/**
 * Credential resolution - unified API key retrieval from multiple sources.
 *
 * Resolution order (highest to lowest priority):
 * 1. Direct config (apiKey in config)
 * 2. Custom environment variable (apiKeyEnvVar in config)
 * 3. Standard environment variable (OPENAI_API_KEY, ANTHROPIC_API_KEY)
 * 4. Project .env file (./env in current working directory)
 * 5. Global .env file (~/.bellwether/.env)
 * 6. System keychain (via bellwether auth)
 */
import type { LLMProviderId, LLMConfig } from '../llm/client.js';
/**
 * Default environment variable names for each provider.
 */
export declare const DEFAULT_ENV_VARS: Record<LLMProviderId, string>;
/**
 * Result of credential resolution.
 */
export interface CredentialResult {
    apiKey: string | undefined;
    source: 'config' | 'env' | 'project-env' | 'global-env' | 'keychain' | 'none';
    envVar?: string;
    envFile?: string;
}
/**
 * Resolve API key from all available sources.
 *
 * Resolution order (highest to lowest priority):
 * 1. Direct config (apiKey in config)
 * 2. Custom environment variable (apiKeyEnvVar in config)
 * 3. Standard environment variable (OPENAI_API_KEY, ANTHROPIC_API_KEY)
 * 4. Project .env file (./env in current working directory)
 * 5. Global .env file (~/.bellwether/.env)
 * 6. System keychain (via bellwether auth)
 *
 * @param config - LLM configuration
 * @returns The resolved API key and its source
 */
export declare function resolveCredentials(config: Pick<LLMConfig, 'provider' | 'apiKey' | 'apiKeyEnvVar'>): Promise<CredentialResult>;
/**
 * Synchronous API key resolution (for backward compatibility).
 * Does NOT check keychain - use resolveCredentials for full resolution.
 */
export declare function resolveApiKeySync(config: Pick<LLMConfig, 'provider' | 'apiKey' | 'apiKeyEnvVar'>): string | undefined;
/**
 * Check if credentials are available for a provider.
 */
export declare function hasCredentials(provider: LLMProviderId): Promise<boolean>;
/**
 * Get a description of where credentials are configured.
 */
export declare function describeCredentialSource(provider: LLMProviderId): Promise<string>;
/**
 * Get authentication status for all providers.
 */
export interface AuthStatus {
    provider: LLMProviderId;
    configured: boolean;
    source: CredentialResult['source'];
    envVar?: string;
}
export declare function getAuthStatus(): Promise<AuthStatus[]>;
//# sourceMappingURL=credentials.d.ts.map