Skip to main content

Encrypted API Key Vault

Your API keys. Encrypted. Local. Yours.

What Is the Secure Vault?

The Secure Vault is SoundWorks’ encrypted storage for API keys and service credentials. When you add API keys for cloud services — AWS, Azure, OpenAI, Anthropic Claude, ElevenLabs, DeepL, Yandex — they are encrypted and stored locally on your machine. Keys never leave your device and are never sent to DMKI Lab servers.

Why Does Secure Key Storage Matter?

API keys are sensitive. An exposed API key can result in unauthorized usage on your account, unexpected charges, or access to your data on that service. Proper encryption prevents accidental exposure.

Local-only storage. Your keys are stored on your machine, not in a cloud database. There is no central key store that could be breached to expose your credentials.

Managed access. The API Keys Manager provides a visual interface for adding, viewing, and removing keys. Export controls with locking prevent accidental key exposure through clipboard operations.

Supported Services

The vault stores credentials for:

  • AWS (Access Key + Secret Key) — for Polly TTS and S3 storage
  • Azure — for Azure Translator and Azure AI services
  • OpenAI — for ChatGPT, GPT-4, and OpenAI TTS
  • Anthropic Claude — for Claude AI integration
  • ElevenLabs — for ElevenLabs voice synthesis
  • DeepL — for professional translation
  • Yandex — for Yandex SpeechKit and translation

How It Works

Step 1: Open API Keys Manager. Access the key management interface from SoundWorks settings.

Step 2: Add keys. Enter API keys for the services you use. Keys are encrypted immediately upon saving.

Step 3: Use normally. SoundWorks retrieves and decrypts keys automatically when connecting to cloud services. You never need to re-enter them.

Export Controls

The vault includes an export lock mechanism. When enabled, specific API keys are locked against export, preventing them from being copied to the clipboard or extracted from the application. This is useful in shared environments where the machine may be used by multiple people.

Frequently Asked Questions

Where are the keys stored physically? Keys are stored in encrypted form in the local application data directory on your Windows machine.

Can I back up my keys? Yes. The encrypted key store can be backed up as part of your SoundWorks application data. Keys remain encrypted in the backup.

What happens if I reinstall SoundWorks? Keys are stored in the application data directory, which is separate from the application installation. A standard reinstall preserves your keys. A full system wipe requires re-entering them.

Can I import keys from another SoundWorks installation? Key import is supported through the API Keys Manager interface for migrating credentials between machines.

Is the encryption strong enough for production API keys? The vault uses standard encryption for local storage. For maximum security, follow your cloud provider’s best practices: use keys with minimum necessary permissions, rotate keys regularly, and monitor usage on the provider dashboard.

Ready to get started?

Download SoundWorks Free

Related Features

Offline-First Architecture

SoundWorks runs offline by default. AI voice cloning, transcription, audio/video processing -- all without internet. No cloud dependency, no data leaves your machine.

Cloud Text-to-Speech Engines

Access premium cloud TTS voices from OpenAI, ElevenLabs, Claude, AWS Polly, IBM Watson, and Yandex in one interface. Use your own API keys. No markup, no middleman.

CPU Mode (Low-Spec Hardware Support)

Run AI voice cloning and transcription on CPU with SoundWorks. No GPU required. Force CPU mode for Whisper, VibeVoice, IndexTTS2, Qwen3, and all AI features. Free.