Plugin Settings
Every plugin defines its configuration through a JSON Schema with custom extensions. Settings are resolved at runtime through a cascading hierarchy, allowing admins to set defaults while users and works can override them.
Settings Schema
Plugins declare their settings in the settingsSchema property using JSON Schema with platform-specific extensions:
readonly settingsSchema: JsonSchema = {
type: 'object',
properties: {
apiKey: {
type: 'string',
title: 'API Key',
description: 'Your API key for this service',
'x-secret': true,
'x-envVar': 'PLUGIN_EXAMPLE_API_KEY',
'x-scope': 'user',
},
defaultModel: {
type: 'string',
title: 'Default Model',
default: 'gpt-4o',
'x-widget': 'model-select',
'x-scope': 'global',
},
maxResults: {
type: 'number',
title: 'Max Results',
default: 10,
minimum: 1,
maximum: 100,
},
advancedMode: {
type: 'boolean',
title: 'Advanced Mode',
default: false,
'x-hidden': true,
},
},
required: ['apiKey'],
};
Schema Extensions
The platform extends JSON Schema with x-* properties that control security, scoping, and UI behavior:
| Extension | Type | Description |
|---|---|---|
x-secret | boolean | Field is encrypted at rest and masked in API responses. Use for API keys, tokens, passwords. |
x-envVar | string | Environment variable name to check as a fallback when no setting is stored. |
x-scope | 'global' | 'user' | 'work' | Which scope level can set this field. |
x-widget | string | UI rendering hint (e.g., model-select renders a model picker dropdown). |
x-hidden | boolean | Hide from the settings UI. Used for advanced/internal settings. |
x-adminOnly | boolean | Only visible to admin users. |
x-secret
Fields marked with x-secret: true receive special handling:
- Stored encrypted in a separate
secretSettingscolumn in the database - Never returned in API responses (masked as
"••••••"or omitted) - Environment variable fallback — If the user hasn't set the value, the system checks the
x-envVarenvironment variable
x-envVar
Maps a setting to an environment variable. This is the lowest-priority source — it's only used when no stored value exists at any scope.
apiKey: {
type: 'string',
'x-secret': true,
'x-envVar': 'PLUGIN_BRAVE_API_KEY',
}
With this schema, the API key is resolved as:
- Work setting (if in work context)
- User setting
- Admin setting
PLUGIN_BRAVE_API_KEYenvironment variable- Not configured (error)
x-scope
Controls which scope levels can set the field:
global— Typically admin-level settings shared across the platform (e.g., default model names)user— User-specific settings (e.g., personal API keys)work— Can be overridden per work
Resolution Hierarchy
When the platform needs a plugin's settings (e.g., to make an API call), it resolves each field through a cascading hierarchy:
┌─────────────────────────────────┐