Config Module

The config module provides organization-scoped configuration storage with secret encryption.

Import

from bifrost import config

Methods

config.get()

Get a configuration value.

async def get(
    key: str,
    default: Any = None,
    scope: str | None = None,
) -> Any

Parameters

Parameter	Type	Description
key	str	Configuration key
default	Any	Default if key doesn’t exist
scope	str | None	Organization scope (see below)

Scope parameter:

• None (default): Use execution context’s organization
• Org UUID string: Target specific organization
• "global": Access platform-level config

Returns

The configuration value, or default if not found. Secrets are automatically decrypted.

Example

api_key = await config.get("external_api_key")
timeout = await config.get("request_timeout", default=30)
global_setting = await config.get("platform_key", scope="global")

config.set()

Set a configuration value.

async def set(
    key: str,
    value: Any,
    is_secret: bool = False,
    scope: str | None = None,
) -> None

Parameters

Parameter	Type	Description
key	str	Configuration key
value	Any	Value to store (must be JSON-serializable)
is_secret	bool	Encrypt the value at rest
scope	str | None	Organization scope (see below)

Scope parameter:

• None (default): Use execution context’s organization
• Org UUID string: Target specific organization
• "global": Store at platform-level

Example

# Regular value
await config.set("max_retries", 3)

# Secret value (encrypted at rest)
await config.set("api_secret", "sk-xxx", is_secret=True)

# Global platform setting
await config.set("platform_feature", True, scope="global")

config.list()

List all configuration values.

async def list(scope: str | None = None) -> ConfigData

Parameters

Parameter	Type	Description
scope	str | None	Organization scope (see below)

Scope parameter:

• None (default): Use execution context’s organization
• Org UUID string: Target specific organization
• "global": List platform-level config

Returns

ConfigData object with flexible access patterns.

Example

cfg = await config.list()

# Dot notation
print(cfg.api_url)

# Dict access
print(cfg["api_url"])

# Check existence
if "api_key" in cfg:
    print("API key configured")

# Iterate keys
for key in cfg.keys():
    print(key)

config.delete()

Delete a configuration value.

async def delete(key: str, scope: str | None = None) -> bool

Parameters

Parameter	Type	Description
key	str	Configuration key to delete
scope	str | None	Organization scope (see below)

Scope parameter:

• None (default): Use execution context’s organization
• Org UUID string: Target specific organization
• "global": Delete platform-level config

Example

deleted = await config.delete("old_setting")

Types

ConfigData

A dict-like container with multiple access patterns:

class ConfigData(BaseModel):
    data: dict[str, Any]

    # Supports:
    # - cfg.key (dot notation)
    # - cfg["key"] (dict access)
    # - "key" in cfg (membership)
    # - cfg.keys() (iteration)

Secrets

Values stored with is_secret=True:

• Are encrypted at rest in the database
• Are automatically decrypted when retrieved via config.get()
• Are masked in logs and UI displays

Organization Scoping

All config operations are scoped to an organization:

• In workflows, scope is automatically set from execution context
• For CLI/local development, specify scope explicitly or use default from credentials
• Use scope="global" for platform-wide settings

See Also

• Secrets Management - Security guide