Update documentation for setting API keys without revealing them

README.md

@@ -36,14 +36,29 @@ To use any AI model provider within this notebook, you'll need the appropriate c
 
 Obtain the necessary credentials, such as API keys, from your model provider's platform.
 
-You can set your keys using environment variables or in a code cell in your notebook.
-In a code cell, you can use the %env magic command to set the credentials as follows:
+You can set your keys in a code cell in your notebook or using environment variables.
+In a code cell, you can set the credentials as follows without revealing your key in the notebook:
 
 ```python
 # NOTE: Replace 'PROVIDER_API_KEY' with the credential key's name,
-# and replace 'YOUR_API_KEY_HERE' with the key.
+# and enter the API key when prompted by using the code shown below.
+
+import getpass
+
+# Enter your key
+key = getpass.getpass('Enter your PROVIDER API key: ')
+
+# Set the environment variable without displaying the full key
+os.environ['PROVIDER_API_KEY'] = key
+```
+
+:::{note}
+:name: using-env-key
+You may also set these keys directly using the `%env` magic command, but the key value may be echoed in the cell output. If you prefer to use `%env`, be sure to not share the notebook with people you don't trust, as this may leak your API keys.
+```
 %env PROVIDER_API_KEY=YOUR_API_KEY_HERE
 ```
+:::
 
 For more specific instructions for each model provider, refer to [the model providers documentation](https://jupyter-ai.readthedocs.io/en/latest/users/index.html#model-providers).
 

docs/source/users/index.md

@@ -992,7 +992,38 @@ The location of `ipython_config.py` file is documented in [IPython configuration
 
 You can use magic commands with models hosted using Amazon SageMaker.
 
-First, make sure that you've set your `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` environment variables either before starting JupyterLab or using the `%env` magic command within JupyterLab. For more information about environment variables, see [Environment variables to configure the AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-envvars.html) in AWS's documentation.
+First, make sure that you've set your `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` environment variables  before starting JupyterLab as follows:
+```
+os.environ['AWS_ACCESS_KEY_ID'] = <your_aws_access_key_id>
+os.environ['AWS_SECRET_ACCESS_KEY'] = <your_aws_secret_access_key>
+```
+
+You can also set the keys interactively and securely using the following code in your notebook:
+
+```python
+# NOTE: Enter the AWS access key id and the AWS secret access key when prompted by the code below
+
+import getpass
+
+# Enter your keys
+access_key = getpass.getpass('Enter your AWS ACCESS KEY ID: ')
+secret_access_key = getpass.getpass('Enter your AWS SECRET ACCESS KEY: ')
+
+# Set the environment variable without displaying the full key
+os.environ['AWS_ACCESS_KEY_ID'] = access_key
+os.environ['AWS_SECRET_ACCESS_KEY'] = secret_access_key
+```
+
+:::{note}
+:name: using-env-key
+You may also set these keys directly using the `%env` magic command, but the key value may be echoed in the cell output. If you prefer to use `%env`, be sure to not share the notebook with people you don't trust, as this may leak your API keys.
+```
+%env AWS_ACCESS_KEY_ID = <your_aws_access_key_id>
+%env AWS_SECRET_ACCESS_KEY = <your_aws_secret_access_key>
+```
+:::
+
+For more information about environment variables, see [Environment variables to configure the AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-envvars.html) in AWS's documentation.
 
 Jupyter AI supports language models hosted on SageMaker endpoints that use JSON schemas. Authenticate with AWS via the `boto3` SDK and have the credentials stored in the `default` profile.  Guidance on how to do this can be found in the [`boto3` documentation](https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html).
 

examples/sagemaker.ipynb

@@ -11,7 +11,28 @@
     "\n",
     "This demo showcases the IPython magics Jupyter AI provides out-of-the-box for Amazon SageMaker.\n",
     "\n",
-    "First, make sure that you've set your `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` environment variables either before starting JupyterLab or using the `%env` magic command within JupyterLab.\n",
+    "First, make sure that you've set your `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` environment variables before starting JupyterLab as follows:\n",
+    "```\n",
+    "os.environ['AWS_ACCESS_KEY_ID'] = <your_aws_access_key_id>\n",
+    "os.environ['AWS_SECRET_ACCESS_KEY'] = <your_aws_secret_access_key>\n",
+    "```\n",
+    "\n",
+    "If you prefer to set these keys interactively in this notebook, then use the following code: \n",
+    "```python\n",
+    "# NOTE: Enter the AWS access key id and the AWS secret access key when prompted by the code below\n",
+    "\n",
+    "import getpass\n",
+    "\n",
+    "# Enter your keys \n",
+    "access_key = getpass.getpass('Enter your AWS ACCESS KEY ID: ')\n",
+    "secret_access_key = getpass.getpass('Enter your AWS SECRET ACCESS KEY: ')\n",
+    "\n",
+    "# Set the environment variable without displaying the full key\n",
+    "os.environ['AWS_ACCESS_KEY_ID'] = access_key\n",
+    "os.environ['AWS_SECRET_ACCESS_KEY'] = secret_access_key\n",
+    "```\n",
+    "\n",
+    "**Note**: You may also set these keys directly using the `%env` magic command, but the key value may be echoed in the cell output. If you prefer to use `%env`, be sure to not share the notebook with people you don't trust, as this may leak your API keys. \n",
     "\n",
     "Then, load the IPython extension:"
    ]