It is a common requirement to need to include sensitive information such as API tokens and passwords in action options blocks. As other users can see action configurations, Tines provides the credential widget which allows for the use of placeholders in action options blocks. When an action containing a credential widget runs, Tines will replace the credential widget with its corresponding credential. This means that sensitive data does not need to be stored as plaintext in Action configuration options or in a resource.
Creating a Credential
From the credentials page, select "New credential". You will then be prompted to choose the credential type.
Tines supports the following types of credentials:
Sharing a Credential
Credentials will, by default, only be accessible to the Team they are created within. Credentials can be configured to be shared with all other teams in the tenant by selecting the 'Everyone' access option.
Credentials with the same name as Credentials shared across multiple Teams will use the Credential located within the same Team as the Story.
Security Considerations when using credentials
It is important to note that while credentials and the credential widget dramatically increase the security of secret information in Tines, like all security solutions, they are not absolute. For example, if Tines is interacting with a 3rd-party service, it is possible the service, depending on its operation, may include the credential's value in its response, which Tines will then include in an emitted event.