plugin consumer badges, environment labels, encrypted import/export for same-salt environments, and failure reporting for salt/key changes.