In-app registry API key creation and management

[sbaker]

Summary

Allow users to create, view, and revoke PrompdHub registry API keys directly from the Prompd desktop app, eliminating the need to visit the web dashboard. Also support multiple registry configurations for enterprise and hybrid workflows.

Motivation

• Reduces friction for first-time setup (user authenticates via Clerk, then can immediately generate a key)
• Keeps the workflow entirely within the app
• CLI users already have prompd registry login — the desktop app should have parity
• Enterprise users need private registries alongside the public PrompdHub

Proposed behavior

API Key Management

• Settings modal > Registry section > "Manage API Keys" button
• Shows existing keys (name, created date, last used, truncated prefix)
• "Create New Key" flow: name the key → server generates → show once → auto-save to ~/.prompd/config.yaml
• Revoke keys with confirmation dialog

Multiple Registry Support

• Settings modal > Registry section > list of configured registries
• Each registry entry: URL, display name, API key, priority order
• Default registry: https://registry.prompdhub.ai (always present, can be deprioritized)
• "Add Registry" flow: URL → auto-discover via /.well-known/registry.json → authenticate → save
• Package resolution order: check registries in priority order, first match wins
• Scoped registry overrides: e.g., @company/* always resolves from private registry

Registry Proxy / Upstream Support

• A private registry can act as a proxy with an upstream (e.g., company registry falls through to PrompdHub for public packages)
• Config in ~/.prompd/config.yaml:

  registries:
    - name: Company Private
      url: https://registry.company.com
      api_key: prmd_xxx
      scopes: ["@company"]
    - name: PrompdHub
      url: https://registry.prompdhub.ai
      api_key: prmd_yyy
      default: true

• The app resolves packages by checking scoped registries first, then falling back to the default
• Private registries can optionally configure upstream proxy server-side (transparent to the client)

Security considerations

• User must be authenticated (Clerk session required) for key management
• Key generation happens server-side via registry API (not client-side)
• Raw key shown exactly once, then only the scrypt hash is stored server-side
• App stores raw key in ~/.prompd/config.yaml (same as CLI does today)
• No new attack surface — equivalent to creating a PAT on GitHub or npm token via CLI
• Private registry credentials scoped per-registry, not shared

API endpoints needed

• POST /api/tokens — create new API key (already exists on registry)
• GET /api/tokens — list user's keys with metadata (may need to add)
• DELETE /api/tokens/:id — revoke a key (already exists on registry)
• GET /.well-known/registry.json — registry discovery (already exists)

References

• Settings modal: frontend/src/modules/components/SettingsModal.tsx
• Config service: frontend/src/modules/services/configService.ts
• Registry API client: frontend/src/modules/services/registryApi.ts
• Registry discovery: frontend/src/modules/services/registryDiscovery.ts
• Existing CLI token flow: @prompd/cli RegistryClient
• Config format: ~/.prompd/config.yaml