Update 6 files

- /src/main/Resources/application.yml
- /src/main/config/AppProperties.java
- /src/main/service/ExternalApiService.java
- /src/main/controller/GenerateController.java
- /src/test/AppPropertiesTest.java
- /README.md

README.md

@@ -88,49 +88,27 @@ Show your appreciation to those who have contributed to the project.
 
 ## License
 For open source projects, say how it is licensed.
+---
 
-## Project status
-If you have run out of energy or time for your project, put a note at the top of the README saying that development has slowed down or stopped completely. Someone may choose to fork your project or volunteer to step in as a maintainer or owner, allowing your project to keep going. You can also make an explicit request for maintainers.
-## 🔐 Secure API Key Management (Sprint 4 – V2D Document)
+## Sprint 4 – Secure API Key Management
 
-This project uses secure environment variables to store and manage all external API keys
-(required for LLM/Transcription APIs). No API key is ever committed into the repository.
+In Sprint 4, secure handling of API keys was implemented for the V2D (Video to Document) framework.
 
-### ✔ How the API Key Works
-The application reads the key from an environment variable named:
+### Implementation Overview
+- API keys are **not stored in the source code**
+- The backend loads the key from an **environment variable**
+- A single configuration works for all users without manual setup
+- Secrets are protected from being exposed in the repository or frontend
 
-`LLM_API_KEY`
-
-Spring Boot loads it automatically using the following configuration in `application.yml`:
+### Configuration
+The backend expects the following environment variable:
 
 
-### ✔ Local Development (developer machines)
-Developers must manually set their API key locally:
+This variable is injected at runtime by the deployment or CI/CD environment and referenced in `application.yml`.
 
+### Security Benefits
+- Prevents accidental exposure of API keys
+- Ensures secure collaboration in GitLab
+- Follows best practices for secret management
 
-### ✔ GitLab CI/CD Setup (secure by default)
-To provide the key for all environments securely:
-
-1. Go to **GitLab → Settings → CI/CD → Variables**
-2. Add variable:
-   - **Key:** `LLM_API_KEY`
-   - **Value:** your real API key
-   - **Masked:** ✓ Enable  
-   - **Protected:** (optional)
-3. Save.
-
-Pipelines will automatically use the secure key without exposing it.
-
-### ✔ Security Guarantees
-- The API key is **not stored** in the repository  
-- `.env` files are ignored through `.gitignore`  
-- The key is **never printed**, logged, or exposed to users  
-- Every new user of V2D Document can use the system **without needing their own key**
-
-### ✔ Files Added in This User Story
-- `src/main/resources/application.yml`
-- `src/main/java/com/v2d/document/config/AppProperties.java`
-- `src/main/java/com/v2d/document/service/ExternalApiService.java`
-- `src/test/java/com/v2d/document/config/AppPropertiesTest.java`
-
-This completes Sprint 4 User Story: **Backend – Secure Management & Storage of API Keys**.
+---