# Tines Explained ## 21 day trial of AI in Tines You can start your trial of [AI in Tines, the AI agent action and Workbench,](https://explained.tines.com/en/articles/11571096-introduction-to-ai-agents) in Tines, by opting in **[here](https://hq.tines.io/pages/agents_trial/).** ### **What’s this trial for?** This trial lets you explore **[AI Agent](https://explained.tines.com/en/articles/11571096-introduction-to-ai-agents)** **action type** and [Workbench](https://explained.tines.com/en/articles/9822635-introduction-to-workbench) commitment free. It's an excellent way to experiment with the features. ### **How long does the trial last?** **21 days** from the day you opt in. ### **Who can access the trial?** The trial is available to **paying Tines customers** (it is not available for Community Edition). ### **Can I extend the trial?** You sure can - just reach out and we’ll sort it out for you. ### **Does the trial include additional AI credits?** For the most realistic trial of AI in Tines, we did not adjust your credits. This way you can effectively estimate whether or not you'll need more credits to implement AI in your workflows. You can check your credit usage by following [these steps.](https://explained.tines.com/en/articles/9369092-how-ai-usage-and-ai-credits-work-in-tines) ### **Why are we offering this trial?** To give you a **low-friction way to test powerful new features**, and help identify how they can support your workflows ### **Who can I contact with questions?** Your Tines point of contact, or simply open the messenger in the bottom right and get in touch. We're always available to chat. ### **Can I see how it works?** Sure thing. Check out the demo below. 👇🏼 [Watch video](https://fast.wistia.net/embed/iframe/yen5oyj0qb) ## Abnormal Security Authentication Guide Abnormal provides total protection against the widest range of email attacks including phishing, malware, ransomware, social engineering, executive impersonation, supply chain compromise, internal account compromise, spam, and graymail. ## First, get a Abnormal Security Access Token 1. Login to your Abnormal Security account at [https://portal.abnormalsecurity.com/](https://portal.abnormalsecurity.com/) 2. Click "Settings" and then click "Integrations" ​ ​ ![](https://downloads.intercomcdn.com/i/o/943210643/3bb2ce094943a026b25a1dee/image.png?expires=1781611200&signature=a879549ed89b48a5dd2bc32d0ed2d5eaa05b6735e7f355037e852ca7b2ee5b3f&req=fSQkFMh%2Bm4VcFb4V1XW4gRR7Z7ArRsK%2FmbS2%2F9%2BHTwupMN6MvPlVNW3CW5aA%0ASlbDmDa1GYhFI%2FjO07AdFV823Q%3D%3D%0A) ​ 3. Under "Additional Integrations", click "+ Connect" ​ ​ ![](https://downloads.intercomcdn.com/i/o/943211532/d00d1b68fa444aeef0aea76b/image.png?expires=1781611200&signature=ab7df5c4743ab42b9be9edbfcb935c8e436f7bbd5998fe4703b8334e5245d8cc&req=fSQkFMh%2FmIJdFb4V1XW4gaXsqyU91PIuXUcQJ8XrQtaiNNfAUT0XlSR%2FuLTK%0AQHoksPLxig5crCcnMQZTLvF%2BvA%3D%3D%0A) ​ 4. Copy your Access Token key to a text editor and add any required IP addresses to "IP Safelist" ​ ​ ![](https://downloads.intercomcdn.com/i/o/943213153/9a619c9ccf644693cf63e3ae/image.png?expires=1781611200&signature=91726d90b85fc449c84d214f3538bc187bbc7bc51b5f49164726c971e0d3942f&req=fSQkFMh9nIRcFb4V1XW4gbDHwPefNEUxGafxQhTNpBcA%2Bo9IqZh263U0JgFr%0ACquMZ4Fs0AH9rll436k5pa3a%2FA%3D%3D%0A) ## Lastly, create a Abnormal Security credential in Tines **Abnormal Security connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Abnormal Security" and follow the prompts to connect. > **Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/abnormal-security).** > > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Abnormal Security** **stories in the [story library](https://www.tines.com/library?s=abnormal%20security&view=all)** ## AbuseIPDB Authentication Guide AbuseIPDB is a project dedicated to helping combat the spread of hackers, spammers, and abusive activity on the internet. ## First, get an AbuseIPDB API key 1. Navigate to [https://www.abuseipdb.com/](https://www.abuseipdb.com/) and click "Sign up" to create a new account. Existing AbuseIPDB users can click "Login" ![](https://downloads.intercomcdn.com/i/o/750438952/3247ac797d3e950ad39d723f/Screen+Shot+2023-03-27+at+4.47.28+PM.png?expires=1781611200&signature=2b373dec49b64d72715d3517ee45905b5ca80aabb5319398cfddadc92491a808&req=cyUnEsp2lIRdFb4V1XW4gfE9dPSAfZ7mUgQ2ioP2B7C2bs7%2FnW8ob%2B60a7cr%0AHbz56LGsO5DlpQGvi3qhlb3vvQ%3D%3D%0A) 2. In the middle panel, click "API" and then "Create Key" ![](https://downloads.intercomcdn.com/i/o/773084665/6a75ef3216454aed164093e0/image.png?expires=1781611200&signature=523bdca9363122fa0601fb159cb9c391a2a2efb2674237eaaefad928dbddc9e2&req=cyckFsF6m4daFb4V1XW4gfjNKBUR1%2BN0a0cYIkiiaHPMY0J1lLQ00Txt902c%0AfGwt7nWmHO0PgXq1cSL9dfXXkQ%3D%3D%0A) 3. Give the key a name and then copy the key ### Then, create an AbuseIPDB credential in Tines **AbuseIPDB connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "AbuseIPDB" and follow the prompts to connect. **Manual credential creation** This method is not recommended as the AbuseIPDB connect flow creates this credential with much less complexity. However, if you need to create this credential set manually, see the following steps below: 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credential" 3. Click "+ New Credential" and select "Text" 4. Input the values for the AbuseIPDB credential 1. **Name:** Required 2. **Description:** Optional 3. **Value:** API Key 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API > Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/abuseipdb). > > For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines). > > You can find a selection of AbuseIPDB stories in the [story library](https://www.tines.com/story-library?s=abuseipdb) ## Accessing audit logs To access the audit logs, select settings from your menu and choose 'Audit logs' in the 'Monitoring' section. You may have to scroll through the settings options on the left. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1810270865/c96a03202e8aa557cf3583fcbec4/CleanShot+2025-11-03+at+11_07_30%402x.png?expires=1781611200&signature=4115cec9ac94fa2e47aed0c8884383d3f31964c93c1f92c8b459ae69659712af&req=dSgmFst5nYlZXPMW3nq%2BgbCHOBTyj%2F5Fpie5sNmgaujlBSAyGOEc5iZqgaIQ%0AbgEX%2FINjoPVGfV9l%2BwMolBFnJCE%3D%0A) From here, you can filter this list by user and operation. Click "Download CSV" to start an immediate download. You can also export audit logs directly to Amazon S3 buckets by clicking the settings icon next to "Download CSV". Audit logs in Tines are stored in UTC timezone and ISO8601 format e.g. 2023-04-21T10:30:02+00:00 > **Note:** To access audit logs, you must be a tenant admin. Audit logs is part of the [Security Essentials](https://explained.tines.com/en/articles/9620399-understanding-tines-pricing-and-packaging) Tines package. ## Adaptive Shield Authentication Guide Adaptive Shield is a popular Security Posture Management solution that notifies security teams of potential risks in their SaaS environment and attempts to fix them. ## First, get an Adaptive Shield API key 1. Login to your Adaptive Shield account at [https://dashboard.adaptive-shield.com](https://dashboard.adaptive-shield.com/) 2. Click on the user menu and select "User Profile" ​ ​ ![](https://downloads.intercomcdn.com/i/o/879827748/c3b0d6273d301ef5fd09c664/image.png?expires=1781611200&signature=91408ae833a826f84deec0b4f7e3baa3d6c1315c178db80f74b91eb0d12fd41b&req=fCcuHst5moVXFb4V1XW4gX2rZ2s0483ojiYmOk8ZLIyj337rfziAyqD2n97X%0Aw7MWa67b08RQSFy7EOg9czdv6g%3D%3D%0A) ​ 3. Click the "API" tab and then click "+ Generate new key" 4. Name the key and click "Create" ​ ​ ![](https://downloads.intercomcdn.com/i/o/879828593/07615dfe9f6a6484e32cb64c/image.png?expires=1781611200&signature=f474f8e0b5bce5de6410b2bcb9df0ef1ee6f1eb19ff46fdbfd789623fbc56866&req=fCcuHst2mIhcFb4V1XW4gUb9cvLWDeXFeMgbWTOzBahsgCmpe8Chl5%2B1w2IZ%0AJST%2BEtXEcH9caphZ0di2xoNdkg%3D%3D%0A) ​ 5. Copy the API key to a text editor ## Then, create an Adaptive Shield credential in Tines **Adaptive Shield connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Adaptive Shield" and follow the prompts to connect. **Manual credential creation** This method is not recommended as the Adaptive Shield connect flow creates this credential with much less complexity. However, if you need to create this credential set manually, see the following steps below: 1. Click "+ New Credential" and select "Text" 2. Input the values for the Adaptive Shield credential 1. **Name:** Required 2. **Description:** Optional 3. **Value:** Your copied API key value 4. **Domains:** \*.adaptive-shield.com 5. **Metadata**: ``` { "domain": "https://api.adaptive-shield.com or https://eu.api.adaptive-shield.com", "account_id": "your account id" } ``` 6. **Access:** What other teams can also use the API ​ > **Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/adaptive-shield).** > > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Adaptive Shield** **stories in the [story library](https://www.tines.com/library?s=adaptive%20shield&view=all)** ## Adding stories to the Tines story library Tines story library has over a thousand pre-built examples of Tines in action to accelerate your story building or fuel your imagination on what to build next. These are built by the folks at Tines, and builders who use Tines every day. > **Note:** You can tell us your ideas for a story, or if you would like your own story featured in our library, submit a copy of it [here](https://www.tines.com/library/stories/?modal=request-story). When you're ready to submit a story, here are some tips on how to prepare your story for upload to the library: - Be clear - Edit your story - Make it easy to follow ## Be clear ![](https://downloads.intercomcdn.com/i/o/am0g137l/2078040731/2128b0a15141d4757705601c55a0/Be+clear.png?expires=1781611200&signature=16dd7f8dbfd15ca8b73481725ceafb30a3bdfae247a1a49323f74d8abe1ab97c&req=diAgHsl6nYZcWPMW3nq%2BgaiQtmDtRPs5pM3dOHNrRwMBbOV7FrSJxC2V7erg%0A0SpQZGHu9lWzZAuTXFN3FeuThoo%3D%0A) ### **Story name** The story name should make clear what the story does, without being verbose. You should start with a verb, and highlight the tool(s) used. If a lot of tools are used, this can be changed to “multiple tools” or similar. **Examples of good story names:** ``` - Triage emails with Sublime Security in Slack - Update Slack Status based on Zoom Meetings - Reserve IPs for new hosts in Infoblox NIOS - Respond to alerts from various tools with the AI Agent action ``` ### **Description** The description panel should outline the main purpose of the story and include a brief description of the story, giving a high level overview of what it does. This should be written in plain text. **Examples of good descriptions:** ``` Receive security alerts from various products and agentically create a case with enriched IOCs and suggested actions. Use agents triggered by case actions to complete the actions and update the case. ``` * * * ``` Automate Pull Request reviews in GitHub using the AI Agent action. When a review is requested, the system analyzes the changes, generates relevant comments, and posts them for the submitter. Optionally, an AI chatbot can be used to perform a comprehensive review. ``` * * * ``` Enrich a company when it is added to an Airtable database. Receive a webhook notification when a new record is added and fill out the remaining fields with web searches powered by Tavily. ``` ## Edit your story Before exporting your story, make sure to review it so you’re not sharing any internal details or personal information. ### Monitoring Many times, the monitoring tab is auto-populated with an email which can lead to spam emails from users who later import a story. If this isn't cleared before submission, it will be removed before the story gets published to the library. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2078041887/fa139bb60f54db80649228fc4168/Monitoring.png?expires=1781611200&signature=25ccc47320dab90ebeb1cd76b94e4175d071c5b5c79b1262106fa86def43463f&req=diAgHsl6nIlXXvMW3nq%2BgS2jjxg0VNotZLynH3Ei8YKUKk4am7Fr0%2FYerrpY%0AoZVp54nnNe5PdccYBsKBehLfNlg%3D%0A) ### Scheduling Ensure no actions have scheduling enabled so stories aren’t running without a user’s explicit knowledge. If stories should run on a schedule, remember to add a note to the storyboard so people know to enable this. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2078042640/5874efccf61ae6424f64a2c5a532/Scheduling.png?expires=1781611200&signature=dea6e6a9400de31065606998bf5d79d3252622dc0cd8977c9c2295a487d7f7f2&req=diAgHsl6n4dbWfMW3nq%2Bgb4Hs%2FJBccAlQ4BNSjcber3X660xh2JHoI9ZbO7e%0Apqz78cBcls0v18jpJYVZzsG5F48%3D%0A) ### **Security first** Never hard-code emails, IDs, or credentials. Use Resources or "Pills" so the story is ready for anyone to use immediately with their story’s data. ### **Action naming & cleanup** - **Be descriptive:** Give every action a name that explains its purpose (e.g., "Send a Slack message" instead of just "Message"). - **HTTP requests:** Include the tool name in the action title. - **cURL cleanup:** If you paste a cURL command, remember to delete the default "Created from cURL command" description. ### **Action simplicity & logic** The goal is to make automations easy to follow and modify. - **Keep formulas simple:** If a formula is getting too complex, split the functions into LOCAL fields or multiple actions. - **Use placeholders:** When using "Pills" for values like domains or IDs, add a note next to the action to guide the user on what they need to update. - **Credential metadata:** For domains or IDs specifically linked to credentials, set those values directly in the credentials metadata. * * * ## Make it easy to follow The layout of your story is important to help new users understand the overall flow and order of events. ### Use the space ![](https://downloads.intercomcdn.com/i/o/am0g137l/2078043562/9ed6b77d8cc16d959f09778f0c60/Use+the+Space.png?expires=1781611200&signature=f540f5184be8d853eb0f36db6452c3c61c1f352dd4037e81ad796f0b9274b845&req=diAgHsl6noRZW%2FMW3nq%2BgQwYzKlS0RvNcL%2FdfdpuVl110eKzu63frpOaT4CP%0Aj%2F6qzCFUfGS5OkJKjpAKuJ0phT4%3D%0A) Avoid the congestion of elements on the storyboard. The connectors between the actions are enough for our builders to know what is next in the flow. See the heavy congestion to the left. ### Let it flow Think about a grid system, row by row, column by column, everything should slot straight into place and on the right level, actions and notes included. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2078044010/68120bbd29b09990db99f1a25a05/Let+it+flow.png?expires=1781611200&signature=3f0e6a2fb254dd1dabc8ceb8de96587a43e826a2910ffa1e66afd3d7c8a9faf3&req=diAgHsl6mYFeWfMW3nq%2Bgbf6KYwKg6xZVHJupwdODqOsSRnxjB7XrYnq2urV%0Auad9V11wnWQ9r5jCCY16t5EZbuI%3D%0A) With more actions and notes, stories can certainly become overwhelming, especially in a larger story. ### Floating singular actions Some stories have actions that have a singular mechanic in what they do and live alongside a story. We recommend that you sign post those with a note, in order to draw attention and for new builders to understand this isn't a mistake in the story. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2078044540/65a8f8393b4493d4e084e8b5e962/Floating+singular+actions.png?expires=1781611200&signature=ad5ef913b2c4f49ae61c6650e5d709821852aa70e4bdbf43a3c114d67ad1c3db&req=diAgHsl6mYRbWfMW3nq%2BgcC%2ByMMXb2Z%2BFOwg%2FjGqwOwFEF62J9Ub5cbKTD%2B0%0ASRW%2BB%2BhmmhFfRPKQdvZX8jGAGEw%3D%0A) ### Notes Every story should have at least two notes present: - Overview - Requirements **Overview** The overview note should explain the purpose of an automation and how it works. It should be more in-depth than the story metadata description. **Requirements** Every story has it's own level of requirements that could contain: Credentials and Resources. These can be kept in the same note with each item under the sub heading. Checkboxes work nicely here for out requirement too. Ensure details for credential metadata is also provided under each credential. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2078045297/b01cd9d637c7f821a2ee270552ff/image.png?expires=1781611200&signature=7282e666d855f9fd72c8acca3200122e338a5c46f3f3313cf59c7f6d7a3a5e6b&req=diAgHsl6mINWXvMW3nq%2BgZ4Oiy%2FZgkmzEp629am2rTsTL7rpa00l86HXjNk4%0A6b3iS3hRNtOcTmyOeMpAO4geU9I%3D%0A) ### Note alignment & visual hierarchy We recommend aligning the top edge of a note with top edge of an action. It seems like a small thing, but it will help your grid feel a lot more concise and from a zoomed out perspective, feel less messy. The words in notes hold a lot of the untold nuances of our stories. If things aren't clear, it can be super challenging especially while learning a new tool. It can be very tempting to write large notes to get everything down, but this can cause visual chaos and could be slightly overwhelming to builders. Instead: 1. Lead with a captivating title - Use H1 for your Leading header and for breaks in sections within a note 2. Use toggle headings (H1, H2, or H3) to collapse and expand sections — keeping long notes organized without the clutter. Type `/` in any note to add a toggle heading. 3. Use body text for paragraphs 4. Highlight words with bold text 5. For formula and code use the code snippet markdown 6. When using links be sure to give it a title instead of the url itself to clean it up. ## Additional cases resources There are many resources available to help you understand more about cases. Starting with our explained articles and going deeper into library examples, product docs, and API docs. Below are quick links to each of those resources. * * * ### Product docs Clear descriptions of the cases features and how to use them. This is useful when you are wanting to create, manage, or get into the technical aspects of cases. [Explore our product docs](https://www.tines.com/docs/records-cases/cases) ### API docs Developer documentation on ways to interact with our cases API endpoint. [Read the API docs](https://www.tines.com/api/cases/create) ### Library The library houses workflows that include Tines cases interacting with other systems. This is a great resource for both learning how to embed cases into your processes and get inspiration for your next build. [Explore the library](https://www.tines.com/library/cases-records) ### Additional articles and blogs We also have the following resources to support your understanding cases in Tines. - [Introduction to cases](https://explained.tines.com/en/articles/7971194-introduction-to-cases) - [How to create a case](https://explained.tines.com/en/articles/7974460-how-to-create-a-case-in-tines) - [Cases website page](https://www.tines.com/product/cases) to understand the high-level value - [Transitioning to Tines cases for automation tasks](https://www.tines.com/blog/transitioning-to-tines-cases) from Michael Tolan in Tines Labs > **Please note**: Cases is an add-on feature for all pricing plans. We offer a 45-day trial for all paid plans. Talk to your account team to learn more. ### Video: Introduction to Cases A high-level video describing the feature generally. [Watch video](https://www.youtube.com/embed/3ZD8UBx8wIc?rel=0) ## AI Agent action FAQs ## Overview **What is the AI Agent action?** The **AI Agent action** (also known as the AI Agent, or simply, agent) is an evolution of the AI action, providing even more AI capabilities in Tines. The AI Agent action includes two modes: - **Task** mode autonomously thinks and responds to prompts in a workflow using multiple, integrated tools. - **Chat** mode allows builders to create AI-powered pages that external end-users can interact with, powered by, and specific to the tools added to the AI Agent action. **What is the difference between a deterministic workflow and an agentic one?** A deterministic workflow follows a linear set of actions, resulting in a predictable outcome with consistent timing. An agentic workflow does not follow a linear path but acts autonomously using a prompt to achieve its end goal. The agentic workflow can adapt to its environment and access tools to complete tasks. The AI Agent action utilizes the agentic approach. **When is it advised to use the AI Agent action in my workflow?** The best time to use the AI Agent action in your workflow is when you are looking to do: - **Adaptive decision-making:** The AI Agent action makes decisions based on data it encounters without requiring every possible scenario to be laid out in advance. - **Contextual adaptation:** The AI Agent action pulls context from multiple sources and adapts its behavior or responses based on its understanding of a situation, rather than following a linear flow. - **AI chat for your organization:** Bring the power of the AI Agent action directly to the end-user via **Chat** mode. **How does the AI Agent action relate to the AI action?** The AI Agent action is an evolution of our original AI action. The AI Agent action now offers two modes, **Task** and **Chat**, depending on your requirements for user interaction. **How does the AI Agent action's Chat mode compare to a Workbench chat?** - The AI-powered chat built from an AI Agent action differs from a Workbench chat. **Chat** mode is an AI-powered page that external end-users can access. The chat is defined by the agent it was built on, including a pre-determined end-state based on the prompt it was given. - Workbench is meant for builders within Tines with specific permissions, and cannot be accessed by end-users. A Workbench conversation is intended to be an open-ended dialogue between the LLM and the user. Ultimately, it’s up to the user to decide what the final outcome should be. * * * ## Availability **Do I have to be a Tines customer to use the AI Agent action?** Yes, you must be a Tines customer to use the AI Agent action. The AI Agent action is available on Business and Enterprise plans and is not available on Tines community tenants. For more details, check out [our pricing and packaging article](https://explained.tines.com/en/articles/9620399-understanding-tines-pricing-and-packaging). **Is the AI Agent action available for self-hosted Tines tenants?** The AI Agent action will be available for self-hosted tenants in the self-hosted release following the June 25th launch. As with all AI features for self-hosted tenants, you will need to use your own AI model. **What is the minimum level of user access needed within the tenant to build with the AI Agent action?** The minimum [default role](https://www.tines.com/docs/admin/teams/#roles) to build with the AI Agent action is the Editor role. If your pricing plan includes [custom roles](https://www.tines.com/docs/admin/user-administration/custom-roles/), the minimum permissions needed are the story authoring permissions (Stories - **Create, Run, and Update**). **What stories and credentials can I access within my tenant from an AI Agent action?** Within the AI Agent action, you can specify the tools that it accesses during setup via the `+ Add tool` option. Just like our templates feature, you can connect the tools to your desired [credentials](https://www.tines.com/docs/credentials/). The agent will not attempt to access any stories, tools, or credentials outside what is specified in its configuration. * * * ## Functionality **What types of abilities can the AI Agent action execute?** The AI Agent action has two modes: **Task** mode and **Chat** mode. **Task** mode is fully autonomous, as the agent executes a monologue conversation with itself to achieve specific tasks. **Chat** mode offers an AI chat interface for end-users, where the agent attempts to achieve a certain goal and obtain information from the user based on its configured prompt. Both of these modes offer the ability to add **Tools** and **Custom Tools**. **What are Tools and Custom Tools for the AI Agent action?** - The following **Tools** can be added to the AI Agent action's configuration: [Public Templates](https://www.tines.com/docs/actions/templates/templates/), [Private Templates](https://www.tines.com/docs/actions/templates/private-templates/), and [Send to Story](https://www.tines.com/docs/stories/send-to-story/). - The **Custom Tool** option is our [action Groups](https://www.tines.com/docs/stories/groups/) feature that you can build into the AI Agent action's configuration. - A brand new action cannot be added directly as a **Tool** to an AI Agent action's configuration; it must be pre-built into one of the features mentioned, **Tools** or **Custom Tools**. **What is the Think tool within the AI Agent action?** Inspired by [Anthropic's research](https://www.anthropic.com/engineering/claude-think-tool), our custom Think tool is a scratchpad where the AI Agent action can plan its course of execution before implementation, improving its overall accuracy. The Think tool works with both built-in and custom AI providers. **Does Tines capture an audit log of the tasks that the AI Agent action performs?** Yes. Tenant owners can also view an AI run-time credit usage report via the Reporting tab. **Can I expect a consistent output based on the prompt provided to the AI Agent action?** If you are providing a prompt and expect the exact same output for each execution, we recommend using a more deterministic approach (manual building or utilizing the [Automatic mode](https://www.tines.com/docs/actions/types/event-transformation/automatic/) of the Event Transform action) vs. an agentic one. **How many Tools can I connect to an AI Agent action?** You can connect as many **Tools** as you need per agent. You can also use **Custom Tools**, and delegate specialized tasks within them. **Can I run the AI Agent action in my Personal team?** No, the AI Agent action cannot run in a personal team. **Why does my AI agent action in task mode appear to use a different AI model when I add a tool?** When an AI agent action is configured in task mode without any tools, it defaults to a cheaper AI model to keep costs low. Once you add at least one tool to the configuration, the agent automatically switches to the smart model to handle the increased complexity that comes with tool use. This model-switching behavior is by design — it ensures you're only using the more powerful (and more expensive) model when it's actually needed. * * * ## Pricing **How much does the AI Agent action cost?** For more information on Tines' pricing, check out [our pricing and packaging article](https://explained.tines.com/en/articles/9620399-understanding-tines-pricing-and-packaging). **How can I add more AI run-time credits to use the AI Agent action?** For more information on how to add AI run-time credits to your plan, check out our [AI credits article](https://explained.tines.com/en/articles/12801399-ai-usage-and-credits). **How can I see the current AI run-time credit usage in my tenant?** Run-time credits can be allocated to specific Teams in the tenant **AI settings** section to curb usage. When credit usage is nearing its limit, as well as when a team has run out of credits, an email will be sent to the tenant owner. **Will stories using agents count towards a tenant's flow limits?** Yes, a story utilizing the AI Agent action will count as a flow against the licensing of your Tines plan. * * * ## Resources **How do I get started with the AI Agent action?** Check out our [get started article](https://explained.tines.com/en/articles/11541238-get-started-with-ai-agents) to learn more! **Are there pre-built prompts available for the AI Agent action?** Yes, you can find story templates using the AI Agent action in our [Library](http://www.tines.com/library/product-features/ai-agents). **Where can I find additional resources on the AI Agent action?** - Tines Blog: [Introducing the AI Agent action](https://www.tines.com/blog/introducing-ai-agents/) - Tines Platform: [Agents](https://www.tines.com/platform/agents/) - Tines University: [AI Agent action](https://www.tines.com/university/builder-ai/ai-agent-action/) - [Introduction to AI Agents](https://explained.tines.com/en/articles/11571096-introduction-to-ai-agents) - [Get started with Agents](https://explained.tines.com/en/articles/11541238-get-started-with-agents) - [Best practices for the AI Agent action](https://explained.tines.com/en/articles/11644147-best-practices-for-the-ai-agent-action) - [Understanding Tines pricing and packaging](https://explained.tines.com/en/articles/9620399-understanding-tines-pricing-and-packaging) ## AI usage and credits > ***Note****: This article pertains to Tines default AI - this does not apply to those who bring their own AI model into Tines. Custom AI models do not use any AI run-time credits.* > > *Tines AI features run based on AI run-time credits available. All plans, including our Community Edition, receive an allocation of monthly credits by default.* Use of AI features are subject to the terms set forth in the AI Addendum available at: [https://www.tines.com/legal/](https://www.tines.com/legal/) ### **Included credits** All plans include a number of monthly AI run-time credits. The number of credits depends on your plan tier. - Community tenants are allocated 50 monthly [AI run-time credits](https://explained.tines.com/en/articles/9398967-what-tines-ai-features-are-available-to-community-users), which do not roll over to the next month. Users can top up Community Edition tenants with more credits. Paid editions of Tines can purchase AI run-time credit add-ons through your Customer Success Manager or directly from the billing page (`.tines.com/settings/billing`). Credits are only deducted when the action successfully runs, i.e. it returns a message. You can check your credit usage and allocations in your settings. [Embedded content](https://demo.arcade.software/OVf1ByHkZP6R59llULgB?embed) ### **Top-up credits** You can purchase additional AI run-time credits directly in-product from the billing page (`.tines.com/settings/billing`) for Tines default AI models. This is available to all Tines users. Top-up credits are only used after your monthly allocation is exhausted and will roll into the next month. > Note: These credits do not expire. They will continue to roll over until they are exhausted. When you top up, you'll see the dollar amount of credits used, and available. One credit equals $0.01. Hover over the dollar amount to see the credit equivalent. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2043615086/fad664f3e32bdc420798a332ec9b/CleanShot+2026-02-09+at+09_42_50%402x.png?expires=1781611200&signature=6274ed1e8ff817a0edb5ad7d25091e147bbab7095863214282f393c72b88b4c4&req=diAjFc9%2FmIFXX%2FMW3nq%2BgXsIJveLLMk1SqIQNMXg3ucabQFiODHAq7DreKpm%0ABEu75KtUSAtB6aIx%2FsVSyFsO63U%3D%0A) #### When do AI run-time credits reset in my Tines tenant? AI credits reset on the first of the month. > 👉 **Explore [AI in Tines](https://explained.tines.com/en/collections/9473753-ai-in-tines) to learn more about our AI offerings.** ## **AI features that use run-time credits** There are three features in Tines that consume AI credits: - [AI Agent action](https://explained.tines.com/en/articles/11571096-introduction-to-ai-agents) - [Workbench](https://explained.tines.com/en/articles/9822635-introduction-to-workbench) - [Workbench for Storyboard](https://explained.tines.com/en/articles/13572150-introduction-to-story-copilot) ### **How credits are calculated** Credits are deducted based on the actual amount charged by AWS, not a fixed amount per execution. We are charged every time data is sent to the LLM provider and returned from the LLM provider. | AI Agent action (no tools) | Credits are deducted based on the volume of input and output data passed through the action - this is calculated each time the action runs | | --- | --- | | AI Agent action (tools and/or chat mode) | Credits are deducted for each conversation entry (cycle of data input, tool use, etc.) | | Workbench | Credits are deducted for each message or tool use | > Note: Adding tools to a Task mode agent switches it to the smart model, which may result in higher credit usage per run. *When you use the AI Agent action type without any tools (similar to our legacy AI action)*, you'll typically use fewer credits than in the past since we only subtract credits for what is consumed rather than a flat per-execution cost. Since agents can use much larger context windows and can run multiple cycles, complex agents can consume a significant number of credits. To understand the costs we're incurring and get a relative idea of the cost per execution, [review this AWS Bedrock documentation](https://aws.amazon.com/bedrock/pricing/) and [OpenAI's documentation](https://developers.openai.com/api/docs/pricing). ### **What if I run out of credits?** You trust us with your most important workflows, so we protect those workflows and provide warnings when you're nearing your credit limit. You can monitor your credit usage in Reporting and track usage by team in the AI settings modal. Tines provides notifications when your team approaches credit thresholds. It is your responsibility to monitor usage and manage consumption to avoid disruption. Credit exhaustion may result in paused AI executions until credits are restored. For billing predictability, we do not allow your credits to exceed your purchased amount. Additional credits are available for purchase at any time. ### **Available models** You can choose from multiple LLMs including Anthropic Claude models, OpenAI GPT models, and Amazon Nova models. We're expanding model support as AWS Bedrock and OpenAI add new options. Models will differ depending on the AWS region that your Tines instance is hosted in. Business and enterprise customers can bring their own AI model to Tines. Learn more [here](https://www.tines.com/docs/admin/ai/). You can check the cost of each model per credit and dollar amount in your settings. Head to your AI settings, and click `Configure` under 'Providers'. Within the pricing tab, you'll be able to see a breakdown of the cost consumption per model. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2078520022/8d4f1d68f47453b96157381dda34/AI+Cost.png?expires=1781611200&signature=bd805c6282e8efa77148c2f62f7646aa454d973deee33ca5128149cac77c2279&req=diAgHsx8nYFdW%2FMW3nq%2BgfDNTUv4DTchhie0a1tI1HC93hc7Sz2WqDTkMWkf%0A6prP0onRmIwIVP20R9%2FvA7o6tqY%3D%0A) ### **Rate limits** For optimal performance, we rate limit by action runs per tenant per minute: - Tines AI Provider, tenant in eu-west-1: 80 runs per minute - Tines AI Provider, otherwise: 200 runs per minute - Own AI provider: 1,000 runs per minute These rate limits are subject to change at Tines’ discretion to ensure system integrity. > **Tip:** To check where your tenant is hosted, append `/info` to your tenant URL. > The URL should look like this: [`https://acme-corp.tines.com/info`](https://acme-corp.tines.com/info) ## ANY.RUN Authentication Guide ANY.RUN is a malware analysis service ideal for public use by independent professionals, individual studies, and personal projects. Here's our guide for authenticating with ANY.RUN using Tines. ### First, get an ANY.RUN API key 1. Go to [https://any.run/](https://any.run/). 2. Login or sign-up. 3. On the left side panel, click **Profile.** ![](https://downloads.intercomcdn.com/i/o/752130333/cef9a4dada3aab18358a0b19/image.png?expires=1781611200&signature=3021e74cbc4486f6b60891f159307fa92866c65c2583cf2a86722aa35ab22103&req=cyUlF8p%2BnoJcFb4V1XW4gUkjFUBc%2Fn8WW9JH2JxfaW1dR534oYv2Np3YrLfE%0APfiukOak%2FPe1DHeRPmhwUt0%2FVA%3D%3D%0A) 4. Click **API and Limits.** ![](https://downloads.intercomcdn.com/i/o/752130565/ad998abbc40193fd7fc494a5/image.png?expires=1781611200&signature=abe3dc018ab3a037c7d33751e26333d2a6da34039ef07f7a0b049921acc02c68&req=cyUlF8p%2BmIdaFb4V1XW4gSB0TdmNMijf9dkVgaXyGPZbC0dLDFpb%2FK0yz%2BPo%0AtYUpRyagb0OYbc1sqSfoX8PWpQ%3D%3D%0A) 5. Click **Generate** and copy the API key**.** ![](https://downloads.intercomcdn.com/i/o/752130997/775d7419f608c7ef61bd3740/image.png?expires=1781611200&signature=bb37913b899d52105ecb611f5a1702a768c807d3ab0ad12827bc45b6e0992283&req=cyUlF8p%2BlIhYFb4V1XW4gWo4RR4%2FBNd2KOi4yfwn1mZFY0j9V3C35X0c91Q%2B%0AraFxgPfeSxH6nItCVKZ9Lo6VsA%3D%3D%0A) ### Then, create an ANY.RUN credential in Tines ANY.RUN **connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "ANY.RUN" and follow the prompts to connect. **Manual credential creation** This method is not recommended as the ANY.RUN connect flow creates this credential with much less complexity. However, if you need to create this credential set manually, see the following steps below: 1. Click "+ New Credential" and select "Text" 2. Input the values for the ANY.RUN credential 1. **Name:** Required 2. **Description:** Optional 3. **Value:** Your copied API key value 1. **Domains:** api.any.run 2. **Access:** What other teams can also use the API > Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/any-run). > > For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines). > > You can find a selection of ANY.RUN stories in the [story library](https://www.tines.com/story-library?s=any.run). ## APIVoid Authentication Guide APIVoid provides JSON APIs useful for cyber threat analysis, threat detection and threat prevention, reducing and automating the manual work of security analysts. ### First, get an APIVoid API key 1. Go to [https://www.apivoid.com/](https://www.apivoid.com/). 2. Login or sign-up. 3. Click **My API Keys.** ![](https://downloads.intercomcdn.com/i/o/752140115/2d2076c55d2faaa56304f573/image.png?expires=1781416800&signature=98263f8c84c6f41a8617fa628c03e78a0ddea3d98a81b48578464d5e867f9dcd&req=cyUlF81%2BnIBaFb4V1XW4ge6dOEYgoP0MPY4VoMYNOwmZeMUv72GmWbQoIyAL%0AZFm7XNvw9SaIZI1hsXkXMuuXiw%3D%3D%0A) 4. Click **Add API Key** and copy the API key**.** ![](https://downloads.intercomcdn.com/i/o/752140501/436da2601607fb80a82d1e71/image.png?expires=1781416800&signature=afb75c1da38fcdca85784edca109eda4a0a3178246da381e71d649b4016a993d&req=cyUlF81%2BmIFeFb4V1XW4gSv9qDN6y69MC98SuYj%2BxguYDSXe97poj1mra9F6%0A2LY4CKSy812ziOzG5YcErhuNyw%3D%3D%0A) ### Then, create an APIVoid credential in Tines **APIVoid connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "APIVoid" and follow the prompts to connect. **Manual credential creation** This method is not recommended as the APIVoid connect flow creates this credential with much less complexity. However, if you need to create this credential set manually, see the following steps below: 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credential" 3. Click "+ New Credential" and select "Text" 4. Input the values for the credential 1. **Name:** Required 2. **Description:** Optional 3. **Value:** API Key 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API > Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/apivoid). > > For more on creating credentials in Tines click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines). > > You can find a selection of APIVoid stories in the [story library](https://www.tines.com/story-library?s=apivoid&page=1) ## Apps in Tines Apps let you build custom, interactive front ends for your Tines workflows in minutes, without needing a dedicated development team. Whether you want a simple intake form or a full-featured internal tool, Apps give you a polished UI that connects directly to your existing stories and automations. ## What an App is made of Every App has three parts: - **UI surfaces** - the visual interface your users interact with - **A React codebase** - the underlying code that powers the App, which you can read, edit, and extend at any time - **App endpoints** - the connections between your App and your Tines stories ## How Apps are built Apps are powered by **Workbench**, Tines' AI assistant. You describe what you want in plain language and Workbench generates a full React application for you. You can keep prompting to refine it, or dive into the code directly - it's your choice. > Read more about Workbench [here](https://explained.tines.com/en/articles/9822635-introduction-to-workbench). **The App editor gives you three main views:** | View | What it's for | | --- | --- | | Preview | See the visual output of your App and interact with it in real time | | Code | Browse files, search the codebase, and edit code directly | | Endpoints | Connect your App to Tines data and workflows | You're never locked into the AI-generated output. You have full control over the React code, styling, and package dependencies at all times. ## Getting started 1. Apps live in the main navigation in Tines. 2. Open the Apps section from the main navigation. 3. You'll see a list of any Apps you've already created. 4. Click "New" to start building a new App. ​ ![](https://downloads.intercomcdn.com/i/o/am0g137l/2470460789/16daff6727458c1d0037483073e7/CleanShot+2026-06-11+at+14_56_05.png?expires=1781611200&signature=171107bc7b20d32d2fb0a42ff6b4c32e08150dc57f8fbd87ac3fc84e72e83c77&req=diQgFs14nYZXUPMW3nq%2BgcYb9c2i2TUyoDEKQsZVC2JnfO78zPb2uI0PIXJ3%0AvBwyLI0zL4ZdA6q%2FHwha2trbsjc%3D%0A) 5. Describe what you want in the Workbench prompt - Tines will generate a React app for you. 6. Use the Preview, Code, and Endpoints tabs to refine your App and connect it to your stories. ​ ![](https://downloads.intercomcdn.com/i/o/am0g137l/2470483046/7d4ea2ab32e3dc8cc167baadb1e3/apps+views.gif?expires=1781611200&signature=a2d3c5ae3b3f0e6e75668298f1142163959dc487c48a18ba0be171d1245ff90f&req=diQgFs12noFbX%2FMW3nq%2Bgd%2Blf2MTi04KML3mthtzd0J9SVvg3wc9OoyF1ALR%0AdA4x5nUlb1aP1ZxERfRM50yxbwQ%3D%0A) 7. When you're ready, publish your App to make it available to users. From there, you can explore building out more complex Apps, managing versions, and configuring admin settings to control access and distribution. ## Connecting to your workflows with endpoints Endpoints are how your App talks to Tines. Each endpoint links your App to a story, letting you send data to a workflow or receive data back from one. A single App can connect to one story or many, so you can pull together data and automations from across your tenant into one coherent experience. ## Publishing and versioning Apps include a built-in manual versioning system, so you decide when changes go live. - **Publish** an App to create a stable version that your users can access - **Revert** to a previous version if you need to roll back a change This means you can iterate and experiment freely without worrying about pushing broken changes to your users. ## Aqua Security Authentication Guide Aqua Security is the largest pure-play cloud-native security company, allowing customers to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure, and secure running workloads wherever they are deployed. To create an Aqua credential, you will need your Aqua: - `userid` - Ensure that your `userid` has sufficient privileges to access the relevant API endpoints - `password` ## Create an Aqua resource and credentials in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Resource" 3. Click "+ New Resource" 4. Input the values for the Aqua resource - **Name:** "aqua\_userid" - **Description:** Optional - **Builder:** Your userid 5. **Optional** - **Access:** What other teams can also use the resource 6. Click "Save resource" You will need to create two credentials: - One Text type: "aqua\_password" - One HTTP request type: "aqua\_api" ##### Text type 1. Navigate to the team that will be using the API and click "Credentials" 2. Click "+ New Credential" and select "Text" 3. Input the values for the Aqua credential 1. **Name:** "aqua\_password" 2. **Description:** Optional 3. **Value:** Your password 4. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API 5. Click "Save" ##### HTTP request type 1. Click "+ New Credential" and select "HTTP Request" 2. Input the values for the Aqua credential 1. **Name:** "aqua\_api" 2. **Description:** Optional 3. **URL:** The URL for your [region](https://support.aquasec.com/support/solutions/articles/16000127855-how-to-authenticate-to-the-enterprise-api-in-the-cspm-platform), e.g. `https://eu-1.api.cloudsploit.com/v2/signin` 4. **Content Type:** JSON 5. **Method:** post 6. **Payload:** Copy the below object and paste it into the "Plain code" section: ​ ``` { "email": "<>", "password": "<>" } ``` 7. Click "Run options", navigate to the `token` key and double-click on the key 8. **Location of token from response:** Paste the path to the token in the value pill, i.e. `<>` 3. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains 2. **Access:** What other teams can also use the API 4. Click "Save" Your credential should look like the following: ![](https://downloads.intercomcdn.com/i/o/859327797/90b1edcd16e419520e84670f/image.png?expires=1781611200&signature=691da2ef2ed35f425e1baa6b3f6d90e250140c056986c62ba648c252d3e181bd&req=fCUuFct5mohYFb4V1XW4gQSzz5JJjlbEOx08pXFP4buTN640f83ujdG6IylL%0Az9uPtMpYvN15S4wdUucOjnVJJQ%3D%3D%0A) ![](https://downloads.intercomcdn.com/i/o/859327875/53bd1a34ac13f1703ea16db8/image.png?expires=1781611200&signature=8e28a32796a8389c8b7471365900759324858fc0bb0d0e53f1896f6add5a95d6&req=fCUuFct5lYZaFb4V1XW4gUltYkj%2B8oV7yXXpEOqQN8BeiENhv%2Bbx16jCvTGv%0AFrOvzbtmo9NBH2NpDqXxOjI58g%3D%3D%0A) ![](https://downloads.intercomcdn.com/i/o/859327967/8fc23b27f9b03c918149ca49/image.png?expires=1781611200&signature=bf96bb9fc239d9d48cb322fab7510c57e11d8fcc8abd29f87833e0448f6a3b1d&req=fCUuFct5lIdYFb4V1XW4gWvR%2FTdlb17oGSpnOHsCBuIA7rxkBQuWV8VCxvbi%0A7Sja2bu4T9tn6COqb4wHYxdlug%3D%3D%0A) > **More on creating credentials in Tines [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can also find a selection of Aqua stories in the [story library](https://www.tines.com/library?view=all&s=aqua).** ## Are rules checked in a particular order in a Trigger action? If you have multiple rules as part of a Trigger action, they are not checked in any particular order. By default, all rules must match for the action to emit an event. If you wish to match only a subset of the rules, for example, two of three rules, you can set that value in must\_match. > **To learn more about trigger actions, [see here](https://www.tines.com/docs/actions/types/trigger).** ## Are there any rate limits for webhooks in Tines? The limit rate limit for Webhooks in Tines is three thousand per minute. If you exceed this number, you may encounter error 429. > **To learn more about webhook actions, [see here](https://www.tines.com/docs/actions/types/webhook)**. ## Armis Authentication Guide The Armis Asset Intelligence Platform discovers and analyzes all enterprise digital assets—hardware, software, cloud or virtual--from traditional devices like laptops and smartphones to cloud workloads and new unmanaged IoT devices like smart TVs, webcams, printers, HVAC systems, Industrial Control Systems, medical devices and more. Armis discovers all asset types, provides context about them (owner, location, dependencies, vulnerabilities) and continuously analyzes their behavior to identify both operational and cyber risks to protect them against cyber attacks. ## First, get a Armis API Secret Key 1. Login to your Armis account at `https://.armis.com/login` 2. Click "Settings" and then "API Management" ​ ​ ![](https://downloads.intercomcdn.com/i/o/860289163/6d500e9b0e78f9302d64b06f/image.png?expires=1781611200&signature=722c00815585d079728b61e1d9a7a95fab9f43a6e112c3ba1d03f434cdfb095a&req=fCYnFMF3nIdcFb4V1XW4gSkWuQtfapqMTo%2BV58DEmN6qikQAlSmhZgvvSHGT%0AWPlSRQ4ycykTMTeOSnjVa8jaGQ%3D%3D%0A) ​ 3. Click "Create" ​ ​ ![](https://downloads.intercomcdn.com/i/o/860292107/801dd0370a45a8b90172ed18/image.png?expires=1781611200&signature=241b3d7e0194368dc563ac4153c91db702149f90af06294addc0fa0f02e410d3&req=fCYnFMB8nIFYFb4V1XW4gcc0eqHVlpoXwgwfFDp4gnGN35pchZBeSQcG7jkO%0AltPUv1FcJT1Nz6MMGZWE2z3d0w%3D%3D%0A) ​ 4. Copy your "API Secret Key" to a text editor and click "OK" ​ ![](https://downloads.intercomcdn.com/i/o/860292556/0c74e9b5d912bb5401e88349/image.png?expires=1781611200&signature=e169eb804627cd0109ea2581a64b5d1d74ec4c6cc53b71d8a54ff6652504d622&req=fCYnFMB8mIRZFb4V1XW4geTsoUB7zP8UEQrx86LNFXiuIIeVnk5%2FSM81bJtV%0AOBRLQxZiYKNqOVymwTiJ%2BZec2Q%3D%3D%0A) ​ ## Lastly, create Armis credentials in Tines **Armis connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Armis" and follow the prompts to connect. > **Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/armis).** > > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Armis** **stories in the [story library](https://www.tines.com/library?s=armis&view=all)** ## Asana Authentication Guide Asana is a project management tool for those looking for a type of software that can keep track of the important and necessary tasks related to your business that you need to accomplish in a given timeframe. It's a project management software that may help you and your team become more organized and prepared for anything. ## First, get an Asana Access Token 1. Login to the Asana Developer Portal 2. Click on the user menu and then click "Settings" ​ ​ ![](https://downloads.intercomcdn.com/i/o/943215200/92a13f6c4dfade56d3f374da/image.png?expires=1781611200&signature=a6c530ff903d456032a2f79bc96b37e0cd58e1892f7e6fcc3501eb76ebb5e647&req=fSQkFMh7n4FfFb4V1XW4gajALmgnnfCBc0GK22xrA8O0uzKSjUq1L94%2F3BLh%0AehtVZJdEZeso4u%2BNU9OUT%2BqBYg%3D%3D%0A) ​ 3. Click on "Apps" and then click "Manage Developer Apps" ​ ​ ![](https://downloads.intercomcdn.com/i/o/943215727/282cbae423be9dfe0c2179f5/image.png?expires=1781611200&signature=9d16cfe5769681b3a92e4188bb89b0690fa9b03b4a0eb8e832dce0d2baa2880b&req=fSQkFMh7moNYFb4V1XW4gQ1KPd923J%2FXx9wLF%2BWvHhEXvIgu6DNGJDGkDB7g%0A8GpTzOEr0Il52lnphwAKNS8x4g%3D%3D%0A) ​ 4. Click "+ Create new token" ​ ​ ![](https://downloads.intercomcdn.com/i/o/943216122/36106357116fff23f81bff6c/image.png?expires=1781611200&signature=32dff026e75a96fb518e385b0a66e7f92701da4ecbe11d9a1a3972f8faf016ff&req=fSQkFMh4nINdFb4V1XW4gXR7GJUoUqtOlfQe2baSdvUVEL55oQhsDxmdPCp4%0Aq%2FAD2skFdJipg0HS%2Fio1Bl7k6A%3D%3D%0A) ​ 5. Name the token, agree to the terms and click "Create token" ​ ​ ![](https://downloads.intercomcdn.com/i/o/943218081/7df11e96a3627c127370ac71/image.png?expires=1781611200&signature=5ddcb1e8fb7477078002f1dcb5b77912e11e19e214c85ede846938300623670b&req=fSQkFMh2nYleFb4V1XW4gWyn%2FIQLnsnAVSGcwHIfZm5Dm519VD2x78c%2B5pMI%0ANs95Q9zWBH2UuHs%2BDNYH93CHNA%3D%3D%0A) ​ 6. Copy your token to a text editor and click "Done" ​ ​ ![](https://downloads.intercomcdn.com/i/o/943217745/4fd3b1f365e764316a2778ca/image.png?expires=1781611200&signature=4d701caa6ca4773251e6ff731e5fd435ab81207834fc4ee074ab107eadd10608&req=fSQkFMh5moVaFb4V1XW4gYrVhUtocn8y0fA32RX5UBNj7DRAPSFwTncGuBQr%0AxEj%2BIidAUuWeLmMXeEpln7%2F%2FPw%3D%3D%0A) ## Lastly, create an Asana credential in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Text" 4. Input the values for the Asana credential 1. **Name:** Asana 2. **Description:** Optional 3. **Value:** Your Access Token 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API 6. Click "Save" > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Asana** **stories in the [story library](https://www.tines.com/library?s=asana&view=all)** ## Automox Authentication Guide Automox is a comprehensive toolkit for IT Ops teams. It's built to automate the tedious work of patching, configuring, tracking inventory, and reporting the vulnerability status of all your corporate devices – Windows, Mac, or Linux – regardless of the device's location or domain. ### First, get an Automox API key 1. Login to your Automox account at [https://console.automox.com/](https://console.automox.com/) 2. Click on the ellipsis and select "Keys" ​ ![](https://downloads.intercomcdn.com/i/o/848725956/465dfe8bd25f7d7e4e1ea5b6/image.png?expires=1781611200&signature=48ee38729b039aecd9ec6a97a71827daa9578483bd60134ad7d7a04c9bafe4e3&req=fCQvEct7lIRZFb4V1XW4gXRHQ5bKOzPOTdaZx6WZEOCk2tCsXoU905LtBnmg%0AhdQulb8l4SsuQb9%2B30%2FR%2BSYmDg%3D%3D%0A) ​ 3. Click "ADD" under "API Keys" ​ ![](https://downloads.intercomcdn.com/i/o/848727203/001c9481dd2e3dd7242d1ec6/image.png?expires=1781611200&signature=f07f3d5df843b80c7a7d2f91849b5fc3191c0874c8bf3e21661f1115302dd5ce&req=fCQvEct5n4FcFb4V1XW4gdXpNwKwsosFXBjf2NIN1uUnni3htLAnXOP14jgT%0AmYpHjh5BKgwowunlijc6jCg78Q%3D%3D%0A) ​ 4. Name the API Key, set an expiration date and click "CREATE" ​ ![](https://downloads.intercomcdn.com/i/o/848729328/aba37cb29fcee4b79a35b21f/image.png?expires=1781611200&signature=44099b890edc3861ecd256594249e887f97b9a28fbf87a9645ff8917bad7ab72&req=fCQvEct3noNXFb4V1XW4geq8yb7W30KAGqBGpGhiQ9h8nsBQ6OLYHCBTjkMq%0AcWj2HVlJ0xvX4RBtdaDb%2F5Z8AA%3D%3D%0A) ​ 5. Copy your "API Key" ​ ![](https://downloads.intercomcdn.com/i/o/848731648/1b918a39f7e3565651073886/image.png?expires=1781611200&signature=a5a1ba51bee09e2faff10d33639da3a59d1477ce989807beba46045a265d279c&req=fCQvEcp%2Fm4VXFb4V1XW4gXCsiAA2Oqo%2FTxASFG%2FSNnur7CviNLphZ3uI3vud%0AzRbrhcXz9LUTN8cvFfrJ2qcQUQ%3D%3D%0A) ### Lastly, create an Automox credential in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credential" 3. Click "+ New Credential" and select "Text" 4. Input the values for the Automox credential 1. **Name:** Automox 2. **Description:** Optional 3. **Value:** Your API Key 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API 6. Click "Save" > **For more on creating credentials in Tines click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Automox stories in the [story library](https://www.tines.com/library?s=automox&view=all)** ## Azure Authentication Guide Azure, officially known as Microsoft Azure, is a cloud computing service created by Microsoft for building, deploying, testing, and managing applications and services through a global network of Microsoft-managed data centers. Azure provides various cloud-based services and resources to help organizations build, implement, and scale applications and infrastructure solutions. These include: - compute power - storage - analytics - databases - AI - machine learning - networking - security features ### First, create an Azure application 1. Login to your existing [Azure](https://login.microsoftonline.com/) account or [sign up](https://signup.live.com/signup) if you haven't already signed up 2. Next, you'll need to register a new Azure application in [app registrations](https://portal.azure.com/#view/Microsoft_AAD_RegisteredApps/CreateApplicationBlade/quickStartType~/null/isMSAApp~/false). ​ ![](https://downloads.intercomcdn.com/i/o/734622865/08fa2af071125de531536c03/Azure+2.png?expires=1781611200&signature=92c1edc892a8808326b066dc70b820df36efe684d60dfdf2ea237135f0ec9c00&req=cyMjEMt8lYdaFb4V1XW4gVisv%2FWIzyea2QAGMsIQo7d9V2twONTO0K5SR%2FGg%0ACR3o3%2B5Hd12jO94NApVo1h1Ydw%3D%3D%0A) ​ 3. Next, in your application, navigate to Certificates & secrets > Client secrets and click on the "New client secret" button to create a client secret. Copy the secret to use later. ​ ![](https://downloads.intercomcdn.com/i/o/799218339/46ec0af21a09f76a0b01cb86/image.png?expires=1781611200&signature=b56ecf1b436b95c04b533a732b8f77186581a42c8f5d3d5a57ee3cc87d1df9a1&req=cykuFMh2noJWFb4V1XW4gfJ8EvZIbTx9Oxo7%2BhMaBNVIyPZmC9dcF%2Br%2FoyUw%0AzOTTiS%2B0NUfnqczHg6P9zuliOQ%3D%3D%0A) ​ 4. Next, navigate to API permissions and click on "Add a permission" to add the required permission depending what API you are using (see [Microsoft Azure API reference](https://learn.microsoft.com/en-us/rest/api/azure/)). ​ ![](https://downloads.intercomcdn.com/i/o/799218805/af8679c35a950913cdfa922d/image.png?expires=1781611200&signature=efc8614083a4a5df70fe35a2a32228ec093003dcd8133591de06b2be74ce23fb&req=cykuFMh2lYFaFb4V1XW4gdeuzUKzEPT1oP%2BUI5oUHINR6Nh04%2BT60lo06DFV%0A0nPJf1Idg0zuAuYmtrEsTYx9hg%3D%3D%0A) ​ 5. Next, from the Azure portal, navigate to Subscriptions and click "Add" to create a subscription if you don't already have one (see [Microsoft Customer Agreement](https://learn.microsoft.com/en-us/azure/cost-management-billing/manage/create-subscription)). ​ ![](https://downloads.intercomcdn.com/i/o/734624594/4d129a1dedaab15967fe0532/Azure+5.png?expires=1781611200&signature=b9d0b9a8d037c2cd9e373837ffa65c38914226156cf0c1d3f817a2f30fe90b95&req=cyMjEMt6mIhbFb4V1XW4geNR4m%2Bz%2Bf%2BOOx1a8c68P4d1yOxNZ9RGjk%2Bvon5E%0AE0rQb8CO80dwh4%2BNNNi3tFq6dw%3D%3D%0A) ​ 6. Next, under your subscription, navigate to Resource groups and click "Create" to create a resource group if you don't already have one (see [Azure resource groups](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/manage-resource-groups-portal)). ​ ![](https://downloads.intercomcdn.com/i/o/799224708/1ab0f8373106aaa876ed36ac/image.png?expires=1781611200&signature=8cb398075dc6fa5f94d459e6e6822a7d7ece7b034665184067fee8ea1720137a&req=cykuFMt6moFXFb4V1XW4gdMyRJ9P4VC8fMrEq3W7eQNxxV3RDjtfvCuQgNbX%0AZl3iRQhaFjDI%2BzSiVxesJ%2B7VPQ%3D%3D%0A) > **If your application requires role-based access control (RBAC), please follow the steps below (see [What is Azure role-based access control](https://learn.microsoft.com/en-us/azure/role-based-access-control/overview))** ### (Optional) Create a custom role and assign it to an Azure application 1. Under your subscription, navigate to Access Control (IAM), click "Add" and then "Add a custom role" to create a custom role ​ ![](https://downloads.intercomcdn.com/i/o/799230326/572dcd0f21e9cff2280c9a56/image.png?expires=1781611200&signature=b650ad65d91630aa4e8a0fbceebc813d58540aeac29f9a47503dcd9c8916b935&req=cykuFMp%2BnoNZFb4V1XW4gQ4sHbRQ6yI4MEmZlAmIO9jATUBp4Ch5c1lHhgfb%0AOlraehLISiYxyyo9GXWyt%2F3A8g%3D%3D%0A) ​ 2. Name the role and a description, and then click "Permissions" ​ ![](https://downloads.intercomcdn.com/i/o/799231673/76ac7ce0b0c96a6903014d22/image.png?expires=1781611200&signature=e255c99b5f59d76cb721f36eb0b5f53b23f096288dd7c7c4c2dfa6a0f9d85e08&req=cykuFMp%2Fm4ZcFb4V1XW4gVAinlWR7QVRyC6fPcIqJQwFEqo5a7SVpfcoax%2B1%0AMLwUBWGt76djtv9atG03QGRaLA%3D%3D%0A) 3. On the "Permissions" tab, click "Add permissions" to add any permissions. ​ ![](https://downloads.intercomcdn.com/i/o/799233994/a962fef190ea8ed0abaebe68/image.png?expires=1781611200&signature=f0e65ba697fa5a6f65c9d64c8f96c2e956ceeb04d4374f3a21223e342953af08&req=cykuFMp9lIhbFb4V1XW4gUsu4Rubiei779z7A6wlZXLne5cQrVninOV%2B%2BxHV%0AWJlJzumx4bu%2BpI1hvCXp1OWVSg%3D%3D%0A) ​ 4. Alternatively, you can add permissions via the "JSON" tab. On the "JSON" tab, click "Edit" and add your permissions to the actions array. Once you have finished, click "Save". ​ ![](https://downloads.intercomcdn.com/i/o/799232447/de1896be30cf76431fbfad96/image.png?expires=1781611200&signature=40924a3fd62e2563d9fa415bd90e95db2c4f73dd6614bf02261df71874f26c42&req=cykuFMp8mYVYFb4V1XW4gcH9b0XvxFGdGN%2B5tnBwWLv5qHO7346wD7yc3Y%2Ba%0AX2IceC8A0aXAp1hckXAmgHfmeg%3D%3D%0A) ​ ![](https://downloads.intercomcdn.com/i/o/799232527/06763ca40202b7e8dafb45ab/image.png?expires=1781611200&signature=09dcfcfe176018677198f8fb1d0d98c507236e94e748619bbaf17fe0392fedac&req=cykuFMp8mINYFb4V1XW4gaS2Ox%2Fq5%2FvtdSDD4rZZYZx1eTRzqqi%2FLoGTCEt%2B%0AGBqNG7WS2%2FtjznTl6cPkXv3lhw%3D%3D%0A) ​ 5. Click on the "Permissions" tab to see the permissions. ​ ![](https://downloads.intercomcdn.com/i/o/799234736/82399f5b58a34f3a9902fd64/image.png?expires=1781611200&signature=e155ae620477fd478c9654d2e4ab4f0cd67207c81f423bc37aad8ef531402754&req=cykuFMp6moJZFb4V1XW4gZFcmqcnmKPwvbXFwH57urnxod2uWR88etMNll5K%0AnvEG9jIU6%2BNWS0u7l65djcn5lA%3D%3D%0A) ​ 6. Next, click the "Review + Create" button. If you are happy with the role, click "Create". 7. Next, navigate back to Access Control (IAM), click "Add" and then "Add role assignment" to assign the role to your application. ​ ![](https://downloads.intercomcdn.com/i/o/799235923/a6982df466a676d7eec3f3e6/image.png?expires=1781611200&signature=84f4291cadf8dec00db796119079f6e4f90f9813b3829c4532cea97e5a2c27dc&req=cykuFMp7lINcFb4V1XW4gS9noIZNFcvfwXT11nuR7isPfBL8pGq0RIVHka7D%0Am06ZaOEvWdUaing1KhNKqpC5NQ%3D%3D%0A) ​ 8. Search for the role you created, and click on it. Select the "Members" tab and click "+ Select members". ​ ![](https://downloads.intercomcdn.com/i/o/799236708/20610d420cc68bedb2b7b234/image.png?expires=1781611200&signature=973fcacb7be5020d6030484e5672c0c6e287beb422b9912db313399c56ae2a85&req=cykuFMp4moFXFb4V1XW4gewtnWFJ4Qt9LEVmg%2B7O701FrQ%2BHbTXWP69Xuvo9%0AwIn6dLhSpJqCybr8Bl7HqBpEpA%3D%3D%0A) 9. Search for your application, select it, and click "Select". 10. Click on the "Review + Create" button to complete the assignment. ​ ### Next, create an Azure subscription Resource in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Resource" 3. Click "+ New Resource" 4. Input the values for the resource 1. **Name:** Required 2. **Description:** Optional 3. **Builder:** Your Microsoft subscription id ​ ![](https://downloads.intercomcdn.com/i/o/799239764/8707ee7614f5589a5c11c470/image.png?expires=1781611200&signature=6a0e0264bdc36125188ccb52b62e4c8db128e7900b709b4998578a385d6339d9&req=cykuFMp3modbFb4V1XW4gVmvs7woMClX%2BQAU1J74g3qD6oPOS5Dky4H7DegP%0Aiy7YyDjg5c%2FgtYLTAldyhYfsYg%3D%3D%0A) ​ ![](https://downloads.intercomcdn.com/i/o/799239975/954b54342895a306ad47600c/image.png?expires=1781611200&signature=81bbf1dbcef8328e86ad1ea5f54508ef270dbd0630e3c6cd34646136ffeb19bd&req=cykuFMp3lIZaFb4V1XW4gTvlNEhb%2BQHHO4XDQCnVa3qRBvgFpjUTUnHhocXZ%0AP15XZ275L7FXKWU2cLbmF8QdzA%3D%3D%0A) 5. **Optional** 1. **Access:** What other teams can also use the API 6. Click "Save resource" ​ ### Lastly, create an Azure Credential in Tines 1. Login to your Tines account. 2. Select the team using the API and click "Credentials". 3. Click "+ New Credential" and select "HTTP Request"***.*** 4. Input the values for the Azure credential 1. **Name:** Azure 2. **Description:** Optional 3. **URL**: `https://login.microsoftonline.com//oauth2/token` . ​ ![](https://downloads.intercomcdn.com/i/o/799241796/6813603d97a8c06d53c691f9/image.png?expires=1781611200&signature=d73184fd0b5c2809bdb1c3c1d77704f6af1a50fa52ba5c9bd0e52e22c31e7a24&req=cykuFM1%2FmohZFb4V1XW4gSEdSmDAJtF8jKIPYzOP57K5mdx1nL%2BcCgGCOz1j%0ADdYftf4BIxSERzCTmALAB8HEHw%3D%3D%0A) ​ 4. **Content type:** Form 5. **Method:** post 6. **Payload:** { client\_secret: created earlier client\_id: found in your application (see screenshot below) grant\_type: client\_credentials resource: `https://management.core.windows.net/` scope: } ​ ![](https://downloads.intercomcdn.com/i/o/799242722/4a1178190d741cc058cf9a41/image.png?expires=1781611200&signature=c8d132066756acdb2148d8b0f9d206bb12c9a0411562d4547ee3e3a7ce4dded9&req=cykuFM18moNdFb4V1XW4gUkNJHt126XgPmJUQ2CRmW8qdAkmQ%2BJAuI5DubxX%0Aqne5Blx4PZMpWDsBBIH0vrlu0A%3D%3D%0A) You can paste this into the editor by clicking `<> Editor` below the **Headers** section: ``` { "url": "https://login.microsoftonline.com//oauth2/token", "content_type": "form", "method": "post", "payload": { "client_secret": "", "client_id": "", "grant_type": "client_credentials", "resource": "https://management.core.windows.net/", "scope": "offline_access user_impersonation" }, "headers": {} } ``` ​ 5. Click "Run Options" and click the copy button besides `access_token` to copy the path. ​ ![](https://downloads.intercomcdn.com/i/o/799244312/9ac263620c428a6af8266b60/image.png?expires=1781611200&signature=ec39253940c8dc3f7c2f07c0ceb8aa02151a7c635b4bc45d44dfdc081254bcf9&req=cykuFM16noBdFb4V1XW4gTIGZVQsNyqWfmbKyC8Sq4C85Zk1vtARAlhF%2Bkw3%0AAVkmvZ42FKpoVs3eD%2BgWZOQxyA%3D%3D%0A) ​ 6. Next, paste the path to the `access_token` into **Location of token from response**. ​ ![](https://downloads.intercomcdn.com/i/o/799245021/1690fc06a37b7f33bc7724e4/image.png?expires=1781611200&signature=4f496529c0426970de9877e005c37d07611f9028b57add6c000371fc1442ad50&req=cykuFM17nYNeFb4V1XW4gV3rshLirPC7GoEZobpAleBSSLiB%2Fz1KCIdZD4qY%0AcMXjmbpzSatS9BREra2N9baO3g%3D%3D%0A) ​ 7. Click "Save". ​ > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Azure stories in the [story library](https://www.tines.com/story-library?s=azure).** ### Using the resource and credential in an action When making requests to Azure, you can use the resource you created for your Microsoft subscription ID. ​ ``` https://management.azure.com/subscriptions/<>/providers/Microsoft.Compute/virtualMachines?api-version=2022-11-01 ``` The Header configuration for your Azure credential should be: ``` "Authorization": "Bearer <>" ``` Putting it all together, here is an example Azure action you can copy and paste onto your storyboard in Tines: ``` {"standardLibVersion":"32","actionRuntimeVersion":"4","agents":[{"disabled":false,"name":"List virtual machines in Azure","description":null,"options":"{\"url\":\"https://management.azure.com/subscriptions/<>/providers/Microsoft.Compute/virtualMachines?api-version=2022-11-01\",\"content_type\":\"application_json\",\"method\":\"get\",\"headers\":{\"Authorization\":\"Bearer <>\"}}","position":{"x":780,"y":405},"schedule":[],"type":"httpRequest","timeSavedUnit":"minutes","timeSavedValue":0,"monitorAllEvents":false,"monitorFailures":false,"monitorNoEventsEmitted":null,"recordType":null,"recordWriters":[],"form":null,"cardIconName":null,"createdFromTemplateGuid":null,"createdFromTemplateVersion":null,"originStoryIdentifier":"cloud:d521f765a49c72507257a2620612ee96:94658be8f4ee4b5627ed7fbcbe2fd4be"}],"links":[],"diagramNotes":[]} ``` ## BambooHR Authentication Guide BambooHR is an employee experience software that allows you to track time off, sick leave, benefits, onboarding, and more. Here's our guide on how to authenticate BambooHR for use with Tines. ## First, get a BambooHR API key: 1. Navigate to `https://www.<>.bamboohr.com/home` and log into your account 2. In the top right-hand corner of the screen, click on your profile and then "API Keys" ![](https://downloads.intercomcdn.com/i/o/757172745/c26bb8cf1bebeec42e1571d5/image.png?expires=1781611200&signature=befba87ff0b70b4dec0c4ee478f8afcde3e6c6b71dd8036c3e4b3592ee668524&req=cyUgF858moVaFb4V1XW4getlr0UggUMHshBiJJx3CcuWrUZ7jrkx5OXkeFCZ%0AXcCf2wgFAKYxPdmzZbCe7DieIg%3D%3D%0A) 3. Click "Add New Key", name your key and click "Generate Key" 4. Click "COPY KEY" to copy the key to the clipboard and click "Done" ## Then, create a BambooHR credential in Tines **BambooHR connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "BambooHR" and follow the prompts to connect. **Manual credential creation** This method is not recommended as the BambooHR connect flow creates this credential with much less complexity. However, if you need to create this credential set manually, see the following steps below: 1. Click "+ New Credential" and select "Text" 2. Input the values for the BambooHR credential 1. **Name:** Required 2. **Description:** Optional 3. **Value:** Your copied API key value 3. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API > Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/bamboohr). > > For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines). > > You can find a selection of BambooHR stories in the [story library](https://www.tines.com/story-library?s=bamboo) ## Best practices for Automatic mode ## Overview The [Automatic mode of the Event Transform action](https://www.tines.com/docs/actions/types/event-transformation/automatic) is powered by AI. Here, we’ll guide you through how to best guide the AI to iteratively build what you need. ## Best practices Providing guidance to the AI is just like asking a real person for help: the clearer and simpler your request, the better the outcome is likely to be. ### Explain the input As well as your guidance, the AI will examine the input data. But you can augment its understanding of the data. For example, you might say “the input contains a base64-encoded image”, to give the AI context on what it’s dealing with. ### **Break down into steps** If you think the AI will need to do several things in serial to achieve your outcome, tell it. For example, you might say “First remove any blank values from the list. Then, format each value as a dollar value.”. ### **Be clear about the output you want** For simple outputs, use plain English (“return the severity of the alert”). For more complex data structures, type out an example of the shape of the data to be returned, e.g. with JSON. ### **Check your work** If you’re not achieving the results you expect, chances are your guidance is not clear enough. Read it as though you were the person answering the request, and tweak anything that feels potentially vague or confusing. Most importantly, great guidance is obtained through *iteration*. ### Iterating on guidance Instead of trying to get your guidance right in one go, it’s best to start simple and work your way to the output you need. We’ve designed our system to author and run the underlying code very quickly, so you get the feedback you need to iterate towards success. ### **Start small** Before you even start thinking about what output you need, consider providing generic guidance to get started, like “summarize the input”. This will give you some initial confidence that the AI is receiving and understanding the data you’re providing. If your transformation involves several steps, perhaps start with the first step on its own – e.g. “remove all blank values”. Or, if your transformation is a complex analysis of a list of data points, start with a simple version – e.g. “count the items in the list”. ### **Experiment safely** The automatic mode editor is a playground: your changes do not take effect until you press “save”. Until then, any changes or errors you introduce are safely detached from your workflow. As you iterate on your guidance, you’ll often see errors or mistakes. Each time you spot something going wrong, think about how to experiment to improve your guidance. And don’t worry: you won’t lose your work – you can always [go back and forth through your guidance history](https://www.tines.com/docs/actions/types/event-transformation/automatic). ### **Read the code (if you want)** Automatic mode does not require you to be able to read or write code. But glancing at the code can give you hints on where the AI may be misunderstanding you. Even if you’re not a programmer, go ahead and take a look – you might be surprised at your ability to help the AI, by looking at how it has modeled the task at hand. ### **If in doubt, rewrite** Just like when speaking to another human, sometimes the AI won’t catch your drift. Try replacing a sentence with another way of saying the same thing, and see if you can make your intent a little clearer that way. ## Best practices for building and maintaining stories ## Overview Building high-quality, reliable [stories](https://www.tines.com/docs/stories/) in Tines starts with following a set of consistent best practices. This guide outlines key recommendations for naming, documentation, testing, and change control. These are all designed to make your stories easier to manage, safer to run, and more effective over time. ## Best practices ### Enable change control Enforce [change control](https://www.tines.com/docs/stories/change-control/) tenant-wide, using drafts as the "development" environment and the live version of the story as the “production” environment for each story. Require change control approvers to follow a standardized checklist of best practices when reviewing changes. Ensure that all branches of a story can be tested using the [saved story runs feature](https://www.tines.com/docs/stories/story-runs/#save-story-runs). This mirrors a proven software development workflow, reducing the risk of breaking changes in production. It ensures every update is reviewed and tested before being deployed, creating a safer and more predictable environment for automation. ### Establish standards for story building Enforce a standardization for the creation of stories with the following recommendations: - The story name is descriptive and concisely covers the usage. Whitespace and symbols are allowed (even encouraged) for readability. For example: *Proofpoint - Phishing Ticket Creation* - The story description should expand on the story's name and include details such as the creator/author(s), inputs, outputs, limitations, and expected usages. The story description should ideally cover ("It" being the story): - "*It's designed to...*" - "*It looks for...*" - "*It depends on...*" - Authors - Name each action uniquely to reflect its purpose in your story. - Enable [action/story monitoring](https://explained.tines.com/en/articles/7733319-how-can-i-monitor-actions-in-tines). - Align your actions so that they follow the path of your story (you can also utilize the Tidy feature). - Use story tags to help identify the story's usage concisely and trackably. Use tags for topics like certain use cases, frequency of use, and priority. - Utilize [note](https://www.tines.com/docs/stories/notes/) tiles throughout the story to explain the functionality for each step. ### Audit stories Build a Tines story to regularly audit stories for best practices on a daily or weekly cadence. Automated audits help catch issues early and consistently, ensuring that stories continue to meet your standards over time, not just at the time of creation. ## Additional resources - [Optimizing Tines Stories - Tips and Tricks for Building Efficiently](https://www.tines.com/blog/optimizing-tines-building-efficiently/) - [How to Optimize Tines Stories - Tips and Tricks for Managing Stories Efficiently](https://www.tines.com/blog/how-to-optimize-tines-stories-managing-stories/) - [Tines security best practices](https://www.tines.com/tines-security-best-practices/) ## Best practices for cases ## Overview Cases are a collaborative interface where you can investigate, remediate, and report on incidents all in real-time. Whether you're running down a security incident, managing a support request, triaging a flood of alerts, or coordinating an operational task, cases can flex to your needs. ## Best practices ### Case templates & data capture Creating cases at the earliest point in your detection pipeline ensures no context is lost and reduces the time between detection and response. When an alert fires from your SIEM, EDR, or other security tools, immediately create a case with all relevant context. By using templates, you can standardize the look and feel of cases for analysts. - Use the Create Case action immediately after receiving alerts from your detection sources. - Design templates with consistent field structures across similar alert types (e.g., all phishing cases should have the same fields: sender email, subject line, reported by, etc.). - Pre-populate fields with data from the alert using formulas to extract and format information automatically. - Include rich context like timestamps, affected assets, alert severity, and raw event data. - Use markdown formatting in case descriptions to make information scannable with headers, bullet points, and code blocks. - Create separate templates for different incident types (phishing, malware, data exfiltration, insider threat) to ensure analysts see relevant fields for each scenario. ### Teams & least privilege Implementing proper access controls protects sensitive data, prevents accidental modifications to automation logic, and ensures analysts only see cases relevant to their role. - Use team-based case routing to automatically assign cases to the appropriate team based on alert type or classification. - Limit story access to automation engineers and senior analysts who need to modify workflows. - Implement role-based permissions where junior analysts can view and comment, while senior analysts can close cases and execute sensitive actions. - Audit access regularly to ensure team membership reflects current organizational structure. ### Case actions Case actions empower analysts to execute complex workflows with a single click, reducing response time and ensuring consistent execution of playbooks. - Create action buttons for common response tasks: - "Block IP" → Add to firewall blocklist - "Quarantine user" → Disable account and revoke sessions - "Isolate endpoint" → Trigger EDR isolation - "Request manager approval" → Send approval form to user's manager - "Escalate to Tier 2" → Reassign case and notify senior analyst - "Run full investigation" → Execute comprehensive enrichment workflow - Use deterministic actions for tasks that don't require judgment (e.g., "Gather user activity logs"). ### Metrics and dashboard Tracking the right metrics enables you to measure performance, identify bottlenecks, and demonstrate value to leadership. Capture important case metrics in case fields or records. - Store metrics in records for historical analysis and trend identification. - Create dashboard visualizations: - Case volume by day/week/month - Average resolution time by severity - False positive rate by alert source - Top alert types and their outcomes - Analyst workload distribution - SLA compliance rates ### Records Records act as a persistent data store within Tines. Use records for capturing IOCs, correlating events, and reducing alert noise & case volume. Learn more about records [here](https://explained.tines.com/en/articles/7971187-introduction-to-records). - Reduce alert noise: - Maintain a "known good" list of benign indicators that frequently trigger false positives - Track alert frequency per source and suppress high-volume, low-value alerts - Implement dynamic thresholds based on historical data - Build allowlists and blocklists: - Store approved third-party IPs/domains to filter out false positives - Maintain internal asset inventories to enrich alerts with context - Track case outcomes: - Record which IOCs led to true positives vs. false positives - Use this data to tune detection rules and improve alert quality ### Cases webhook Use your cases notification webhook to monitor for specific events, escalate cases, kick off workflows, and send notifications. - Monitor critical case events: - Case created with high/critical severity → Immediate notification to senior analysts - Case assigned → Send notification to assigned analyst via Slack/Teams/email - Case updated with specific field changes → Trigger additional workflows - Case closed → Log metrics and update dashboards - Case reopened → Alert management to potential recurring issue - Implement escalation workflows: - If case open > 1 hour without acknowledgment → Notify team lead - If high-severity case open > 4 hours → Escalate to management - If case marked as "needs help" → Assign to senior analyst and notify - Trigger downstream automation: - When case closed as "true positive" → Add IOCs to blocklists - When case involves specific asset → Trigger vulnerability scan - When case indicates compromise → Initiate forensic data collection - Send contextual notifications: - Include case summary, severity, and direct link in notifications - Route notifications based on case team, type, or severity - Aggregate low-priority notifications to avoid alert fatigue - Integrate with external systems: - Create tickets in ITSM platforms when cases require IT involvement - Update CMDB with incident information - Log case data to SIEM for correlation with other security events - Build feedback loops: - When analyst marks alert as false positive → Update detection rules - When case identifies new threat → Trigger threat hunting workflows - When case resolution involves new procedure → Update runbooks ## **Additional resources** - [Introduction to cases](https://explained.tines.com/en/articles/7971194-introduction-to-cases) - [How to create a case in Tines](https://explained.tines.com/en/articles/7974460-how-to-create-a-case-in-tines) - [How are case IDs generated](https://explained.tines.com/en/articles/10222478-how-are-case-ids-generated) - [Additional case docs](https://www.tines.com/docs/cases/) ## Best practices for change control ## Overview Change control helps keep your Tines tenant stable, secure, and predictable, especially as more users build and update stories. These best practices ensure that every change is reviewed, documented, and aligned with your team’s standards before going live. ## Best practices ### Enable change control Enable [change control](https://www.tines.com/docs/stories/change-control/) for the entire tenant. Change control incorporates peer reviews before changes go live to help catch mistakes, prevent unintended impacts, and uphold shared quality standards. This safety net is especially critical in production environments where changes could affect automation outcomes. ### Manage change control requests Use a Tines [story](https://www.tines.com/docs/stories/) to manage change control requests. Route the change control approval requests to a group of trusted Tines platform owners for review. Document change control requests in a tracking system like [records](https://www.tines.com/docs/records-cases/records/). Automating and standardizing the change control process ensures consistency in reviews, tracking of approvals, and documentation of decisions. This provides a reliable audit trail for future reference or compliance needs. > **Note:** If you have access to [custom roles](https://www.tines.com/docs/admin/user-administration/custom-roles/), you can fine-tune who can manage change requests. Considering a low tolerance of risk, we recommend creating a custom role with all editor permissions except for change control so the users cannot approve changes outside of your defined process. ### Establish standards Create standardized guidelines to review against change requests and document them for all story builders and reviewers. This checklist gives builders and reviewers a clear, consistent framework to evaluate changes against. It helps maintain high standards across the board, reduces the chance of inconsistent updates, and ensures everyone is aligned on what “excellent” looks like. ## Additional resources - [Optimizing Tines Stories - Tips and Tricks for Building Efficiently](https://www.tines.com/blog/optimizing-tines-building-efficiently/) - [How to Optimize Tines Stories - Tips and Tricks for Managing Stories Efficiently](https://www.tines.com/blog/how-to-optimize-tines-stories-managing-stories/) - [Tines security best practices](https://www.tines.com/tines-security-best-practices/) ## Best practices for credential management ## Overview Managing [credentials](https://www.tines.com/docs/credentials/) securely in Tines helps protect your integrations, reduce risk, and keep your tenant organized. These best practices ensure that credentials are created, used, and maintained consistently and securely. ## Best practices ### Restrict direct access [Restrict direct access](https://www.tines.com/docs/credentials/credential-configuration/domain-restriction/) for all credentials (tenant-level setting). Restricting direct access reduces the risk of credential exposure and misuse. This ensures credentials are only used within controlled stories, rather than being manually retrieved or shared. ### Create an approval process for credential creation Establish a process to get approval for credential creation. Include a collection of relevant information through a [page](https://www.tines.com/docs/pages/) for a user with credential management permissions to create in the tenant. This adds a layer of oversight to ensure new credentials meet all requirements and aren’t created unnecessarily or insecurely. ### Establish standards for credential creation Enforce a standardization for the creation of credentials with the following recommendations: - The credential name is filled in and includes the integration tool's name. For example: *Tines Security Automation Team API Key* - The credential description field is filled in with a relevant explanation. For example: *This Tines credential has read-only access to the Security Automation team* - The credential [product](https://www.tines.com/docs/credentials/credential-configuration/product/) field is filled in with the product you are integrating with Tines. - The credential is not a duplicate of an existing credential. - The credential is scoped to a service user or similar non-user account. - The credential [URLs and domains](https://www.tines.com/docs/credentials/credential-configuration/domain-restriction/) field for restricting domain access must not be overly permissive. - If you are using [change control](https://www.tines.com/docs/stories/change-control/), make sure the [test credential](https://www.tines.com/docs/credentials/credential-configuration/test-details-tab/) fields are complete and include info for a non-production version of the relevant tool. - If you use the [egress allowlist](https://www.tines.com/docs/admin/action-egress-control/) feature, add the relevant information to the egress allowlist to enable connecting to the tool. ### Audit credentials Complete regular audits of the credentials to ensure best practices are met. Build a Tines [story](https://www.tines.com/docs/stories/) to regularly audit credentials for best practices on a daily or weekly cadence. Ongoing validation helps maintain hygiene and ensures standards are continuously met, even as new credentials are added or updated. ## Additional resources - [Optimizing Tines Stories - Tips and Tricks for Building Efficiently](https://www.tines.com/blog/optimizing-tines-building-efficiently/) - [How to Optimize Tines Stories - Tips and Tricks for Managing Stories Efficiently](https://www.tines.com/blog/how-to-optimize-tines-stories-managing-stories/) - [Tines security best practices](https://www.tines.com/tines-security-best-practices/) ## Best practices for managing access and permissions ### Overview Managing who has access to what in Tines is key to keeping your tenant secure and organized. These best practices help ensure users only get the access they need, when they need it, using clear processes and visibility. ### Best practices #### Enable SSO Use [single sign-on (SSO)](https://www.tines.com/docs/admin/single-sign-on/) and provision users using [system for cross-domain identity management (SCIM)](https://www.tines.com/docs/admin/user-administration/scim/) or [just-in-time (JIT)](https://www.tines.com/docs/admin/user-administration/jit/) to ensure access is controlled through your identity provider (IdP). Centralizing authentication and user provisioning through your IdP reduces manual account management, minimizes the risk of orphaned accounts, and ensures users only have access while they're authorized. #### Utilize roles Leverage our [default roles](https://www.tines.com/docs/admin/teams/#roles), or [custom roles](https://www.tines.com/docs/admin/user-administration/custom-roles/) (if available in your plan), to fine-tune the permissions you grant to your Tines users. Roles allow you to precisely control what users can do within Tines. This helps reduce the risk of accidental misconfiguration or abuse of sensitive features, especially in tenants with many users or varied responsibilities. #### Build an access request process Set up an access request process to grant users access to teams and to assign specific roles. Include an audit trail for access requests and store it in [records](https://www.tines.com/docs/records-cases/records/) or another data storage tool. Here's an example of a story that can execute this process: [Request and approve access to new tools with an audit trail](https://www.tines.com/library/stories/1224418). Having a structured access request and approval process enforces the principle of least privilege and ensures accountability. Storing audit trails in Tines records or another storage tool allows teams to track who requested access, who approved it, and when. This is critical for audits, compliance, and incident investigations. > **Note:** If you utilize a [tunnel](https://www.tines.com/docs/admin/tunnel/) or [command-over-HTTP](https://www.tines.com/docs/admin/command-over-http/), provide access to the tunnel via a specific team or teams on an as-needed basis. ## Additional resources - [Optimizing Tines Stories - Tips and Tricks for Building Efficiently](https://www.tines.com/blog/optimizing-tines-building-efficiently/) - [How to Optimize Tines Stories - Tips and Tricks for Managing Stories Efficiently](https://www.tines.com/blog/how-to-optimize-tines-stories-managing-stories/) - [Tines security best practices](https://www.tines.com/tines-security-best-practices/) ## Best practices for security and monitoring ## Overview Strong security and effective monitoring are critical for maintaining trust, minimizing risk, and ensuring reliable operations in Tines. This guide outlines key best practices for audit logging and alerting, helping teams stay proactive and secure in their automation flows. ## Best practices ### Utilize SIEM If applicable, forward all of your [audit logs](https://www.tines.com/api/audit-logs/) to your SIEM tool. We recommend using your SIEM tool to generate appropriate alerts and pipe alerts back to Tines to take action on. Sending audit logs to your SIEM centralizes visibility and allows your security team to detect and respond to activity in real time. It also supports compliance requirements and enables historical investigation when needed. > **Note:** Need some inspiration? Here are a few templates from our story library to help you get started! > > - [Ingest Tines audit logs into Datadog](https://www.tines.com/library/stories/1251311/?name=ingest-tines-audit-logs-into-datadog) > > - [Ingest Tines audit logs into Snowflake](https://www.tines.com/library/stories/1286491/?name=ingest-tines-audit-logs-into-snowflake) > > - [Ingest Tines audit logs in Splunk](https://www.tines.com/library/stories/1111551/?name=ingest-tines-audit-logs-into-splunk) ### Set up monitoring alerts Send [action/story monitoring alerts](https://explained.tines.com/en/articles/7733319-how-can-i-monitor-actions-in-tines) to a Tines story that alerts builders on failures in their stories. Monitoring alerts help teams quickly identify and fix issues in their stories. Routing those alerts into a Tines story keeps the response automated and ensures failures don’t go unnoticed. ### Monitor user activity We recommend building a [story](https://www.tines.com/docs/stories/) to monitor audit logs for unusual activity. This adds an extra layer of automated threat detection, especially useful for large teams or high-security environments. It helps spot potential misuse early, even if it slips past manual review. ## Additional resources - [Optimizing Tines Stories - Tips and Tricks for Building Efficiently](https://www.tines.com/blog/optimizing-tines-building-efficiently/) - [How to Optimize Tines Stories - Tips and Tricks for Managing Stories Efficiently](https://www.tines.com/blog/how-to-optimize-tines-stories-managing-stories/) - [Tines security best practices](https://www.tines.com/tines-security-best-practices/) ## Best practices for the AI Agent action ## Overview The AI Agent action is a powerful tool in Tines that uses AI language models to perform automated tasks or engage with users in real time. This article outlines key recommendations to help you design the AI Agent action effectively. ## Builder best practices ### Precision prompting Within the AI Agent action, there are a few options where you can input guidance: - The **System instructions** set the stage for the AI Agent action's behavior. Define the tone, domain, persona, and rules it should follow here. - The **Prompt** is for passing the list of instructions the AI Agent action will carry out. Provide the steps the AI Agent action should execute here, including any upstream reference data. In general, providing guidance that is clear, grammatically correct, and detailed will ensure a successful output. You also don't need to greet or thank the AI Agent action, as handling the additional logic for this can cost more AI run-time credits. Learn more about how to write effective prompts [here](https://explained.tines.com/en/articles/12097316-writing-effective-prompts). > **Note**: The AI Agent action uses AI run-time credits. You can see the real-time credits used per team in the **AI settings** section of the tenant **Settings** menu. Learn more about AI run-time credits [here](https://explained.tines.com/en/articles/9369092-ai-action-credits-executions). Here are some simple examples of how you can utilize both the **System instructions** and **Prompt** options of the AI Agent action: #### Task mode example - **System instructions:** *You are an internal support automation agent for a SaaS integration company. Always use a neutral, professional tone. Only include factual information and omit small talk or irrelevant messages.* - **Prompt**: *Summarize the conversation provided in `message.body` in 2–3 sentences. Focus on the issue raised, any troubleshooting steps taken, and the final outcome. Then, post the conversation summary in the Slack channel provided via `slack.channel.id`.* #### Chat mode example - **System instructions:** *You are a helpful onboarding assistant for new employees at a SaaS integration company. Use a friendly, concise tone.* - **Prompt**: *Respond to new hire questions about tools, processes, or policies. Provide clear answers, link to relevant resources if available (provided via `resources.list`), and encourage them to reach out to HR for anything sensitive. If a topic still requires human follow-up, provide the user's manager's contact info via `user.manager`.* If you're unsure of what to include in your system instructions and prompt, you can use **[Workbench](https://explained.tines.com/en/articles/9822635-introduction-to-workbench)** to help you with this. Just describe the outcome you're looking for, and ask it to create these instructions for you. You can then test and edit these as needed. > Tip: Understand how tools affect model selection. > > In Task mode, the AI Agent action defaults to a cheaper AI model when no tools are configured. Once you add a tool, it automatically switches to the smart model. This is expected behavior, keep it in mind when designing your agents: > > - If your task only requires text processing or summarization with no external actions, consider leaving tools out to benefit from the lower-cost model. > > - If your task requires tool use, the smart model will be used automatically, which may increase credit consumption. > > > This is another reason to follow the "avoid the do everything agent" principle — specialized agents with only the tools they need will be more cost-efficient. ### Use XML tags Using XML tags in your system instructions and prompts can help organize complex instructions and improve the AI Agent action's ability to parse different sections of your guidance. XML tags act as clear semantic boundaries that separate instructions, context, examples, and data. They can be used for adding structure to instructions, defining examples and separating data from instructions. You can use any descriptive tag names that make sense for your use case. Common examples include ``, ``, ``, ``, and ``. Keep your tag names consistent across similar AI Agent actions to maintain clarity across your workflows. **XML tag example** Build an AI Agent action that analyzes security incidents. Use XML tags to separate the task instructions from the incident data: **Example prompt** ``` Analyze the security incident below and determine: 1. Severity level (Low, Medium, High, Critical) 2. Affected systems 3. Recommended immediate actions {{.webhook.body.incident_details}} Provide your analysis in a structured format with clear headings for each section. ``` ### Avoid the "Do everything" agent Having a single AI Agent attempt to perform multiple complex tasks simultaneously can lead to several issues: - **Context overload:** The agent may run out of context window space due to data sprawl - **Task interference:** Multiple objectives can create conflicting priorities - **Reduced accuracy:** Performance degrades as complexity increases - **Inefficient resource usage:** Consumes more AI run-time credits than necessary Instead, consider breaking down complex tasks into their constituent parts and creating specialized agents for each component. This approach allows each agent to excel at a specific task while maintaining a cohesive workflow. For example: *"Retrieve security alerts from the past 24 hours, identify potential threat patterns, correlate with known IOCs, evaluate affected asset criticality, and output prioritized remediation recommendations."* Rather than having one agent attempt this entire process, you could implement a workflow with four specialized agents: 1. **Alert Collection Agent:** Focuses solely on retrieving and normalizing security alerts 2. **Pattern Analysis Agent:** Identifies potential threat patterns and correlations 3. **IOC Enrichment Agent:** Correlates findings with threat intelligence feeds 4. **Prioritization Agent:** Evaluates asset criticality and outputs prioritized recommendations Each agent would share the same foundational system instructions but have a more defined goal and task prompt. By connecting these agents in a semi-deterministic flow, you create a complete and more effective security investigation process. ### Utilize the Description section As you integrate the **Tools** of the AI Agent action, use the **Description** section of each Tool to provide specific instructions for the AI Agent action to follow. The Description is passed to the AI model and influences how and when it uses the Tool. #### Description example Build a story that uses the AI Agent action to search potentially harmful IPs against AbuseIPDB and VirusTotal. It then creates a Tines case with the results. To help the AI Agent action function more proficiently, provide similar instructions to the Tines "Create a case" Tool's Description: *"Only create a case after all provided IP addresses have been searched. The case name value must include today's date in a DD/MM/YYYY format."* ![](https://downloads.intercomcdn.com/i/o/am0g137l/1586041482/ed8e2ea9ef518bfdb0ff62d03c20/image.png?expires=1781611200&signature=a25f9396d10ed923e5235622d25a5a1b55b56a647b47bbb569b3c418b2129073&req=dSUvEMl6nIVXW%2FMW3nq%2BgQPPOTLs%2Bk1ZiEEIoN2VJHU%2BsCv9d0AGDIfD4Dp5%0AXd67I4MGCZpBb7FyUeJiHeElhrI%3D%0A) ### Combine similar action templates into Custom Tools If you find yourself running the same set of **Tools** within the AI Agent action, consider combining them into a **Custom Tool** or building the action templates and Tools within a **[Send to Story](https://www.tines.com/docs/stories/send-to-story/)** and connecting it within the AI Agent action's configuration**.** This is a great way to boost it's execution speed and reduce AI run-time credit costs. > **Note**: Although **Custom Tools** and **[action Groups](https://www.tines.com/docs/stories/groups/)** are similar in configuration, **Custom Tools** cannot be ungrouped. ### Specify end results with Output Schema Using the **Output Schema** feature via the `+ Option` button of the AI Agent action helps enforce consistency and ensures the output follows a specific format, making it easier to parse and use the event data programmatically. You can utilize the **Prompt** and **System instructions** by referencing the **Output Schema** to organize how the result data should be structured. > **Tip**: Check out the [JSON Schema website](https://json-schema.org/learn/miscellaneous-examples#basic) to learn more about successfully building a structure for the **Output Schema**. #### Output Schema example Build an AI Agent action in **Task** mode that acts as a user investigation and enrichment agent. Define the **Output Schema** and clarify the requirements for using it throughout the **System instructions** and **Prompt**: **Output Schema** ``` { "title": "Person", "type": "object", "properties": { "fullName": { "type": "string", "description": "The person's full name." }, "age": { "type": "integer", "description": "Age in years which must be equal to or greater than zero." }, "email": { "type": "string", "description": "The person's email address." } }, "required": [ "fullName", "email" ] } ``` **System instructions** ``` You are a User Investigation & Enrichment Agent that gathers information about individuals from public sources to create comprehensive profiles while maintaining strict privacy standards. You are running autonomously. Core Responsibilities: - Investigate individuals based on minimal identifiers (name, email, etc.) - Collect only publicly available information from legitimate sources and tools - Verify data across multiple sources when possible - Format results according to the required JSON schema. Investigation Process: 1. Begin with provided identifier 2. Search public professional sources (LinkedIn, company websites) 3. Cross-reference information for verification 4. Document sources for all collected data 5. Format according to schema, omitting uncertain fields ``` **Prompt** ``` Investigate and create a profile for this individual: <> Using the various tools available, compile: - Full name - Approximate age - Hobbies/interests - Professional contact information Format according to the required schema. Omit any fields that cannot be verified with reasonable confidence. ``` ### Set up monitoring We recommend setting up failure **Monitoring** for all actions across your stories. You can set up Monitoring and contact options via the story's editor panel. Or, you can set up Monitoring per-action via the action's **Status** tab: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1592006477/7b9d6a5759c37dbc84fb4001a242/image.png?expires=1781611200&signature=9f6e7fbc16809584d50725c54896cb45c2c3ecdaf86c96d3973a7c2da2a4c34e&req=dSUuFMl%2Bm4VYXvMW3nq%2BgRfRHy8%2FI2hta6RIInrd752W%2BbrLgPJZtvjXac0j%0AZ6HSV6CNg%2FoLMfyL%2FpSAW2anC7M%3D%0A) ## Admin best practices ### Manage AI run-time credit allocations Regularly adjusting your Teams' AI run-time credit allocations allows you to stay aligned with shifting needs while maintaining operational efficiency. You can delegate your AI run-time credits across your Teams via your tenant's **Settings** menu → **AI settings** → **Providers** → **Configure** → **Allocation**: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1592106420/9eecb354ca8a063488d38e05ac58/image.png?expires=1781611200&signature=ba091d32cb5a4ed6484f28b23987162ac6eb05ffbc697a12d549bad4e6d1481a&req=dSUuFMh%2Bm4VdWfMW3nq%2BgXt1izi5cCi7NIlg3mukf1IJpHVBuMq4skbBSiRx%0AemzZD1adOZoCAAocJ75TAqsop38%3D%0A) ### Allocate emergency savings To maintain stability and prevent disruptions in your workflows, we recommend reserving ~10% of your total monthly AI run-time credits as a buffer. This emergency reserve acts as a safeguard in case a Team unexpectedly needs to exceed their allocated AI run-time credits due to high-priority investigations or surges in user activity. ### Keep track of AI run-time credit usage You can view your tenant's overall AI run-time credit usage by visiting the **Reporting** page → **AI credit usage**: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1591992373/57c253dd45a845b966b204921ef6/image.png?expires=1781611200&signature=bb2c19ab8e68da20232b435f14dc4ee57e80d455c8f6129b66d24dee4ef62bac&req=dSUuF8B3n4JYWvMW3nq%2BgY%2FTpO8RwZi9dFz7BeUMx1RsZ84hDpujKrT5kcRR%0A1j0xncgQFpzMl7fkD9t5VHgafuM%3D%0A) The **Meta** output of each AI Agent action run will include the credit cost to run and the remaining credits available to the Team in which the story resides. Encourage your builders to create additional logic that monitors for intense AI Agent actions that execute exceptionally high credit usage runs: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1591504292/091b4056e041ec43632847369a7e/image.png?expires=1781611200&signature=22e4c547019b49b9cbc74494bba8b44e3120a7c5b231e39b2907a59bd64f1f71&req=dSUuF8x%2BmYNWW%2FMW3nq%2BgWF%2BAiAHrIEVO8KDckkn%2BRbeaAcZaPrVypYRCYOp%0ADGZN9jyJwodGfzw1LdXCyslYiwM%3D%0A) ## Additional resources - Tines Blog: [Introducing the AI Agent action](https://www.tines.com/blog/introducing-ai-agents/) - Tines Platform: [Agents](https://www.tines.com/platform/agents/) - Tines University: [AI Agent action](https://www.tines.com/university/tines-basics/using-ai-in-tines/agents/) - [Introduction to AI Agents](https://explained.tines.com/en/articles/11571096-introduction-to-ai-agents) - [Get started with Agents](https://explained.tines.com/en/articles/11541238-get-started-with-agents) - [AI Agent action FAQs](https://explained.tines.com/en/articles/11510164-ai-agent-action-faqs) - [Understanding Tines pricing and packaging](https://explained.tines.com/en/articles/9620399-understanding-tines-pricing-and-packaging) ## Best practices for the Tines tunnel ## Overview To get the most out of your Tines tunnel while keeping security tight, it's important to manage how it’s updated, monitored, and controlled. These best practices will help you maintain tunnel performance, reduce risk, and improve visibility into how data flows through your environment. ## Best practices ### Stay updated Upgrade the tunnel whenever we release a new version. Tunnel updates often include security patches, performance improvements, and new features. Staying up to date reduces vulnerabilities and ensures compatibility with the evolving Tines infrastructure. ### Limit egress Apply network settings to the tunnel to limit egress to internal IP ranges and Cloudflare. Restricting the tunnel’s egress helps prevent unauthorized or accidental data exposure by ensuring traffic only reaches known, trusted destinations. It minimizes your attack surface and aligns with the principle of least privilege. ### Packet analysis Set up networking tools to complete packet analysis on the tunnel. Packet analysis provides deeper visibility into tunnel traffic, helping detect anomalies or misuse. It’s especially valuable for debugging connectivity issues and ensuring data is flowing securely and as expected. ## Additional resources - [Tines security best practices](https://www.tines.com/tines-security-best-practices) ## Britive Authentication Guide Britive is a cloud-native security solution built for the most demanding cloud-forward enterprises. Their platform empowers teams across cloud infrastructure, DevOps, and security functions with dynamic and intelligent privileged access administration solutions for multi-cloud environments. ## First, get a Britive API token 1. Login to your Britive account 2. From the "Admin" menu, click "Security" ​ ​ ![](https://downloads.intercomcdn.com/i/o/943219256/119b4b119fe0076b6538265a/image.png?expires=1781611200&signature=f28decaa92837c79f98eb947d387cc30a82af8efd1c7e211ab50df41fdcc3ec1&req=fSQkFMh3n4RZFb4V1XW4gQ0PlvXmGBjsZS3rVvj6vQoy8KFqlUO4JaExgI1S%0A3vopaxZE9AHeth0sKKqyWwxyNw%3D%3D%0A) 3. Click "API Tokens" and then click "Create token" 4. Name the token and click "Create token" ​ ​ ![](https://downloads.intercomcdn.com/i/o/943219625/d417419a03bd32f4632b8b60/image.png?expires=1781611200&signature=010f2d1ef738aca6921775585afdcfa5cb6c3e3262efe08a5a2c45807fef0f99&req=fSQkFMh3m4NaFb4V1XW4geErZLecHfOuhzmIAOloL24e%2Fde8pHkHjPAdJZC8%0Af9X7LHxzxt8tVAgyYCAaQGxt1A%3D%3D%0A) ​ 5. Copy your API token to a text editor ## Lastly, create a Britive credential in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Text" 4. Input the values for the Britive credential 1. **Name:** Britive 2. **Description:** Optional 3. **Value:** Your API key 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API 6. Click "Save" > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Britive** **stories in the [story library](https://www.tines.com/library?s=britive&view=all)** ## Building Apps in Tines Apps give you a dedicated surface to build interactive, user-facing experiences that connect directly to your Tines workflows. Whether you're collecting input, displaying data, or triggering automations, the App builder takes you from idea to working app in minutes. ## Getting started Navigate to the Apps section in Tines. The first time you visit, a short intro will walk you through the basics. When you're ready, click "New" to create your first App. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2470658568/4d7dc475eba27f24a8ff9790d155/apps+new.gif?expires=1781611200&signature=6438178a19cc79853cef47d060a41345800c4906da985b4ef476eaaee86e71d3&req=diQgFs97lYRZUfMW3nq%2BgURMZZzV2ayi61QafvAhUM5mOvqyngc8sRBNTa6G%0A8aSx2p6ZAx9pyY6k9HG0iMHAlk4%3D%0A) ## The App builder Once your App is created, the build process happens in the left-hand conversation panel. Type a message describing what you want to build and Tines will generate an initial version of your App within minutes. > Note: Write clear prompts to get better results. Here's what to include: - What you want the App to do, including specific features or functionality - Whether the App should be powered by real data and connect to an existing story - The intended look and feel. You can upload mockups, references, or describe the design direction - Whether you want endpoints generated automatically (just say so in your prompt and it's handled for you) You can keep refining your App through follow-up messages in the same conversation. ### Previewing your App The preview tab shows the visual output of your generated App. It's a fully interactive sandbox so you can click through your App exactly as a user would. Use the built-in browser controls to: - Refresh the view - Navigate back and forward - Toggle between desktop and mobile viewport sizes ### Editing code directly The code tab contains all of the React code generated for your App. From here you can: - Browse files and search within the codebase - Edit code directly in the editor To save your changes: - Single file: Cmd + S / Ctrl + S - All files at once: Cmd + Option + S / Ctrl + Alt + S ### Connecting your App to workflows with Endpoints Endpoints are what link your App to Tines workflows. They let your App send data to a story or receive data back from one. There are two ways to create endpoints: #### Workbench-generated endpoints (recommended) Workbench acts as a built-in companion that can create endpoints for you automatically. From the conversation panel, ask Workbench to create or connect endpoints, and it will either generate them within an existing story or spin up a brand-new dedicated story for your App, all without leaving the builder. #### Manually created endpoints If you've already built a workflow you want to expose in your App, you can manually define endpoints in an existing story or a new one. Enable the story's inputs and outputs as App endpoints so your App can interact directly with that story and its data. ## Building blocks - Bulk API Requests ## Overview While working with API platforms, you may need to run multiple values against a single API endpoint. In Tines, you can accomplish this using the explode mode of our event transform action or with our group looping functionality. ## Tines references Before getting started, we recommend familiarizing yourself with the surrounding functionality this article covers: - [Tines - Explode mode](https://www.tines.com/docs/actions/types/event-transformation/explode/) - [Tines - Group loops](https://www.tines.com/docs/stories/groups/#looping) ## Make it happen **Scenario:** We'll be utilizing the open API, [PokéAPI](https://pokeapi.co/), and its following endpoint: `https://pokeapi.co/api/v2/pokemon`. - First, we want to pull a list of Pokémon using the endpoint that returns an array of names. By default, this endpoint returns 20 results. - Then, we want to pull the details of *each* Pokémon by passing their name in the next request: `https://pokeapi.co/api/v2/pokemon/{name}`. - Lastly, we want to see all of the details pulled for each Pokémon in a single output. ### Bulk API requests with explode In this video, we look at how to approach the "Make it happen" scenario using explodes and implodes. [Watch video](https://www.youtube.com/embed/IsuVYaYCJ0s?rel=0) **Written steps:** 1. Create an `GET` HTTP request action called "Get Pokemon Names" that reaches out to the `https://pokeapi.co/api/v2/pokemon` endpoint. 2. Create and connect an event transform action called "Explode Pokemon" set to explode the `body.results` array of the "Get Pokemon Names" action's output. 3. Create and connect another `GET` HTTP request action called "Get Each Pokemon Detail" that reaches out to the endpoint, but with each exploded name appended to the URL in a Value pill from the "Explode Pokemon" action: `https://pokeapi.co/api/v2/pokemon/<>`. 4. Create and connect an event transform action called "Implode Pokemon" set to implode the results of every "Get Each Pokemon Detail" event into one array. ### Bulk API requests with group loop In this video, we look at how to approach the "Make it happen" scenario using group looping. [Watch video](https://www.youtube.com/embed/kTKJrolIqnI?rel=0) **Written steps:** 1. Create an HTTP request action called "Get Pokemon Names" that reaches out to the `https://pokeapi.co/api/v2/pokemon` endpoint. 2. Create and connect a group called "Get Each Pokemon Detail". 3. For the "Get Pokemon Details" group, click + Option -> add the `Loop` option. 4. In the `Loop` option, set the following in a Value pill: `<>`. This uses our `MAP` [function](https://www.tines.com/docs/formulas/functions/map/) to create an array of Pokémon names that the group loop will iterate through. 5. Click inside the group. You will see Input and Output tiles. 6. Within the group, create and connect an HTTP request action between these two tiles called "Get Each Pokemon Detail" that reaches out to the endpoint, but with each name from the group loop input set in step 4 appended to the URL in a Value pill: `https://pokeapi.co/api/v2/pokemon/<>`. 7. Configure the Output tile's payload to the results of the "Get Each Pokemon Detail" HTTP action in a Value pill: `<>`. ### Which method should I use? Both methods have their use cases: - **Explode → Implode**: allows you to see all the events at the root of the story. Exploded events are processed in parallel, not sequentially. This improves performance, but also means that the order of the events that went into the explode may not always be in the same order out of the implode. - **Group Loop:** simplifies the visual look of this flow, reducing the visible event count and action tiles at the root of the story. By default, group loops are processed sequentially. However, we offer the `Run loop in parallel` option for group loops, which acts the same as the explode-implode behavior. Take a moment to compare their visual results within the root of the story: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1374277298/565a1afbff0ecd6214da99ca7d03/image.png?expires=1781611200&signature=32f6ed1cf739922233a7cdf8e70b93d9790fa83dc3d3fd5b398a9cf451f48df0&req=dSMgEst5moNWUfMW3nq%2BgSI5OAqewBoWVveq3keOnR6xZo07Xqd3wz1qOwlX%0AguTL6MGmevRdrxw8pYG9O8i8JwE%3D%0A) ## Building blocks - Event data flow ## Overview In this article we'll go over the ways you can reference action event data as it flows through your story. Specifically, we'll take a look at how you can map this output data from one action into subsequent actions. You'll hear this commonly referred to as "upstream events" or "upstream event data." ## Tines references Before getting started, we recommend familiarizing yourself with the surrounding functionality this article covers: - [Tines - Events](https://www.tines.com/docs/events/) - [Tines - Functions](https://www.tines.com/docs/formulas/functions/) - [Tines - Referencing data](https://www.tines.com/docs/formulas/referencing-data/) ## Make it happen We'll use the following sample of a "Get User Info" action's event data that kicks off a story: ``` { "user": "Jane Tino", "email": "jtino@tines.io", "usernames": [ { "value": "jtino", "is_active": true }, { "value": "jane_tino", "is_active": false } ] } ``` ### Basic Throughout these options, let's grab the user's email from the"Get User Info" action's event data. When referencing upstream event data, the JSON path will always start with the referenced action's name in [snake case](https://en.wikipedia.org/wiki/Snake_case) format (i.e. Get User Info → `get_user_info`). #### ⚙️ Option One: Type it out [Watch video](https://www.youtube.com/embed/1j4Zcphkdas?rel=0) 1. Within your subsequent action, navigate to where you want to reference the upstream data. In our example, this will be within the Payload. 2. Click + → Value (shortcut: `cmd + space` | `ctrl + space`) 3. Write out the JSON path with your keyboard: `get_user_info.body.email` - As you type out each segment, Tines will try to suggest the next part of the JSON path. 4. Reference the "Results" on the bottom-right to confirm the data element you are targeting. In our example, this will be: `"jtino@tines.io"`. #### ⚙️ Option Two: Click through the path [Watch video](https://www.youtube.com/embed/eOGXSWfQsDM?rel=0) 1. Within your subsequent action, navigate to where you want to reference the upstream data. In our example, this will be within the Payload. 2. Click + → Value (shortcut: `cmd + space` | `ctrl + space`) 3. Click on the action name you want to get the data path for in the formula widget. For this example, this would be: `get_user_info` 4. Each time you click on the element it will auto-fill. This is similar to option one via typing, however, this method tends to be quicker: `get_user_info.body.email` 1. **Note:** You will need to ensure that a `.` is between each value. You can do so by clicking twice between each. 5. Reference the "Results" on the bottom-right to confirm the data element you are targeting. In our example, this will be: `"jtino@tines.io"`. > **Tines Tip**: Instead of clicking, you can also go through the JSON path by pressing `enter`/`return`! #### ⚙️ Option Three: From the Events panel [Watch video](https://www.youtube.com/embed/FiieLHRvREM?rel=0) 1. Locate the upstream event data that you want to map the data from. 2. Go upstream to the desired action. 3. Open the Events panel of that action. 4. Navigate to the part of the data you want by clicking the "..." 5. While hovering over the object, click on the copy icon that appears on the left-hand side. This will copy the specific JSON path. 6. Navigate to your subsequent action + where you want to reference the upstream data. In our example, this will be within the Payload. 7. Execute a paste (`cmd + v` | `ctrl +v`). 8. See your Value pill with the copied JSON path configured. > **Tines Tip:** When referencing JSON paths from upstream actions, you will need event data to be able to review the output preview in the "Results" on the bottom right of the formula widget. Without it, the "Results" view will show as empty, or sometimes `null`. ### Advanced #### ⚡️ Arrays - Static referencing [Watch video](https://www.youtube.com/embed/ffWkDyE6rtA?rel=0) Take a look at the `usernames` array in our "Get User Info" action. Let's say we want to capture the `jane_tino` username. We can see that `jane_tino` is part of the 2nd object in the array. So, to reference this in our subsequent action, we'll capture the following JSON path via one of the basic options above: `get_user_info.body.usernames[1].value`. > **Tines Tip**: The reason why the 2nd object in the array is referenced as index 1 in the path is because array indexes start at 0. However, what happens if that order is swapped, or, we only want to pull active usernames? #### 🌊 Arrays - Dynamic referencing If we want to be able to capture a specific set of data, we can integrate [Tines functions](https://www.tines.com/docs/formulas/functions/) into our setup. Functions let us use programmatic logic to capture data in a more dynamic way. Let's see how we could filter the array and keep usernames where `is_active` is `true`, using our `WHERE` [function](https://www.tines.com/docs/formulas/functions/where/). [Watch video](https://www.youtube.com/embed/w_oX8XAzvQE?rel=0) 1. Within your subsequent action, navigate to where you want to reference the upstream data. In our example, this will be within the Payload. 2. Click + → Value (shortcut: `cmd + space` | `ctrl + space`) (make sure to change to Formula mode!). 3. Begin typing out `WHERE` in the formula widget. 1. As you start typing this out, Tines will suggest functions that match the letters provided. 4. Select `WHERE`. 1. Our `WHERE` function accepts the following syntax: `WHERE(array, path, [value])`. Essentially, `WHERE` looks at an array and targets a key path using a comparable value. 5. Since we want to only to see active usernames, format the `WHERE` function as follows: `WHERE(get_user_info.body.usernames, "is_active", TRUE)`. (**Note**: `TRUE` is highlighted + formatted in all-caps due to it being a [boolean](https://en.wikipedia.org/wiki/Boolean_data_type).) 1. Make sure to change the data type to **Formula** mode so `WHERE` formats the array correctly! 6. Reference the "Results" on the bottom-right to confirm that the final output will only include usernames where `is_active` is set to `true`. ## Building blocks - HTTP request action ## Overview HTTP request actions come into play when you need to reach out to other platforms in your story. In this article, we'll go through a checklist, including some tips of building out an HTTP request action. ## Tines references Before getting started, we recommend familiarizing yourself with the surrounding functionality this article covers: - [Tines - Action templates](https://www.tines.com/docs/actions/templates/templates/) - [Tines - HTTP request action](https://www.tines.com/docs/actions/types/http-request/) - [Tines - Shortcuts: Import from cURL](https://www.tines.com/docs/actions/shortcuts/#import-from-curl) > **Tines Tip**: Need some inspiration with building out your story? Check out our [story library](https://www.tines.com/library/)! ## Make it happen ### ✅ Check one: Is there a Tines template? It may be possible that a [template](https://www.tines.com/docs/actions/templates/templates/) has already been created for the API call you're looking to make. 1. Grab from the templates on the bottom left and drag into the story. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1273875705/91e4ca09c7c3bb36dd9582e8c36f/image.png?expires=1781611200&signature=87d2be2b4f4e206b71bbf38fba6157a3630d891eee99a212a920468484ff74d3&req=dSIgFcF5mIZfXPMW3nq%2BgfVmuKFMaG1ZYSwaXQQZZUV2qrO6oRm6I4gaQ2vh%0AXqkQBjn2r8zYwGkLiQEVuMnuFdU%3D%0A) 2. Then select the task from the template you'd like to use. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1300145480/3b31a964f712db99b75d14d5f2e7/image.png?expires=1781611200&signature=cfdafca97c0734a6b4521a3a569293b0d03009e004841d576b773c0e91413c26&req=dSMnFsh6mIVXWfMW3nq%2BgbfUaVLIT5pVzXdXHiu1N3c9TS3YFB6aPhglKGcv%0A4RSMoj3WqL8IIsojfbFdhSerOD0%3D%0A) ### ✅ Check two: Does the platform offer API documentation? Visit the platform's API documentation to explore the types of calls can be made. Let's look at an example using Slack: 1. Using your search engine, enter the platform's name and API documentation. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1249422999/32f069d1821282b430942c2197e3/image.png?expires=1781611200&signature=7982e24db62445351ebf573174bc23557dffd97cd6c7b882c2313e70797aa86d&req=dSIjH818n4hWUPMW3nq%2BgaiPJum5n1swI5%2B1vCxpjIo1yHD4ZQyvfbPk4f7k%0AWMPa9AWjIaPZjwqtcsLt2bxaZGo%3D%0A) 2. Select the API documentation (i.e. [Slack documentation](https://api.slack.com/methods)). From there you should be able to identify the task you are trying to complete. For our Slack example, here's a screenshot of all the possible `chat` API calls: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1300128599/af679bd68dbc97bc93ff2ee67964/image.png?expires=1781611200&signature=6f6c0bfd3af4b034f9e0bccefa199416dff4e9a89236a699ce2d660a60fed2dd&req=dSMnFsh8lYRWUPMW3nq%2BgSCq7vh22rZqm9HnnqLAugMwg1BHFoB5Vwzgl9uX%0ADP19%2BD%2FQMU9Pi5%2FspAOcwWYhvtE%3D%0A) 3. Continuing with our Slack example, let's look at `chat.delete`: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1300128878/513d2cfd90253c12c27c30a72de3/image.png?expires=1781611200&signature=c22dd84fbcda85a93688156b8979fdc579d9d4a58ffe44f0036fdd84fbd77857&req=dSMnFsh8lYlYUfMW3nq%2BgYYJsEgi9U69LCss9%2BhWB6vpY%2Fsl8LKXd4fR0AJo%0AKw0p9qaDsZsyKQHDb1Mvpqpc%2F88%3D%0A) ### ✅ Check Three: Is there a cURL example of the API call? Platform API documentation will sometimes offer a cURL example of the API call. Whether you understand how to build a cURL command from scratch or copy it from platform docs, you can paste the command directly onto your storyboard in Tines and it will automatically create an HTTP action with that command's configuration. We call this feature [curl2Tines](https://www.tines.com/docs/actions/shortcuts/#import-from-curl). Here we can see what a cURL request example looks like. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1249428503/629de5a8c75bc4ae94a49d85eb22/image.png?expires=1781611200&signature=d5d619d8bb3505027c51ae8afb5e046303edf833b7b21c1894385d3a8d2e0634&req=dSIjH818lYRfWvMW3nq%2BgTjok4io%2FAvhHucRMdk6RORhn0SPdQlx3EEPYq0g%0A9q%2FcczhR%2BPyMAJe36jrPsPOhSb8%3D%0A) When you paste it into the story it'll look something like this: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1249428504/675093c15623fbb1bce1362eee88/image.png?expires=1781611200&signature=82ec78029110a86cdf566735e8493c483f990c42cc64e978988a3a5f9b561e51&req=dSIjH818lYRfXfMW3nq%2BgYZIvUF14iqkeFROdeGztBzNr6u3k2V%2FkNg8iXs0%0AlXJGee%2FsVFx0Rb1YQAaAROrEL04%3D%0A) > **Tines Tip:** Make sure to double-check for any additional action [configuration](https://www.tines.com/docs/actions/types/http-request/#configuration-options) modifications required to make the API call. ### 💡 Or, build an HTTP request action from scratch 1. Identify the URL Endpoint (i.e. look at the platform's API docs to see the URL we are making the request to). Continuing with our Slack example, let's look at the `reactions.list` [API call](https://api.slack.com/methods/reactions.list): ![](https://downloads.intercomcdn.com/i/o/am0g137l/1300260153/bbf90d969c4dea2dc0bb434af304/QFkvbTd.png?expires=1781611200&signature=3aaf0c197ab650b6d2d157ecc3ea24f061196f27bfa2d2641f65dd6fa7888759&req=dSMnFst4nYBaWvMW3nq%2BgThoxIKzxmqNnuxXaK3oRslhDblia%2FU8McJEsxHT%0A%2FWhY41vvWF%2FBQvqZpg74xcx%2Bgo8%3D%0A) 2. Pull an HTTP request action into your story. 3. Create a unique name that describes what you're trying to accomplish 4. Set the URL in the action to the URL from the API docs ![](https://downloads.intercomcdn.com/i/o/am0g137l/1300260336/edc7e6fb10f9134eefaaada0f44e/image.png?expires=1781611200&signature=dc63726365b8e487ba77a9ccf3d4771783f963b468b5b1f4c63a6ab405822749&req=dSMnFst4nYJcX%2FMW3nq%2BgQaMSixQ6eNWZyhWBchdy5zpA78A0Yu9V7XAKLfO%0Au8BEfSvLUG9NPY5J8nRZ5Vbu21Q%3D%0A) 5. Update the method of the action to whatever is mentioned in the API docs. In our Slack example, this API call is using a `GET` method. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1300263311/ad9f936bdd1774e3a5da40401e5c/image.png?expires=1781611200&signature=2861d37ea4379f48a8bcdf5dc5fc3b3280b244f300a8a91fa6c953d0beb4304c&req=dSMnFst4noJeWPMW3nq%2BgYBJsTA6tErCWQYcZzTpUhlXs2TSvEkveEB7KoMW%0AyhXn9m0%2FQEq5GJ3YTAZHiKKkXDU%3D%0A) 6. The parameters of an API call are the specifics of that request. Generally there will be requirements that the vendor needs in the request to provide a successful response. There are also typically optional fields that you can send over in your request. In this example we have "token" as a requirement, and "user" as an optional field we'll be adding. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1300348038/adcd8506f3979e880b92048b9cf8/z0t5SF2.png?expires=1781611200&signature=64d3344f196c58b4d0e4049dde0ce13f408b3feaa8c58ed6d64f7de633676774&req=dSMnFsp6lYFcUfMW3nq%2BgUbrts5AJMs8a5zVooAOaQVPeueRJiUrpewEkj99%0Agk%2FV6zKUv5Rgckh8RJXf1OmYqBw%3D%0A) ![](https://downloads.intercomcdn.com/i/o/am0g137l/1300348599/482b58d458cb8ca2d9e556b07436/image.png?expires=1781611200&signature=bb36e6672f3730d814bdc36bfba4724ffc4aee14ceaacd789a99ee491f90fca9&req=dSMnFsp6lYRWUPMW3nq%2Bgabn724kbx7j3g%2FHMa%2BtQtTQLZqr%2FxRoTzuMQbig%0AZYJUbXEmaNCbaGsLbxYmGAOp6Ec%3D%0A) > **Tines Tip:** Set up your basic config, then get your API key / token for testing. This makes it so you can have most of the action configured and then get the final item of the API key. If you are unable to acquire the API key for a service, now is a good time to reach out to your team to make a formal request for it. ## Building blocks - JSON 101 ## Overview [JSON](https://www.json.org/json-en.html) (**JavaScript Object Notation**) is a text format and, in relation to Tines, is used in API calls to send and receive information. Think of APIs as a way for two systems to talk to each other. As a real-life example, a restaurant waiter (**API**) takes your order (**Client**) and sends your order to the kitchen (**Server**). JSON is the format used to make this communication clear and simple. In this article, we'll look over basic JSON structures, data types, and when to use them. ## Tines references Before getting started, we recommend familiarizing yourself with the surrounding functionality this article covers: - [JSON](https://www.json.org/json-en.html) - [Tines - Language description](https://www.tines.com/docs/formulas/language/) ## Make it happen ### JSON data types #### Boolean A **boolean** represents one of two possible values: `true` or `false`, and are used to represent binary choices or logical states. Boolean values are not wrapped in quotes. Think of a boolean as the answer to a yes or no question. Example: ``` { "isAvailable": true, "isAdmin": false } ``` #### Null The **null** value represents the intentional absence of a value or unknown value. Null values are not wrapped in quotes. Example: ``` { "firstName": "Angie", "nickname": null } ``` #### Number A **number** represents numeric values, including both integers (whole numbers) and floating-point numbers (numbers with a decimal point). Number values are not wrapped in quotes. Example: ``` { "score": 89, "price": 19.99 } ``` #### String A **string** is a sequence of characters enclosed in double quotes (`"`). Strings are used to represent text-based data, such as names, messages, or any value that needs to be treated as text. Example: ``` { "company": "Tines", "mission": "To power the world’s most important workflows!" } ``` ### JSON structures #### Arrays An **array** is used to represent an ordered collection of values. Arrays are enclosed in square brackets (`[]`). Arrays can hold data in an ordered structure, making them suitable for lists and datasets of similar entities/values or when in need of an ordered collection. Array example: ``` [1, 2, 3, 4, 5] ``` Array of objects example: This structure is useful when you have a collection of similar entities (e.g., a list of people or products). ``` [ { "name": "Angie", "city": "Los Angeles" }, { "name": "Yanni", "city": "Seattle" } ] ``` #### Key-Value pairs A **key-value pair** consists of a **key** and a **value**. The **key** is always a string enclosed in double quotes (`"`), and the **value** can be any valid JSON data type: string, number, boolean, array, object, or `null`. The key and value must be separated by a colon (`:`). Multiple key-value pairs in an object are separated by commas. Single key-value pair example: ``` { "name": "Tines" } ``` Multi key-value pairs example: ``` { "name": "Tines", "isAwesome": true, "hobbies": ["building", "workflows"], "address": { "city": "Dublin", "zip": "D02" } } ``` #### Objects An **object** represents a collection of key-value pairs. It is enclosed in curly braces (`{}`), where each key is a string and is followed by its corresponding value. Objects are useful when you need unique identifiers for each element. Single object example: ``` { "name": "Tines" } ``` Multi-object example: ``` { "flower1": { "name": "Rose", "color": "Red", "type": "Perennial" }, "flower2": { "name": "Tulip", "color": "Yellow", "type": "Perennial" } } ``` Object of array example: This structure is useful when you want to group related data by categories or keys. ``` { "fruits": ["apple", "banana", "cherry"], "colors": ["red", "green", "blue"] } ``` ## Building blocks - Test actions ## Overview There are three approaches to testing actions while building your stories. This article will explore each method and highlight the scenarios where they are most effective. ## Tines references Before getting started, we recommend familiarizing yourself with the surrounding functionality this article covers: - [Tines - Change Control](https://www.tines.com/docs/stories/change-control/) - [Tines - Re-emit Events](https://www.tines.com/docs/events/#re-emit-events) ## Make it happen We'll use the following example of a "Get User Info" action's event data that kicks off a story: ``` { "user": "Jane Tino", "email": "jtino@tines.io", "usernames": [ { "value": "jtino", "is_active": true }, { "value": "jane_tino", "is_active": false } ] } ``` ### ⚙️ Option one: Test mode Ideal when needing to run a quick test, you can use Test mode with either: - Previous event data - New, dummy data created in the Test panel payload to test without the action producing results in the Events panel. This will also ensure that no subsequent actions are executed. Take a look at the event data for the "Get User Info" action above. Let's feed this into another action called "Pull User Email" that is referencing a JSON path to `get_user_info.body.email` in its payload to pull in `jtino@tines.io`. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1323481214/8eb07b8c80289027410542e31668/image.png?expires=1781611200&signature=3470dc399eb4277b4f8a891fc99ebdd356e103fad1784300c867d3ee35378ec7&req=dSMlFc12nINeXfMW3nq%2BgfJTFCoGVrikFeXI2LFw%2BI9OmzQjV89LappDt0W6%0Af5Nm5mQ9yRSeiPVG7QDOhY3zoEY%3D%0A) #### Test with previous event data If we've already run the "Get User Info" action before, we can utilize its output event data to test the "Pull User Email" action: 1. Click the action tile you want to test. 2. Click **Test** on the action menu bar. The Test pop-up window will appear. 3. Within the **Inbound Events** tab, select the event data you want to test with. 1. If you'd like to double-check beforehand, you can click **Load in editor** to see what's going to be fed into the test run. 4. Click **Test**. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1323502255/a3193c7c72134fcf643f54a96fe2/image.png?expires=1781611200&signature=12aa7395bd5dbef7d88316bea90c4ef6dd8a4f4bf8c2c6951420e270e66056be&req=dSMlFcx%2Bn4NaXPMW3nq%2BgVQ3y7y2WJrL9Ralq83ZgoVwKli4N7iGV01ZeNR%2F%0A8BE4hatthBKyAGM%2BJpS4QRC%2Fgd0%3D%0A) See the output of the tested action in the **Events** tab of the Test window: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1323491196/4ed4f64032ee45118c05238ce3ca/image.png?expires=1781611200&signature=a5b938f6ad71b49297ae93abc24824dfb6d3a25bf1cb832bfde6405a0ebe6d39&req=dSMlFc13nIBWX%2FMW3nq%2BgYf6JWpWQsuoyfOtQpnlm7rqszel40xt7liiw1s7%0AKGr%2Fp0Jergohm5c%2F6H4YUfFHw2g%3D%0A) #### Test with new dummy data If you want to test your action with value data that's different from your events, you can utilize the **Editor** tab of the Test window. How you format your test payload relies on how your action is currently configured and the upstream path it is referencing. 1. Click the action tile you want to test. 2. Click **Test** on the action menu bar. The Test pop-up window will appear. 3. Within the **Editor** tab, create the payload via **Builder** or **Plain** code. 1. Make sure that the payload structure here aligns with the JSON path you are trying to test in your action. 4. Click **Test**. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1323497114/3873bf4f6d16484da025283d4d33/image.png?expires=1781611200&signature=556ebd3bc9753b44121fd79869a413c9308f9f088fabc73da388978fb7e4550d&req=dSMlFc13moBeXfMW3nq%2BgSPApFkB%2FYBkJi%2Bk6aJE4L2tNir7oFOYzFUBMTWA%0A7MCt4eFZ%2FEYUkdAhqaBJUsEzp0I%3D%0A) See the output of the tested action in the **Events** tab of the Test window. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1323500932/33be12f8598c7b60b8087a99e7c8/image.png?expires=1781611200&signature=b0cd36279d65aa6042c8fd4eb79394acc5c20e553bc298cefb670a0587c11b5c&req=dSMlFcx%2BnYhcW%2FMW3nq%2BgdtOdmplV8epFsUEwJ3QNxT7WN5G9f%2BJXmy6HyIw%0AAWcrT4%2Bkl5q%2BpW3oXBBEAjOjNcE%3D%0A) ### ⚙️ Option two: Re-emit When you need to re-execute a specific run of your Tines Story, you can utilize the "Re-emit option. This is helpful if you want to see how certain event data flows through logic that you might have updated downstream from a previous run. This is a very common method of building and testing actions as you go. You can find the Re-emit option via: - Select an action tile → three-dot menu → **Re-emit last event** on the action menu bar. This will re-emit the most recent output event data from the action selected. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1323556869/63bcd87e383aef038fec4782ecb5/image.png?expires=1781611200&signature=6631e9fde6d5663a9e1c847bb8a20ef0a5e7991e78ca7a5d822995d463c0c014&req=dSMlFcx7m4lZUPMW3nq%2BgTqn69p8j0hC11W%2BFpRiKGNmJKNu2JX2G0tfwfyx%0AHu6Ryt%2Fh2gaGAoueigzFFCiXML0%3D%0A) - Select an action tile → **Events** on the action menu bar (or, click on the event count in the top-right) → **Re-emit**. This will re-emit the event that is currently selected. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1323553697/aca53ed361c29113e22509637187/image.png?expires=1781611200&signature=f6299b2ba2dabf9a3bba5abdd503b23aab7c4738ad708515e331403bc0a1d8bd&req=dSMlFcx7nodWXvMW3nq%2BgetzRzwvSs70M9bRbnxqk9gCVqNclejuaP2j1eZq%0AFOJqV%2FZ2zoYrnBUVhn7M8FmoqOM%3D%0A) ### ⚙️ Option three: Change control In Tines, any updates to a story are applied and made live immediately by default. This approach is ideal for simpler use cases and building the initial version of your workflow. However, for established, mission-critical workflows, greater control over changes is essential. You need the ability to experiment safely and implement complex updates all at once. This is where change control is most effective. When change control is enabled, the "Live" execution environment cannot be edited directly. Instead, all changes are made in the "Test" environment and, once finalized and verified, are deployed to Live in a change control request. To learn more about Change Control, visit our product documentation: [Change Control](https://www.tines.com/docs/stories/change-control/) > **Please Note**: Change control is not available on Community Edition tenants, nor is it included in our default licensing. If you are interested in adding change control to your tenant, please reach out to your Tines Customer Success Manager. ## Building blocks - Utilize the story library ## Overview Our [library](https://www.tines.com/library/) is a collection of prebuilt story templates aimed to help you get started with designing your automation workflows. In this article, we go over how to navigate the story library, as well as how to import these templates into your Tines tenant. ## Tines references Before getting started, we recommend familiarizing yourself with the surrounding functionality this article covers: - [Tines - Stories](https://www.tines.com/docs/stories/) ## Make it happen In this video, we do a deep-dive of working with the story library. We'll also cover these topics in the sections below. [Watch video](https://www.youtube.com/embed/LO6r8-C3hCk?rel=0) ### Navigate the story library If you're viewing the library via our website, you can search for story templates: - **By team**: Filter your search by organizational departments like **Security** or **IT** - **By use case**: Filter your search by scenarios, such as **Communication** or **Employee lifecycle management** - **By feature**: Filter your search by main Tines features, such as **Workbench** or **Cases and Records** - **Community**: Stories built by fellow Tines users! - **Directory**: Our complete listing (**Stories**), or, filter your search by your 3rd party tool's name (**Tools**) ![](https://downloads.intercomcdn.com/i/o/am0g137l/1304740673/32c5adce8650ca1ca1fec15be359/image.png?expires=1781611200&signature=d3a47e5718bd78455201650ed6a9a514922f822c7f85f11659a83427df70f0ad&req=dSMnEs56nYdYWvMW3nq%2BgTuaV9sOQDe21gQNZqY%2BsOui1hW5WvljA4joZlYY%0Af0oh5qspU8uooI2ACAtTao9rgG4%3D%0A) If you're viewing the library via the **Story library** in the editor panel of your storyboard, you can search for story templates by: - **All tags**: Our complete listing - **Levels**: Filter your search by the complexity of the build (**Beginner**, **Intermediate**, **Advanced**) - **Tools**: Filter your search by your 3rd party tool's name - **Techniques**: Common build methods to optimize your story - **Tasks**: Filter your search by single-word use cases ![](https://downloads.intercomcdn.com/i/o/am0g137l/1304818143/23ff6ad464d3195730dff57ad9c4/image.png?expires=1781611200&signature=28ed3da49c7b244a3e6b2df8e89423f8aee1b93d6829d2ff997f233c9ee33b37&req=dSMnEsF%2FlYBbWvMW3nq%2Bgbfy6TXrOK8Ecefg0u2YxSnxkkTxiTO3qNZFYOUc%0Af3wjeyrMev%2FQrnkOWLQnFp2gD5s%3D%0A) ### Import a template via the Tines website To import a story template from our website: 1. Navigate to the [library](https://www.tines.com/library/stories/). 2. Find the story you'd like to import into your Tines tenant. We'll use our [Send interactive messages in Slack](https://www.tines.com/library/stories/87643/?name=send-interactive-messages-in-slack) story as an example. 3. Under the story description on the left, click the `Import` button: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1304768631/bca1e24a0d01ede0315c5163f2e0/image.png?expires=1781611200&signature=c9b83a61f9566cbdadc1436e3da11ea99a5bcb579eb2cd4b578266fceee11436&req=dSMnEs54lYdcWPMW3nq%2BgS3t%2BGiSsQtfN1y7%2Fdp9XTexK%2FtjA2cZVUUlfeOj%0AwPK9Z0j0tUsNzM4fw7IzsKB9OPc%3D%0A) - If you have not signed up for a Tines tenant yet, you will be re-routed to our sign-up page. - If you have not signed into your Tines tenant before following these steps, you will be prompted to sign in. If you manage multiple tenants, you will be asked to select the tenant you wish to access. 4. The story template will be imported into "Your drafts"; you can then move the story to your desired team, as needed. ### Import a template via your tenant To import a story template from the library via your tenant: 1. Within your Tines tenant, navigate to your storyboard. 2. In your story editor panel on the left, click the **Story library**: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1304791482/5430a37b99e4d7b0016ee5b2ea43/image.png?expires=1781611200&signature=6f4ae3153005131b6388e00660130c66c4aa8c6c6832c54bfa5eb4b65af6a65a&req=dSMnEs53nIVXW%2FMW3nq%2BgYq7TzG1S%2FByDIsNkSu8v7Oztgl8oxE4DDxss6DF%0AhxL1LX5s2%2FJcZs3e9U9nIE0WMgA%3D%0A) 3. Find the story you'd like to import into your Tines tenant. We'll use our [Send interactive messages in Slack](https://www.tines.com/library/stories/87643/?name=send-interactive-messages-in-slack) story as an example. 4. Hover over the icon next to the story; the **Import** button will appear. 5. Click on the **Import** button: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1304801035/d71a264e055670602b539715ca24/image.png?expires=1781611200&signature=2c9b1ae05ab87a477aa195047e8ef6c26ceded6f692c89df0fa2ef8a513d0b08&req=dSMnEsF%2BnIFcXPMW3nq%2BgZquA8cOOfZ7XdngsUkv34KEckf9EGUF6qL0OLn6%0AapZuGKynZ9SU6xlyzetpe16dXT4%3D%0A) 6. The story template will be imported into "Your drafts"; you can then move the story to your desired team, as needed. ## Build your first Tines Story One of the best ways to get going with Tines is to follow our **[Tines Bootcamp](https://www.tines.com/bootcamp)**. You can either: - Follow the self-paced Bootcamp [user guide](https://www.tines.com/self-paced-bootcamp#:~:text=Overview,a%20simple%20URL%20analysis%20story.) - View the self-paced Bootcamp [video lessons](https://www.tines.com/lessons/bootcamp-lesson-01) - Attend one of our monthly instructor-led [Bootcamps](https://www.tines.com/bootcamp) Or, **[book a demo](https://www.tines.com/book-a-demo?utm_source=intercom&utm_medium=product&utm_campaign=explained)** for a 1:1 chat with the Tines team. What to expect: - Zero-pressure, technical demo of the Tines platform - Walkthrough of a relevant use case - Overview of products and plans - Insight into API and integration capabilities ## Can I customize by Tines domain? Tines URL domain customization is a paid add-on. You can view our pricing overview [here](https://explained.tines.com/en/articles/7007597-understanding-tines-pricing-plans). ## Can I recover events that have expired? No. If the period of retention has passed, the events cannot be recovered. > **To learn more about event retention, [see here](https://explained.tines.com/en/articles/7860183-how-long-does-tines-retain-event-and-log-data)** ## Can I remove the sixty-second timeout when executing a Python script in Tines? You can set the timeout for Run Script actions to a maximum of 110 seconds (up from 60 seconds) in cloud. The default is 10 and the maximum is 110. For self-hosted deployments, you can override this by setting the `RUN_SCRIPT_MAX_TIMEOUT` environment variable on the Tines application. Learn more [here](https://www.tines.com/docs/self-hosting/additional-applications/run-script-for-self-hosted/#run-script-timeout-configuration). > **👉 For more details on running Python scripts in Tines [see here](https://www.tines.com/blog/python-tines-how-to-guide).** ## Can I set up a self-hosted tenant? You can set up Tines in a self-hosted environment by contacting your Account Executive or Customer Success Manager who can help you access the right technical resources. Business and Enterprise Editions are available for self-hosting. Learn more about pricing and packaging [here](https://explained.tines.com/en/articles/9620399-understanding-tines-pricing-and-packaging). > **Note:** You can find more information about self-hosting [here](https://www.tines.com/docs/self-hosting/before-you-begin/). We also recommend sharing this document with the appropriate internal teams so they can learn more. ## Can I upload my images to Tines? No, you cannot currently upload images to Tines. URLs to images can be pasted and will load on your storyboard. Ensure that you use the full URL of the image. ## Carbon Black Authentication Guide VMware Carbon Black is a cloud-native endpoint protection solution that consolidates multiple endpoint security capabilities using one agent and console. Carbon Black helps minimize downtime by responding to incidents and returning critical CPU cycles back to the business, making it an invaluable tool for keeping the world safe from cyberattacks. Here's our guide on how to authenticate Carbon Black for use with Tines. ## First, get your Carbon Black API Key 1. Login to your [Carbon Black](https://defense.conferdeploy.net/) account. New users can sign up for a Carbon Black account. 2. From the sidebar, click "Settings" and then "API Access" 3. From the top right-hand corner of the screen, click "Add API Key" ![](https://downloads.intercomcdn.com/i/o/757178665/25546011f1b8413ce8268619/image.png?expires=1781611200&signature=90005d054826b86a278974f728e95c09b787bb70d152087ca20aa1963e2b42ce&req=cyUgF852m4daFb4V1XW4gc7rKDj%2FeroXl108xP5QRylORMaLMlnhIxhr3VyV%0ARQg4s%2BkWx2ws5%2FdgsKG7AdsTqA%3D%3D%0A) 4. Enter the required details and click "Save" 5. Copy both the "API ID" and "API Secret Key" ![](https://downloads.intercomcdn.com/i/o/759027264/f25dcd7ac7c79a8505bf7821/image.png?expires=1781611200&signature=05e1cc5f2f824ae487efe38904f1421dbc1163d41cadafc5ddef5688164d3ef6&req=cyUuFst5n4dbFb4V1XW4gT1gh4Xc2iDonLhDOJNBsvnIthIvSJu%2Fe6%2BmQ18l%0AXp7P2fw%2Fa6dkIkPslnYbERgSkg%3D%3D%0A) ## Lastly, Create a Carbon Black credential in Tines > Two credentials need to be created. One for the "Carbon Black API ID" and one for the "Carbon Black API Secret Key" 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credential" 3. Click "+ New Credential" and select "Text" 4. Input the values for the Carbon Black credential 1. **Name:** Required 2. **Description:** Optional 3. **Value:** API Key 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains 2. **Access:** What other teams can also use the API > For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines). > > You can find a selection of Carbon Black stories in the [story library](https://www.tines.com/story-library?s=carbon+black) ## Using the credential in an action The Header configuration for Carbon Black should be constructed like the below: ``` CREDENTIAL.carbon_black_api_secret_key/CREDENTIAL.carbon_black_api_id ``` An example action you can copy and paste onto your storyboard: ``` {"standardLibVersion":"28","actionRuntimeVersion":"4","agents":[{"disabled":false,"name":"Get Alerts from Carbon Black","description":null,"options":"{\"url\":\"https://defense.conferdeploy.net/appservices/v6/orgs/{ORG-KEY}/alerts/{ALERT-ID}\",\"method\":\"get\",\"content_type\":\"json\",\"payload\":{\"cb.fq.status\":\"unresolved\",\"cb.urlver\":0,\"facet\":true,\"rows\":\"10\",\"sort\":\"created_time desc\",\"start\":\"0\"},\"headers\":{\"X-Auth-Token\":\"<>/<>\"}}","position":{"x":585,"y":-930},"type":"httpRequest","timeSavedUnit":"minutes","timeSavedValue":0,"monitorAllEvents":false,"monitorFailures":false,"monitorNoEventsEmitted":null,"recordType":null,"recordWriters":[],"form":null,"cardIconName":null,"createdFromTemplateGuid":null,"createdFromTemplateVersion":null}],"links":[],"diagramNotes":[]} ``` ## Cases: a 90-day free trial To celebrate the first birthday of our [cases](https://www.tines.com/product/cases) product, we are thrilled to offer free access to some of our most valued customers for 90 days. But, *that's not all!* For a limited time, you can also try our records and dashboards features for free - they make Tines even more powerful when used alongside cases. Here’s Hannah explaining a little more about the trial: [Watch video](https://fast.wistia.net/embed/iframe/0k2alyiv7v) ### **What you need to know** - Your free trial **starts** on June 25th, 2024. - Your free trial **ends** on September 24th, 2024. - **During the trial,** you will have free access to cases, records, and dashboards. - We will send you a reminder towards the end of the trial. Below, we try to answer some questions that you might have about this trial. But if you have any more, please reach out. We are always here to help. ### **Getting started** First, explore the cases, dashboards and records sections of your Tines tenant. We have pre-populated those sections with some starter content to help get you get going. Next, check out this pre-recorded 7-minute demo of Cases: [Watch video](https://fast.wistia.net/embed/iframe/qajqk77m0h) Lastly, if you have any questions, just reach out in the messenger below. We are here to help! ### **More about cases** [Cases](https://explained.tines.com/en/articles/7971194-introduction-to-cases) offers you a collaborative space to iterate on your workflows, manage requests, or track incident response. Teams using cases today are working in a more consistent and efficient way by switching context less frequently. Through cases, they organize, take action, automate, and track what they're building in Tines. When our customers compare cases against similar tools in the market, they find that cases offer an automation-first approach to case management. This means they’re automating the work that doesn’t need human intervention and only creating cases when they need to. Here’s a short introduction video to the cases UI: [Watch video](https://fast.wistia.net/embed/iframe/z5u7ty1dze) ### **More about dashboards** [Dashboards](https://explained.tines.com/en/articles/9521649-introduction-to-dashboards) combine and display all of your cases and records data together. There are three different dashboard elements to choose from; charts, notes and lists. 1. New charts can be created from your record data or copied from existing record reports to a dashboard. 2. Lists allow you to add filtered views of your cases. 3. Notes include full markdown support allowing you to provide additional detail and context to your dashboard. Here’s a short introduction video to the dashboards UI: [Watch video](https://fast.wistia.net/embed/iframe/ty6pqs9gws) ### **More about records** You can define and structure event data across stories. [Records](https://explained.tines.com/en/articles/7971187-introduction-to-records) are captured from the storyboard. You use records to do things like: - Debug a story in a consistent way - Create a system of record - Store and report on data produced by Tines - Structure relevant story run and event data - View data visually through a chart - Reference a filtered view of data from a story using cURL to Tines - Create an “alert” to be further processed or referenced later when [creating a case](https://tines.com/docs/records-cases/cases) Here’s a short introduction video to the records UI: [Watch video](https://fast.wistia.net/embed/iframe/2c4gayd840) ### **Will there be more improvements during the trial?** Yes! We are shipping improvements all the time ([see for yourself](https://www.tines.com/whats-new/dashboard-export?category=cases)) and we’re excited for you to try the new functionality as it gets released. Please let us know what you think, we are always eager for customer feedback. ### **But, I already have a case management solution.** There are lots of ways to use Tines cases alongside another case management solution. The real power of cases is that it can function as an integrated case management tool, or in conjunction with other case management tools. We see customers using Tines cases to take action and remediate issues within Tines, *and* using it alongside other separate enterprise case management products. Here are just some of those examples from our [story library](https://www.tines.com/library/stories): 1. [Analyze and triage suspicious emails across tools and Tines cases](https://www.tines.com/library/stories/1184213/analyze-and-triage-suspicious-emails-across-tools-and-tines-cases) 2. [Create and update Tines Cases from questions in Slack](https://www.tines.com/library/stories/1191441/create-and-update-tines-cases-from-questions-in-slack) 3. [Manage Fleet compliance policies using Tines cases](https://www.tines.com/library/stories/1235728/manage-fleet-compliance-policies-using-tines-cases) ### **Can I extend the trial?** Your trial by default is set to run until September 24th, and our hope is that you will be able to validate that Cases is the right solution for you during this free trial period. But if you would like an extension, just reach out to your Tines representative for more information. ### **Can I opt my tenant out?** Yes. Speak to your customer success manager or reach out in-app using the intercom messenger. ### **Where can I learn more?** If you’re looking to do more with cases, we recommend taking the cases course on [Tines university.](https://www.tines.com/university/tines-basics/cases) ### **What you need to know about the end of the trial** - You will still have access to any of the cases, records and dashboards you created during the trial. However any records and cases incorporated into stories will no longer work after the trial period ends. - You will not be able to create any new cases, dashboards or records. > **Still got questions?** > > Get in touch. We're here to help. ## Censys Authentication Guide Censys is a platform that helps information security practitioners discover, monitor, and analyze devices that are accessible from the Internet. Enterprises use Censys to understand their network attack surfaces. CERTs and security researchers use it to discover new threats and assess their global impact. Censys was founded by computer scientists at the University of Michigan, and the data collected has been used in hundreds of scientific papers by researchers worldwide. ### First, get a Censys API key 1. Login to your Censys account at [https://censys.io/login](https://censys.io/login) 2. Click on the user menu and select "My Account" ​ ![](https://downloads.intercomcdn.com/i/o/850586719/3c8d34b03a8563bfb8507de9/image.png?expires=1781611200&signature=0215597e6bde7ba770fc75c98647d1bb50721931f8e152d256c7737cee613188&req=fCUnE8F4moBWFb4V1XW4ga3NRnSoTuc%2BdoXjkDZ0EPuvXfz%2F8z5mtV2Z7Uim%0AQpCJjs9EocbaGPyzBYPE5%2Bhkig%3D%3D%0A) ​ 3. Click on the API tab and copy your "API ID" and "Secret" to a text editor ​ ![](https://downloads.intercomcdn.com/i/o/850587422/57611609b9fdec3cbb64abc4/image.png?expires=1781611200&signature=dfca9ba433ab2bbed13bd4c524c5a273d2304647cf55c9ec0a577ecbe55cda47&req=fCUnE8F5mYNdFb4V1XW4ge%2FhaNdCRfI0sWRkKesVOxsvlhL%2BzOF7bf0QicfV%0Ab7owBYjGJ%2BTl1Yj0fcVLySz9eg%3D%3D%0A) ### Lastly, create a Censys resource and credential in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Resource" 3. Click "+ New Resource" 4. Input the values for the Censys resource - **Name:** Censys API ID - **Description:** Optional - **Builder:** Your API ID 5. **Optional** - **Access:** What other teams can also use the resource 6. Click "Save resource" 7. Navigate to the team that will be using the API and click "Credential" 8. Click "+ New Credential" and select "Text" 9. Input the values for the Censys credential 1. **Name:** Censys 2. **Description:** Optional 3. **Value:** Your Secret 10. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API 11. Click "Save" > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Censys stories in the [story library](https://www.tines.com/library?s=censys&view=all)** ### Using the credential in an action Here is an example Censys action you can copy and paste onto your storyboard in Tines: ``` {"standardLibVersion":"36","actionRuntimeVersion":"4","agents":[{"disabled":false,"name":"Search for IP in Censys","description":"Returns host information for the specified IP address","options":"{\"url\":\"https://search.censys.io/api/v2/hosts/<>\",\"method\":\"get\",\"content_type\":\"json\",\"basic_auth\":[\"<>\",\"<>\"]}","position":{"x":1080,"y":4440},"type":"httpRequest","timeSavedUnit":"minutes","timeSavedValue":0,"monitorAllEvents":false,"monitorFailures":false,"monitorNoEventsEmitted":null,"recordType":null,"recordWriters":[],"form":null,"cardIconName":"httpRequest","createdFromTemplateGuid":"37a200c25896125243268646d02f8dab9ed013982d19e734fbd96cfced31d9e9","createdFromTemplateVersion":1,"originStoryIdentifier":"cloud:aa47f8215c6f30a0dcdb2a36a9f4168e:d4c15df0f02ba4789095426607003199"}],"links":[],"diagramNotes":[]} ``` ## Change control and story versioning By default, whenever you update a story in Tines, your changes are applied and live instantly. This works great for simpler use cases, and especially for building out v1 of your workflow. For up-and-running, mission-critical workflows, however, it's important to have greater oversight of changes. You need to be able to safely experiment with ideas for improvements, and apply a complicated change-set in either one complete update or multiple at a time. That’s where [change control](https://www.tines.com/docs/stories/change-control/) comes in. ## Enabling change control For any story, enable change control with the toggle in the upper right corner. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2226964847/70a85265fa725a8c9c506a1f115d/change+control+on.gif?expires=1781611200&signature=0d8f3d9bf3740d7514a6503f6c2c52c0759ba5fdd4dca13d0bd9119055f4e357&req=diIlEMB4mYlbXvMW3nq%2BgZbvLSYYHOuGxR%2Fy0OWfrR8bs8BetWjdgUtr6CC2%0AmItq%2BaGfXgmDMFOm9mCoNtpWsUs%3D%0A) Tenant owners have the choice to enable change control by default for all stories in a team or tenant, while only team admins or those with [custom change control permissions](https://www.tines.com/docs/admin/user-administration/custom-roles/) can enable change control within a story. Once, enabled, you’ll now have two working spaces and executional environments for your story – **Test** and **Live**. Users can create drafts where they can freely make changes and test those changes within their draft without impacting the live, running story. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2226967521/7716d3eae08b1a97f75ee6f4a663/Create+draft.gif?expires=1781611200&signature=638311c6ff8f008b4c20b5cf4d4db89c77c559b5e4279285f8df3a339ed7cfb3&req=diIlEMB4moRdWPMW3nq%2BgXsXYC9%2Bafzf6Nrrhay3%2Byov04%2Bf25mGSdWgEZE0%0Ao7wfERK4uHLAshQ2WSLiVx59rP4%3D%0A) Multiple builders can collaborate on a draft, while at the same time, multiple drafts can be created in one story. Multiple drafts are helpful in a few ways: - Team members can work in parallel, testing different approaches to solve the same problem - Small changes can be pushed live while working on larger modifications to a story ### Testing changes > NOTE: With change control enabled, it's not possible to directly edit the Live environment. Instead, you make your changes in Test, and – once you’re ready and it’s safe to do so – push them en masse to Live. You can build inside a draft as you normally would in Tines. When testing different ideas, it may be more helpful to send external data to a test version of your webhook, page, or email action by using the unique URL in the draft story. You can also use live events in draft mode. ### Using different resources and credentials in the Test environment Depending on your workflow development style, you may want to target independent test versions of some or all external services. This can be achieved by using our `META.story.is_test` variable, and an `IF` function inside your action configuration. For example, to target your development Jira instance in Test, and your production instance in Live, you could use an expression like: `IF(META.story.is_test, CREDENTIAL.jira_test, CREDENTIAL.jira)` ### View changes When you are finished with updating your draft and you are ready to set your changes live, click the View changes button. The view changes modal will pop up for you to review and compare your edits to the live version. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2226977261/737f0b647bd08c51b79ee7b079fd/view+changes.gif?expires=1781611200&signature=92c9deccc9dff9435ab786c8a3ee38b9179efa14cf4ac1124681a4d164a40101&req=diIlEMB5moNZWPMW3nq%2BgXcQMEhyuSgRTb5ckFBPz3CQ5f8VNpPaAIJAW9%2B5%0Ao1v2XFXvPjiUpDLD4ehwwoQjci8%3D%0A) This modal can be detached and opened in a separate window to help you review complex changes in a wider screen. ### Approving and pushing changes live All changes must be reviewed and approved before being pushed to Live. Once you’re satisfied that your test changes are complete and validated, you can **Request a review**. (Alternatively, you can reset to the live version if your changes aren’t working out.) Once a review is requested, a notification is sent within the Tines UI and to the change control webhook, if configured. Change requests can be approved by an Editor, Team Admin, or a user with [custom permissions](https://www.tines.com/docs/admin/user-administration/custom-roles/). ![](https://downloads.intercomcdn.com/i/o/am0g137l/2226979662/553358bf10ca740b4585cccd97b6/push+changes.gif?expires=1781611200&signature=0229f3fe4ed594a489b5d6d07859a1215668b8e448ad34c6fae03330b7e07eb5&req=diIlEMB5lIdZW%2FMW3nq%2BgeRALQsc0VgwoymW66wt7FNrDUNCKd7FknNVgMWE%0AlGiDKnHx%2FM%2BjvRgNblD4AirUGmI%3D%0A) After pushing, your changes will be applied together in a single update. Any in-flight story runs will immediately switch over to the new logic, consistent with how edits to non-change-controlled stories are applied. For stories with multiple drafts, those drafts will be marked as out of date and synced with the latest live version. Though not as common, should there be any merge conflicts a modal will pop up to help you resolve those conflicts. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2226984360/f0a1f72d5c2d3c840a33089e13b7/eb356e9a-be17-4d3a-814d-5d786a5a1412?expires=1781611200&signature=04ee1486f6cabc2c198b359e3f4396e4d8ca70f1d47d4e592455e0fe86cc2b35&req=diIlEMB2mYJZWfMW3nq%2BgQDrBhRTIgb1opBdH3%2B6bIVQfpGpdNLPwiIXgL56%0AmoBfKD9IUXsEbEXVlQKkuCQA0RY%3D%0A) ## View live events while in the test environment You can include live and test data in your test environment when change control is enabled. The "Live events" button now allows you to turn on Live events in the Events viewer. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2302951644/9080e1d0e3dacd756f8896e910f9/live+events.gif?expires=1781611200&signature=260d012b1e86d77339ac481926dbc0b1e01e7307db6c9c5507df0583a449a27e&req=diMnFMB7nIdbXfMW3nq%2BgejW7bGRbHMNautB18bU5xEbvgxIsbIgx8pXn2%2BN%0A4CS1SSuOa9iO0S7Rd5HehNhnmk4%3D%0A) > For more information about combined events, click [here](https://www.tines.com/whats-new/combined-events-for-live-and-test-environments). ## Tips and tricks for change control Enabling change control for your critical stories can be extremely helpful, especially when you can use it to its full potential. We've pulled together some tips on making the most of reviewing and collaborating on changes for your workflows. | Feature | Description | | --- | --- | | Set-Up | Have a standard agreement on what makes a workflow mission-critical and worthy of change control. Tenant owners should define tenant-wide change control settings based on their judgment and processes. - For teams running sensitive or high-risk processes, [enable change control by default](https://www.tines.com/whats-new/enable-change-control-on-story-creation-per-team/) for all new stories created in that team - Require the change requester to be a separate user from the change approver - Tenant owners can also [require each change request to have a name and description](https://www.tines.com/whats-new/require-name-and-description-for-change-requests/) for all changes. Set up [change control webhooks](https://www.tines.com/docs/stories/change-control/#change-control-notifications) to receive all change control notifications for your team. - Customize notifications to align with your team's processes, whether that's notifying certain people in Slack or Teams, and/or storing change control activity in a longer-term data storage product. | | Building | For drafts with more complex edits, duplicate your draft and push the smaller changes live to keep a story moving along | | Testing | Use multiple drafts to make collaboration easier and let various users test out their own ideas | | Review | Make sure the changes you are making align with the purpose of your workflow for a more efficient review process. - Make descriptions and change names a requirement to properly document changes and maintain a standard across story building - Reviewers should understand the purpose of your workflow - descriptions will help with this! - Allow more builders to help with the review process with [custom permissions ​ ​](https://www.tines.com/docs/admin/user-administration/custom-roles/) - To prevent any single user from both requesting and approving their own changes, activate approval requirements for all updates. ​ ​ - Push approved changes promptly to maintain version control | To learn more about change control, read the docs [here](https://www.tines.com/docs/stories/change-control/). ## Using story versioning > Please note: Story versioning is available on Tines [paid plans](https://explained.tines.com/en/articles/7007597-understanding-tines-pricing-plans) only. You can access version history by clicking the dropdown menu next to the story name. You can rename, delete, clone, or export stories here. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2226988445/f28916bb750b190206a6fe03d949/version+history.gif?expires=1781611200&signature=71f307b3c0d9477b04717082b3a87074ea1e4ff22c5e4cf24c4c96390c0a3bec&req=diIlEMB2lYVbXPMW3nq%2BgcIkdgYrkM%2BvJNczYhJk36oVftf5dVgLc9FYIdxs%0AzYBT8mxM2z73nq4mm2m%2B565phPw%3D%0A) ### Preview To preview a previous version of a story, select from the versions available and select the preview option. Preview allows for a review of the overall story and inspection of specific changes. This can be helpful if you wish to review or recreate a specific action's configuration after you make a change. ### Revert to a previous version of a story To access previous versions of your story, click on the three dots on the top right of your story and select **Versions**. You can then select a previous version of a story. From here, you can view the changes made from the previous version and decide whether to restore them or not. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2226990170/81df9d9dbc3da6ff189effd119b6/restore+changes.gif?expires=1781611200&signature=49ffe13fbad3f8c33571fe1a8c8fde2fb40a07f288d02230885148a28187f8e0&req=diIlEMB3nYBYWfMW3nq%2BgWv%2BRVmXdM9wXbEF1cBBSBxvTcQQ4QEtV1Soe0Wc%0AnWaw0sq3nW0Tc%2BU1boFeyBYQGAU%3D%0A) ### How long are story versions retained? [Story versions](https://www.tines.com/docs/stories/story-versioning/) are retained indefinitely unless the story is deleted from the tenant. > To learn more about story versioning, [see here](https://www.tines.com/docs/stories/story-versioning). ## Checking self-hosted tenant details To check your version of self-hosted Tines, use https://yourtenanturl/version ### How can I check my Tines self-hosted tenant's health? You can use the following to check the health of your tenant. This applies to both self-hosted and cloud Tines: [https://yourtenant.tines.com/health](https://yourtenant.tines.com/health) For self-hosted tenants, you can also check what data is being shared with Tines hourly by using the following: [https://yourtenant.tines.com/admin/telemetry](https://yourtenant.tines.com/admin/telemetry) ### How do I update my license key on my Tines self-hosted install? > **Note:** Only a tenant [owner](https://explained.tines.com/en/articles/6885158-user-administration-in-tines) can set the license on your tenant. 1. Visit [https://your-tenant-url/admin/license](https://your-tenant-url/admin/license) ![](https://downloads.intercomcdn.com/i/o/744379861/86025d516fc22e112e9ed6d4/10d75402-aa5e-473e-b546-2cd6564f8444?expires=1781611200&signature=a8db663a6d1399773f991616839119e4c1b527936723585d7258200441c2e362&req=cyQjFc53lYdeFb4V1XW4gXs5OXI4DnzvXHZ5A7cRBYKhB5veTjvNkaS46rvB%0Aq6e7iGQWmsJgrsNi2tXKLn33Ug%3D%3D%0A) 2. Paste in your license key provided by TInes and click “Validate License” ![](https://downloads.intercomcdn.com/i/o/am0g137l/1810274237/993f8413fd33cade7639b138d2bf/96152aaf-1860-48aa-9cce-56ed6c259708?expires=1781611200&signature=5c5ffc0cc9c1baabf725909f2309675466c1426fb75ee02ce73e744ab943e766&req=dSgmFst5mYNcXvMW3nq%2BgTD3eFnMCbcdAmf71CYAW%2BiOx%2BGmrt%2FUrofTz4jJ%0AiBIN5IpDOFFHzQ1GPP%2BaOsen9LU%3D%0A) 3\. Ensure that all details on the validation page are correct. Correct values match the features and limits you purchased. Please ensure that the license is being applied to the right Tines environment. ​ 4\. Click “Save New License” to save the license and apply your tenant features. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1810274235/cde741e6d7ab0dc7875fbe3e402b/16b23677-34dc-4b93-9806-b074b56d198e?expires=1781611200&signature=c7eba8675a2cf9ddf63be8ff43c30971a67548b29357871885db811fa44155ba&req=dSgmFst5mYNcXPMW3nq%2Bgc3263XLre48uofsdFlazeSJs5WkebRrDgbCySed%0A4x0dBWcvntLAZ9JEj9oJURp9IjQ%3D%0A) ## Choosing the right function: Best practice guide When building stories in Tines, selecting the correct function to transform your event data is crucial for efficiency. Just like how spreadsheet formulas help you manipulate data in cells, Tines functions help you transform, combine, and manipulate data as it flows through your workflows. This guide will show you the different methods for choosing the right function to use. Need a refresher on functions? Read [this article](https://explained.tines.com/en/articles/9009911-functions-in-tines-explained) on functions in Tines or check out the University course [here](https://www.tines.com/university/builder-core/introduction-to-functions/). ## Tactical planning for data transformation Before getting started, it is helpful to plan your data transformation logic. - Define your goal in plain language: Determine exactly what you want the data to look like at each step. - Translate to plain language: Write down the action you want to take, for example: "I want to remove any data that comes in that is inactive," or "I need to change the timestamp format to this specific format". This initial planning process will help you clarify your requirements before you engage with the documentation, community or our AI tools, ensuring you find the most suitable function. Here are our recommended approaches for identifying which Tines function to use. ## AI-powered assistance Leveraging Tines' AI tools is the most efficient way to find the correct function, and some options are AI credit-free. If you need help learning any of our AI features, check out our [Builder: AI](https://www.tines.com/university/builder-ai/) learning path in University. > In all of these examples, we will be prompting AI to “remove any objects from the array that have a status of inactive”. Here is the data we’re transforming: ``` [ { "id": "1", "status": "inactive" }, { "id": "2", "status": "active" }, { "id": "3", "status": "active" } ] ``` ### Auto generate Available within a formula pill, [auto generate](https://www.tines.com/university/builder-ai/auto-generate-formulas/) allows you to use plain language prompts to create functions. Auto generate automatically places the formula into your action. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2200589872/ef6e8fc952e703debe6d9965c9af/pill+function.gif?expires=1781611200&signature=7fbae686d544b70a362d928a881139efd8e6b25c010e4c8eeb1450a30659bd86&req=diInFsx2lIlYW%2FMW3nq%2BgYPVJtCoyM4LG1plvNqAi1BuJLocQbObFnYSv4JB%0AqCGawiNspuGvhAHzQTXW2xxhsLQ%3D%0A) ### Automatic mode [Automatic mode](https://www.tines.com/docs/actions/types/event-transformation/automatic/) is one of the modes available within the event transform action.. It allows you to use plain language to build the action for you. Automatic mode allows you to see the output before saving. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2200589342/0e225a8efecd5c8cbc06aadc3275/automatic%2Bmode%2Bformula.gif?expires=1781611200&signature=53c6b814877d55b76a84e2aa35b03b5e7cce14198485d4574c928c795a81e3bd&req=diInFsx2lIJbW%2FMW3nq%2BgcBmhdB2qpzqYIsXwW0nNAqHtL2xE2x0kiahRBZK%0A4eBJAV2GxWphL%2F63ohXHBlig6yo%3D%0A) > Note: If the initial result isn't perfect from either auto generate or automatic mode, don't be discouraged; you may need to make minor adjustments to your prompt to get the desired result. ### Workbench for Storyboard Workbench for Storyboard (formerly Story copilot) is an AI tool that can suggest methods for function generation. There are two modes you can use here: Ask and build mode. Read more about Workbench for Storyboard [here](https://explained.tines.com/en/articles/13572150-introduction-to-story-copilot). > Note: Workbench for Storyboard can see your story build, but it cannot see the event data flowing through your workflow. In our example below, we use Workbench for Storyboard in build mode so it is able to implement the changes in our story for us. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2200592021/ef9cd66a874166b993c4078a9ba3/story+copilot+function.gif?expires=1781611200&signature=d4a038dfa896b4cc4f05a9a15aac9db9ddf9bf0670c17912c9d1905aca21e134&req=diInFsx3n4FdWPMW3nq%2BgZovGQ4%2B7LrfZSTavzNKMzzzz62UR5OX4KD6Q7BO%0AdOzK2FB64VTYranKlz%2FQgoJL4JI%3D%0A) ### Workbench Workbench is a Tines-powered AI chat interface that allows you to take action and interact with your data in real-time. Read more about Workbench [here](https://explained.tines.com/en/articles/9822635-introduction-to-workbench). > Note: Workbench doesn't have contextual knowledge of the story/action they're working with. Tips for using Workbench to choose the right function: - Provide your ask in plain language. - Provide an example of the incoming event data structure. - Provide an example of the desired result. ## Manual or community resources If AI assistance is not an option, or if you are looking to learn more about the functions, you can use manual and community resources: ### In-app chatbot You can use the in-app chatbot, Fin, to receive guidance on the correct Tines function. For example, you could ask Fin “I have an array of objects where I need to remove any objects that have a status key of inactive. What Tines function should I use?” Fin could then suggest functions like [`REJECT`](https://www.tines.com/docs/formulas/functions/reject/) or [`FILTER`](https://www.tines.com/docs/formulas/functions/filter/) when you need to process an array of objects. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2200594889/2bdb532207075e148b1b3739f078/Open+Fin.gif?expires=1781611200&signature=3fb689fa866024dcf354a367e460de7c6352eacab330a729c0cc312581472df6&req=diInFsx3mYlXUPMW3nq%2BgYUI55BwTgeMBn55U1asGarutc7ipKt47mRWeSgb%0Am7qRcACNS2uI9oWO5quAx7nLTaI%3D%0A) #### Best practice for Fin Since Fin doesn't know your specific data, you should provide specific input, such as a plain language description of the action you want to perform or the expected output, to help it provide the best response. ### Function documentation The function documentation lists all available functions and provides a summary of what each does. You can find the list of all functions available in Tines [here](https://www.tines.com/docs/formulas/functions/). Clicking into any of the functions gives you a description, syntax, and usage examples. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2200595755/df0e8edb744acab14cf9c5563022/c57d5a68-c85f-4082-b8ee-c58a474d07ce?expires=1781611200&signature=9d5a1136dfd50ff38e702cb76f58a2462464f9a912bc180f8877ae4a93a3c817&req=diInFsx3mIZaXPMW3nq%2BgVaNO6TGf79r9a9g%2Bg1JP%2FYQxWUF2Wy%2ByA0Y2nsu%0AYX2NeU0uu47sVvFLe9ObbeMWlak%3D%0A) ### Community Slack You can ask for help from the Tines community in the Tines Community Slack channel. To register for the Tines Community Slack, follow the instructions in [this form](https://hq.tines.io/pages/6f8b122ccba3cb7e8e0d3531d1b70eb2/). ## CircleCI Authentication Guide CircleCI is the continuous integration & delivery platform that helps the development teams to release code rapidly and automate to build, test, and deploy. CircleCI can be configured to run very complex pipelines efficiently with caching, docker layer caching, resource classes, and many more. After repositories on GitHub or Bitbucket are authorized and added as a project to [circleci.com](http://circleci.com/), every code triggers CircleCI runs jobs. CircleCI also sends an email notification of success or failure after the tests are complete. ## First, get a CircleCI API token 1. Login to your CircleCI account 2. Click on the user menu and then click "User Settings" ​ ​ ![](https://downloads.intercomcdn.com/i/o/948713217/19089121e58b17d6aff4412a/image.png?expires=1781611200&signature=1b48400f2fab84e054abbe5d687685e2a1418912baeb26d6167a6775a4ba4d7a&req=fSQvEch9n4BYFb4V1XW4gWL%2BG%2BldUtOch2KStCiYRfM1s2xJRLC5TPoqn0AF%0ArAoYAFf2tHyRdacjWvqUOJaIhw%3D%3D%0A) ​ 3. Click "Personal API Tokens" and then click "Create New Token" 4. Name the token and click "Add API Token" ​ ​ ![](https://downloads.intercomcdn.com/i/o/948714091/5d2d2709625b83946ac0a4a7/image.png?expires=1781611200&signature=466e95a289cb226a8fb4edd74ac2787588a51369918b9ff2cca3eb1e6ff1f503&req=fSQvEch6nYheFb4V1XW4gSFQQ5giH5v4MfanYhBnREWRVbsnkIzSGdtG3g68%0APCPEV0MX8S61noP33%2FefWuW18A%3D%3D%0A) ​ 5. Copy your API token to a text editor. ## Lastly, create a CircleCI credential in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Text" 4. Input the values for the CircleCI credential 1. **Name:** CircleCI 2. **Description:** Optional 3. **Value:** Your API token 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API 6. Click "Save" > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of CircleCI** **stories in the [story library](https://www.tines.com/library?s=circleci&view=all)** ## Cisco Umbrella Authentication Guide **Cisco** **Umbrella** is cloud-delivered enterprise network security that provides users with a first line of defense against cybersecurity threats. Here's our guide for authenticating Cusco Umbrella for use with Tines: ## First, get your Cisco Umbrella API Key 1. Login to your [Cisco Umbrella](https://login.umbrella.com/) account. New users can "Sign-up" for a Cisco Umbrella account if they do not already have one. 2. From the sidebar, click "Admin" and then "API Keys" ​ ![](https://downloads.intercomcdn.com/i/o/757236572/0ccef2428b0a6bba98b7acf4/image.png?expires=1781611200&signature=5ed2eccb910167031674e7407078e0cfddc3058688d396b5c57ba4b2be715d3f&req=cyUgFMp4mIZdFb4V1XW4gYzrhc%2FQXH04eH1Y3skoZT8Say7M%2FqiCEKdWyVhU%0AyXqhc%2FDCMjdfiybVLnN7UQ8Aog%3D%3D%0A) 3. From the top right-hand corner, click "Add" ​ ![](https://downloads.intercomcdn.com/i/o/757237065/f6790ae94793834f1c0d3c37/image.png?expires=1781611200&signature=11fcff5568ce18dcd2cd6bd9e551488dde05802d99ef58a6bda1339264ef4d2a&req=cyUgFMp5nYdaFb4V1XW4gcT8GaybUpOjWov%2FUaXSV0RMKPD2ydFFCttcT7gn%0AmxzDmmJ%2FuSOHcVG7wfNHMX5mSQ%3D%3D%0A) 4. Fill in the required fields, click "Create Key" and then copy the API key and the Key Secret ## Then, create a Cisco Umbrella credential in Tines **Cisco Umbrella connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Cisco Umbrella" and follow the prompts to connect. **Manual credential creation** This method is not recommended as the Cisco Umbrella connect flow creates this credential with much less complexity. However, if you need to create this credential set manually, see the following steps below: 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click **Credential** 3. Click **\+ New Credential** and select **HTTP Request** 4. Input the values for the Cisco Umbrella credential 1. **Name:** Required 2. **Description:** Optional 5. Scroll down and select **`Edit as JSON`** and copy the below payload in: ``` { "url": "https://api.umbrella.com/auth/v2/token", "content_type": "application/x-www-form-urlencoded", "method": "post", "payload": { "grant_type": "client_credentials" }, "basic_auth": [ "YOUR API KEY", "=secret" ] } ``` 6. Select **Done** 7. Scroll down to the section titled "Basic Auth" and replace "YOUR API KEY" with your API key. 8. Scroll down past the "Basic Auth" section to the section titled "Secret" and paste in your API key secret. You'll note the "Basic Auth" section references this field, but you will paste in the secret in the "Secret" section to keep the key hidden. ![](https://downloads.intercomcdn.com/i/o/1011024784/bca819a6d2bbe0b2d7542ade/http-req-secret.png?expires=1781611200&signature=33efdab7a4ccaa154b075dc0ea14562bbd01843f2eb4a89ff816307fdc695a0a&req=dSAmF8l8mYZXXfMW3nq%2BgUFKe3Y%2BlCYXAxMWGtPT7V7SbjTARVBqqSlRh76R%0A3n%2FpR%2Bi78m3Jyl8hYhA3Dl9QkwM%3D%0A) 9. In the `Domains` field, enter `api.umbrella.com` to restrict this credential to only being used in requests to that domain. 10. You're not done yet! Select **Save** for the Credential to save and re-open. 11. Scroll down and select **Run request**. This will run the HTTP request and show the results in JSON. If you successfully configured your HTTP request credential correctly, you will see a 200 status returned. 12. Copy the path to the access token by selecting the copy icon next to the key (see picture below) in the successfully run request and paste the value in the section `Location of token from response`. This will be referenced each time an action is run in your workflows that calls this credential. ![](https://downloads.intercomcdn.com/i/o/1011030111/eeb6b2d997f6e20738e89ee7/copy-access-token-path.png?expires=1781611200&signature=c3c26430c01e9e43f2bf047e3e9e17a473ac4758644143da33b931aed9316c88&req=dSAmF8l9nYBeWPMW3nq%2BgXpIFnOea%2B2tN7iZJKCqKGNeh8DaDvJvxOI2BXC0%0ANRSnvZvkrrSf%2FsIXo6Ef6zHs094%3D%0A) 13. **TTL**: Set to 3500 14. Select **Save** 15. **Optional** 1. **Access:** What other teams can also use the credential > Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/cisco-umbrella). > > For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines). > > You can find a selection of Cisco Umbrella stories in the [story library](https://www.tines.com/story-library?s=cisco+umbrella) ## Claroty xDome Authentication Guide Claroty empowers organizations to secure cyber-physical systems across industrial (OT), healthcare (IoMT), and enterprise (IoT) environments: the Extended Internet of Things (XIoT). The company’s unified platform integrates with customers’ existing infrastructure to provide a full range of controls for visibility, risk and vulnerability management, threat detection, and secure remote access. ## First, get a Claroty API key 1. Login to your Claroty account 2. Click "Settings" and then "Admin Settings" ​ ​ ![](https://downloads.intercomcdn.com/i/o/866621717/77bc16d884e0830b7fdcf691/image.png?expires=1781611200&signature=5a1bf22eae52c994a6d849e8e93791f6b20b72acb5cacd51d069c2406e5c5ca6&req=fCYhEMt%2FmoBYFb4V1XW4gTGOmMUOYtYRudCbAAghW8O9Liy3D5xpmHF4G7nN%0A4vnVkNk0E2P8GRemSGY%2FQmnL9A%3D%3D%0A) ​ 3. Click "Add User" ​ ​ ![](https://downloads.intercomcdn.com/i/o/866629764/fd4912c11b02725e57debeac/image.png?expires=1781611200&signature=eb93016f5c1fb6635497e0ee387422cbcf00483b16bb7b243154189ad4126359&req=fCYhEMt3modbFb4V1XW4gUCjDR3b39nDhRD7eFYd%2FHi93j9mEgo4g4GqyY%2FH%0ASCS4JyCyqAy%2F4hZ%2FwmcR0OGp%2Fw%3D%3D%0A) ​ 4. Choose "API User", name the user, choose the appropriate site permissions and role, and click "Create User" ​ ![](https://downloads.intercomcdn.com/i/o/866630309/aa1b1c6c4f2c2c7bfa8d56f7/image.png?expires=1781611200&signature=02eef96034cc89200b0c6a24a5266cd0611b8775f4fda7a307125439abd5cafd&req=fCYhEMp%2BnoFWFb4V1XW4gdqZgtpT348gR1%2FQYVtXXaEcrGzHNlci%2BUOmb5Mi%0AePfxsMEqEK8MUGNdBFXPZ4oYPg%3D%3D%0A) ​ 5. Click "Generate Token" ​ ​ ![](https://downloads.intercomcdn.com/i/o/866632618/237b86d6d989d6a2b3195204/image.png?expires=1781611200&signature=efefc699faede12b832c406479005b89f6a7b3c4871f690613c597c1d9d325d5&req=fCYhEMp8m4BXFb4V1XW4gY1HLrOeZTz9Qrlhl9KTzfNZpkbVkxpbkzimheCi%0AtKwveYlM5fyfJilA2L7UZEF6og%3D%3D%0A) ​ 6. Choose the token expiration, click "Generate", copy the API token and click "Finish" ​ ​ ![](https://downloads.intercomcdn.com/i/o/866634950/dfb6e253df86ad7929765820/image.png?expires=1781611200&signature=2cd91572d0fc93c2fce1c89bfcf5ebc6bbb12801388a82d85b815e157585dbd2&req=fCYhEMp6lIRfFb4V1XW4gTz6YyIdTofL8TV8%2FqxUMyWwr20Zi7A0f1%2BdYJi9%0A3oq81CX4qYBL3epJkCHtOW04CQ%3D%3D%0A) ## Lastly, create a Claroty credential in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Text" 4. Input the values for the Claroty credential 1. **Name:** Claroty 2. **Description:** Optional 3. **Value:** Your API token 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API 6. Click "Save" > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Claroty** **stories in the [story library](https://www.tines.com/library?s=claroty&view=all)** ## Coming soon: new storyboard toolbar Here is a first look at the brand-new, fully customizable toolbar coming to the Tines storyboard. ## What’s evolving? The 8-action toolbar has served us well for years, but Tines has grown. To make room for more power and less clutter, we’re introducing: - **Full customization**: You’ll be able to drag and drop your most-used actions and public templates directly into the toolbar, allowing you to start building faster. - **Better discoverability**: We’re organizing all building elements into a single toolbar with more intuitive groupings, making it easier to find what you need. > **Note**: The way actions work is not changing, and your stories won’t be impacted by this update. ## When will this happen? You don’t need to do anything yet! We’ll be rolling this out to all tenants on April 28th. We’re sharing this now so you can be aware of the plans before the big day. ## How will it look? Below is a sneak peak at the new design. In the video, you will see: - A view of the old vs new toolbar - The new quick search option - Dragging and dropping actions - Searching templates - Saving and removing templates and actions in the toolbar [Watch video](https://fast.wistia.net/embed/iframe/iksknpi0fe) ## Why the change? As we add more functionality to the storyboard (and more ways to build), we want to ensure you are aware of these new releases and able to easily find them. This update is all about discoverability and speed. ## Comparing AI in Tines This document provides clarity on the distinct and powerful value propositions for each AI capability within Tines. For example: Why use Workbench when you have Chat Agents? When should you use Workbench or Workbench for Storyboard? ## Workbench A Tines-powered AI chat interface where you can take action and access proprietary information in real-time, privately and securely. Workbench is like your ChatGPT or Gemini scoped to the available data and workflows in Tines. ### Use cases - Looking up and editing data in a system (i.e. Salesforce) - Work on an incident or ticket request for your team - Analyze & Block IPs, domains, URLs - Generalized AI help such as content creation, formatting, suggesting next steps Read our introduction to Workbench [here](https://explained.tines.com/en/articles/9822635-introduction-to-workbench). ## AI Agent action One of the eight actions in Tines. It operates within the context of a story or flow that interacts with LLMs and the data associated within that specific flow. This includes task and chat mode (human-in-the-loop). ### Use cases - A chat for ticket management and inbound requests to route to the correct story - An agent that triages incidents then routes them to the right story - Summarizing data into the right case format - Suggesting next steps or recommended actions for a case - Executing next steps or actions based on the story and prompt permissions Read our introduction to AI Agents [here](https://explained.tines.com/en/articles/11571096-introduction-to-ai-agents). ### When to use AI Agent chat or task mode AI Agent chat is applicable when you want to create a chat experience to initiate the agent. They are great for situations that benefit from a back-and-forth conversation. AI Agent task gives the agent autonomy to move based on the defined input. They are for more straightforward actions that don’t need user input. ## Workbench for Storyboard (formerly Story copilot) An AI-chat interface in the storyboard to help you build, manage, or optimize the flows on that storyboard. ### Use cases - Getting a story outline on the storyboard - Configuring action descriptions - Debugging a Story - Configuring new action templates or tools - Updating credentials Read our introduction to Workbench for Storyboard [here](https://explained.tines.com/en/articles/13572150-introduction-to-story-copilot). ## Comparisons ### Workbench vs. AI Agent chat Workbench can be used by people with access to the Tines tenant. It’s not scoped to a specific flow or storyboard. Users of Workbench need to be a member of your Tines’ tenant. Agent chat is limited in scope and has a defined set of permissions. However, people outside of your tenant can engage in an agent chat. A simple way to view it: - *Workbench helps you in the work going through tasks.* - *Agent chat is specific to a task and scope of work.* ### Workbench vs. Workbench for Storyboard Workbench is best used for tasks other than story building because it lacks the innate context of your specific story. Workbench for Storyboard is an AI-powered chat interface to build, understand, and optimize flows. A simple way to view it: - *Workbench helps you do your non story building work.* - Workbench for Storyboard *helps you build, which includes optimizing, managing, and understanding.* ### Workbench for Storyboard vs AI Agents Workbench for Storyboard is an AI chat interface in the storyboard to help you build, manage, or optimize flows. AI Agents are an individual action within a flow that performs tasks or engages in end-user chat interactions. A simple way to view it: - Workbench for Storyboard *helps you design and optimize the entire flow on the storyboard.* - *AI Agents are a functional part of the flow, performing tasks or engaging in conversation with customers* ## Comparing Tines managed AI providers Tines offers two managed AI providers: AWS Bedrock and OpenAI. Both are available with no API keys or setup required — Tines manages the infrastructure so you can start using AI features straight away. Read about AI usage and credits in Tines [here](https://explained.tines.com/en/articles/12801399-ai-usage-and-credits). ## What both providers guarantee Regardless of which provider you choose, Tines handles your data using the same strict security and privacy rules. Both AWS Bedrock and OpenAI adhere to these core principles: - **Stateless** – No conversation state is retained between requests. Each interaction is independent. - **No training** – Your data is never used to train AI models. - **No storage** – Data is not stored by the AI provider. Any persistence happens within Tines. - **No logging** – Requests and responses are not logged by the provider. - **No setup required** – Both are Tines-managed. No API keys or configuration needed. ## Key differentiator: Data routing The primary difference lies in how your data is routed, which is crucial for organizations with strict residency needs. ### AWS Bedrock Requests are processed in the same geographical area. I.e., data within the EU stays within the EU. The data never travels over the public internet and instead uses AWS's privatelink. ### OpenAI Requests are routed to your deployment region (US or EU) by default, then sent to OpenAI for processing and returned to Tines. While data travels to OpenAI's infrastructure, it is not stored or used for training, and routing respects your regional deployment. ## Side-by-side comparison | | AWS Bedrock | OpenAI | | --- | --- | --- | | Setup required | None | None | | Data routing | In-region | Deployment region (US or EU) | | Stateless | ✅ | ✅ | | No training | ✅ | ✅ | | No storage | ✅ | ✅ | | No logging | ✅ | ✅ | ## Choosing the right provider Both providers deliver strong privacy guarantees. If your organisation has strict data residency requirements where data must not leave your regional infrastructure under any circumstances, AWS Bedrock is the recommended choice. If your requirements are more flexible, OpenAI provides access to the latest OpenAI models and uses your existing AI credits across both OpenAI and Anthropic models, while still adhering to Tines' core privacy standards. Tenant admins can switch between providers or revert to the Tines default at any point in AI Settings → Providers. ## Condition FAQs ## Are rules checked in a particular order in a condition action? If you have multiple rules as part of a condition action, they are not checked in any particular order. By default, all rules must match for the action to emit an event. If you wish to match only a subset of the rules, for example, two of three rules, you can set that value in must\_match. ## If I use a condition with multiple rules, do all rules have to be matched or just one? A condition with multiple rules acts in an AND fashion. All rules must be satisfied for the action to work. You can use “must match” in an individual condition action to specify “OR” For example, using must match 1 acts as an OR. Read more about conditions in our docs [here](https://www.tines.com/docs/actions/types/trigger/). ## Conditions in Tines Conditions are actions which compares the content of a field from an incoming event with predefined rules, when the rules match, an event emit is triggered. Conditions in Tines are your automation's starting point, the digital equivalent of saying "when this happens, do that." ![](https://downloads.intercomcdn.com/i/o/am0g137l/2179578097/e13ac86f8fdb216b8c07aa7ec833/image.png?expires=1781611200&signature=2b22886ec803156387870b7c53facf2f8826e716f8eb5950ddfbdc76a93073de&req=diEgH8x5lYFWXvMW3nq%2Bgfu%2BAXCGjaerNlpkrs4lqNDWVuRjLRd%2Fwj4seiKE%0AEj8uPjgVN1%2BWC9%2Fj9dcHVndypHw%3D%0A) Some common use-cases for the condition action include: - Ignoring Events that don't require processing - Send Events downstream for additional analysis - Further process events that are sent from a particular application ### Multiple rules A condition with multiple rules acts in an AND fashion. All rules must be satisfied for the action to work. You can use “must match” in an individual condition action to specify “OR” For example, using must match 1 acts as an OR. If you have multiple rules as part of a condition action, they are not checked in any particular order. By default, all rules must match for the action to emit an event. If you wish to match only a subset of the rules, for example, two of three rules, you can set that value in must\_match. ### No match If instead of halting the story run you'd like to redirect it depending on a rule, you can use the **no match branch** to send the story in a different direction depending on the result. This is a useful pattern, equivalent to an "if/else" flow in a software language. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2179593580/dda723e7e18f475866983d4fea8e/image.png?expires=1781611200&signature=7cdd62f3a93b83452021a70187ae2e49d5830b81c15aa78e411bdba85d6f67e4&req=diEgH8x3noRXWfMW3nq%2Bgf%2Bu9Q%2F2BGWNj9CMZZoQqVwpzW00JHLlWG0spVIe%0AlwyS%2B0%2FMw8ChPl%2BEo4k%2Faw99rqw%3D%0A) > **👉 Learn more about conditions [here](https://www.tines.com/docs/actions/types/condition/).** ## ConductorOne Authentication Guide ConductorOne helps companies secure identity in their cloud apps and infrastructure through centralized identity governance and access controls. ## First, create a ConducterOne API client 1. Login to your ConductorOne tenant 2. Click on your user account and select "API Keys" ​ ​ ![](https://downloads.intercomcdn.com/i/o/859330071/f3b618529d8c319f347d5bf9/image.png?expires=1781611200&signature=c2133524bcf7f93e175737e4347fcf30b6683a637851380a7321440bb6e96c69&req=fCUuFcp%2BnYZeFb4V1XW4gXsrNaRrw4ju%2F0D9AwcPMqOe4qHMIADcbh0K%2BmRQ%0APzhuyyQOSKwYqejrM6dc33FWog%3D%3D%0A) ​ 3. Click "Create credential" ​ ​ ![](https://downloads.intercomcdn.com/i/o/859330305/c9ed20541fd88f35858a8bd0/image.png?expires=1781611200&signature=58c3bdbcbdcd94083a230bd1e66f194b3b0ce5b53478577c145e3937145e5990&req=fCUuFcp%2BnoFaFb4V1XW4gTivWn%2F0H0qFxs8TxKNtpItg6l0tenOnNAsHveJW%0A39qcOavVLaQpwlitATZPFR1x7w%3D%3D%0A) ​ 4. Name the client, set the expiration date and click "Create" ​ ​ ![](https://downloads.intercomcdn.com/i/o/859330745/95d2caf169c8b03c96d25993/image.png?expires=1781611200&signature=ee90752e9d1448020182577772b853d492356734f1280cb57c752c070c2345d0&req=fCUuFcp%2BmoVaFb4V1XW4gcEeUFGDc2g3khDKQrZeWECtJYC1jZQ3Fo6I%2BRMX%0Am62T%2B45xkiXW6Tj9Zw2%2FU2168A%3D%3D%0A) 5. Copy your "Client ID" and "Client Secret" to a text editor and click "Done" ​ ​ ![](https://downloads.intercomcdn.com/i/o/859331110/baa353fc3b933476f9687148/image.png?expires=1781611200&signature=87e8420df76bfba45be9c970c215b53ea279494e89eb57f50dda60c7ee14e3a2&req=fCUuFcp%2FnIBfFb4V1XW4gUs%2FJ%2FHztBnFw%2BjQpFnIlJr74TCH0xZcQhP1wyq9%0A5EIaWk%2F6Dthgo%2B7Lno4%2BfVawpg%3D%3D%0A) ## Lastly, create ConducterOne credentials in Tines You will need to create three credentials: - Two Text type: "conducterone\_client\_id" and "conducterone\_client\_secret" - One HTTP request type: "ConducterOne" ##### Text type 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Text" 4. Input the values for the ConducterOne credential 1. **Name:** "conducterone\_client\_id" 2. **Description:** Optional 3. **Value:** Your Client ID 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API 6. Click "Save" 7. Click "+ New Credential" and select "Text" 8. Input the values for the ConducterOne credential 1. **Name:** "conducterone\_client\_secret" 2. **Description:** Optional 3. **Value:** Your Client Secret 9. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API 10. Click "Save" ##### HTTP request type 1. Click "+ New Credential" and select "HTTP Request" 2. Input the values for the ConducterOne credential 1. **Name:** ConducterOne 2. **Description:** Optional 3. **URL:** `https://.conductor.one/auth/v1/token` 4. **Content Type:** Form 5. **Method:** post 6. **Payload:** Copy the below object and paste it into the "Plain code" section: ​ ``` { "grant_type": "client_credentials", "client_id": "<>", "client_secret": "<>" } ``` 7. Click "Run options", navigate to the `access_token` key and double-click on the key ​ ​ ![](https://downloads.intercomcdn.com/i/o/859332836/5a07ddbfefd9a2854b2af3af/image.png?expires=1781611200&signature=5c4c6e6122e957e4e23d09033fc4546a188c4ac5292e6898cc1028f663fe69fc&req=fCUuFcp8lYJZFb4V1XW4gSdIZ9KNQ2cD7idD7190cUekgbdgm5J61ai9nXWh%0AhT%2Fu%2FcfuO%2B05s3G7Xio04MZizg%3D%3D%0A) 8. **Location of token from response:** Paste the path to the token in the value pill 3. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains 2. **Access:** What other teams can also use the API 4. Click "Save" Your credential should look like the following: ![](https://downloads.intercomcdn.com/i/o/859333826/5a52f47cb606df9cf89763b9/image.png?expires=1781611200&signature=e5272294a659ffd3209b2a2b7c7513d8fc1009b4992196e904d97f9664b6b45f&req=fCUuFcp9lYNZFb4V1XW4gTTED9aUhwRT3WFneTeKsprP62foK0PCl3XkWtyU%0AIGlbRsAOuGF%2FJNGBF1ZYmRp6Jw%3D%3D%0A) ![](https://downloads.intercomcdn.com/i/o/859333866/944e5c52c15ee67054d9928b/image.png?expires=1781611200&signature=49e8158285511c6fc351cf86f200f060c77f46469d8c81eb05afbe52e35a17a0&req=fCUuFcp9lYdZFb4V1XW4gWXrd74Gbd%2B%2F8damTtJW26%2FKT4o85ISjikPYElQ7%0AokFaGAdOk63TAKdwtJVixDB1mw%3D%3D%0A) ![](https://downloads.intercomcdn.com/i/o/859333933/e679e272f8e2b6b44d0fa9f5/image.png?expires=1781611200&signature=484c4b9ebf08ef67c6385c7725ec5d569522bf82e213d03c6e3158bffa19588c&req=fCUuFcp9lIJcFb4V1XW4gdRmnEEVtzcZPZkbvN%2Bw1vSFTvIw5vB%2FYPNZnnZH%0ApEIvKV32fJP475LOKGsqhNlozg%3D%3D%0A) > **More on creating credentials in Tines [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can also find a selection of ConducterOne stories in the [story library](https://www.tines.com/library?view=all&s=conducterone).** ## Configure Amazon EventBridge for Security Hub Findings Tines integrates directly with AWS Security Hub findings by receiving events sent through Amazon EventBridge. When Security Hub generates or updates a finding, EventBridge routes that JSON payload to a Tines Webhook, where it can be parsed and used to trigger downstream workflows. This allows teams to process findings in near real time using a combination of deterministic steps, human review, and agentic actions. Security Hub provides the centralized visibility and prioritized insights across AWS environments, while Tines extends that signal into the rest of the security and IT ecosystem. Through Tines, teams can enrich findings with external context, open or update cases, request approvals, notify stakeholders, and orchestrate remediation across AWS as well as third-party systems — without maintaining custom integrations. Together, Security Hub and Tines enable consistent, repeatable handling of cloud security events from initial detection through full resolution. > **Note:** You will need the Tines Webhook URL and admin privileges to configure Amazon EventBridge. ### Steps Once you are ready with the Tines Webhook URL, you will: 1. Create an EventBridge Connection 2. Create an EventBridge API Destination that uses the Connection 3. Add a rule to route Security Hub Findings to the API Destination ### Create an Event Bridge Connection 1. Navigate to the Amazon Event Bridge admin console, select Connections, and click Create connection ![250](https://downloads.intercomcdn.com/i/o/am0g137l/1827236957/bed41aaecaeedda1ad56e6e67eb8/f3a1932f-bec9-44f0-a53d-56b5db7b4b83?expires=1781611200&signature=547499b50174535cd8893eb4f761e9a760f9c60937f93989489a680944ce9924&req=dSglEct9m4haXvMW3nq%2BgYf3MprJJ5roaXxmzEZtpxiqol1Fkdo3ZNQe8JVB%0AIC9VhrbkR7hO3WOwEAOcDTR%2FHcs%3D%0A) 2. Enter a name for your connection and select a public API type 3. For Configure authorization, select Custom configuration, API Key authorization type, enter x-not-used for the API key name, and not-used for the key value ![700](https://downloads.intercomcdn.com/i/o/am0g137l/1827237519/bec74b601756bfc31822f0ce4faa/f7475628-a2a8-4ee7-bc45-02d74054262e?expires=1781611200&signature=a2001eac574ef1497b6d337d73e9dfcb9a8310253864ee4c0e5aa1939156e03c&req=dSglEct9moReUPMW3nq%2BgfsSNlnwjN1%2BArNjqQHqH3F2A3Klx%2B%2Bbokh2NhA%2B%0AEYLZEaqhW6H3PCBC3FUybV8NBj4%3D%0A) 4. Click Create ### Create an EventBridge API Destination 1. Navigate to the Amazon Event Bridge admin console, select API destinations, and click Create API destination 2. Enter a name for your API destination, paste the Webhook URL in the API destination endpoint field, and select POST for the HTTP method 3. Use an existing connection type and select the connection created in the previous step ![800](https://downloads.intercomcdn.com/i/o/am0g137l/1827240652/5e523c48225cef366309b301cabf/e90e54cd-2547-4558-bd13-ede37fff2bf3?expires=1781611200&signature=d3a2f2ac3611d793a221df04fb91eeb332b278a600a9cdf84cb8d59f3d0dfaa8&req=dSglEct6nYdaW%2FMW3nq%2BgQqP72Pm%2BJq1AWA2VOgCGD%2Fmmam6OqJ5qk1XlSgl%0AUgoD9%2FbmgwsxWzGFozbgjlEIRxE%3D%0A) 4. Click Create ### Create an EventBridge Rule 1. Navigate to the Amazon Event Bridge admin console, select Rules, and click Create rule ![250](https://downloads.intercomcdn.com/i/o/am0g137l/1827242084/c6e8f421c3b531cc98f3356abc59/ae7f5f2c-dc8c-4044-b48d-0ed8be87fc71?expires=1781611200&signature=d60f5a8d8e8544ec52f57546adfd0b48b8e4ae1277b21c3c7ab71cf82227f7e7&req=dSglEct6n4FXXfMW3nq%2BgTofV9Q0n544VQAOAPFNkarkSfBGE51sxmLl17xM%0Al0Ogc3%2Fw%2FBdPbNW4CTgg8yuay20%3D%0A) 2. Enter a name and click Next 3. For Events select Other and for Event pattern select Custom pattern (JSON editor) ![500](https://downloads.intercomcdn.com/i/o/am0g137l/1827243355/7ced669a6e7e000ddfb178dd5dc3/08d62207-ee07-40f9-b51d-5098026248de?expires=1781611200&signature=7f97e6d45a449fdd735daeb91463db4ae542bde53a41953f139132be287096ea&req=dSglEct6noJaXPMW3nq%2BgXuI3L%2Fathwdng6dW%2BTmIjbepBmOOuG7VQ%2BblMN0%0ANDBAiVMIKhhMZIBdSC0AmdagfBo%3D%0A) 4. Paste the following into the JSON editor ``` { "source":[ "aws.securityhub" ], "detail-type":[ "Findings Imported V2" ], "detail":{ "findings":{ "metadata":{ "product":{ "name":["Security Hub Exposure Detection"] } } } } } ``` This rule routes Security Hub exposure findings. Please see [Configuring rules for EventBridge](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-v2-cwe-event-rules.html) for additional detail. 1. Click Next 2. Select EventBridge API destination, use an existing API destination (the one created earlier), and click Skip to Review and create 3. Scroll to the bottom of the page and click Create rule ### Orchestrate and Remediate Security Hub Findings Security Hub exposure findings will now be sent to the Tines Webhook specified by the API destination. To get started check out the [AWS Security Hub Stories in the Tines Library](https://www.tines.com/library/tools/aws-security-hub/). Note if you change the Tines Webhook URL or add new Webhooks, you will need to update or create new API destinations. ## Connecting to APIs in Tines using credentials > **For a list of tool-specific authentication guides, [see here](https://explained.tines.com/en/collections/3801629-authentication-credentials).** * * * [Watch video](https://fast.wistia.net/embed/iframe/y0wkwcdn2d) Most APIs require you to prove your identity. Like passwords for your accounts, APIs require a secret token before providing access. Credentials in Tines let you securely store these secret tokens and use them when making requests to any tool that has an API. Good credential management is critical when working with APIs. Not only do credentials need to be secure, but they also need to be accessible. Tines can store many kinds of credentials like basic text, OAuth, and AWS credentials. One of the most flexible credential types is the HTTP Request action credential (HRAC). This type of credential allows users to dynamically authenticate to APIs that might have multiple legs of their authentication or retrieve passwords from secure privilege access managers. ### Security Considerations when using credentials It is important to note that while this method dramatically increases the security of secret information in Tines, like any piece of security, it's not absolute. For example, if Tines is interacting with a 3rd-party service, it is possible the service, depending on its operation, may insecurely include the credential's value in its response, which Tines will then include in an emitted event. ## How to create a Credential There are two main ways to create a credential in Tines: via your dashboard, or directly from within a story. ### Create a credential via your dashboard If you know what credential you want to create, you can do so directly from your dashboard. 1. Select the team you wish to add the credential to. 2. Select "Credentials" 3. Click "New Credential" and select the tool you are connecting to or the type of credential required. ![](https://downloads.intercomcdn.com/i/o/840039422/f2a1c8b6b16a3c93c3b8925f/Screenshot+2023-09-27+at+12.00.57.png?expires=1781611200&signature=b8ec677d81fc26b0e18bfb85be839d83545f1883fce12fbf90014710055874a1&req=fCQnFsp3mYNdFb4V1XW4gRynhsw5%2B7c6P7%2B7lQROZCB8IuHCtIui%2Fywc1xBY%0ABh%2B67FPD6LCgum%2FXfmzsjfkE8w%3D%3D%0A) 1. Each type of credential requires different information. Complete the required fields. You can find more details of the different types of credentials [here](https://www.tines.com/docs/credentials). 2. The credential is now available for use in the stories in the team. ### Create a credential in a story Open the storyboard and select "Templates" 1. Select the vendor you wish to authenticate with. In this example, we select Okta. ![](https://downloads.intercomcdn.com/i/o/841950332/d6988b2b6d865573a0f03de6/Screenshot+2023-09-29+at+14.24.46.png?expires=1781611200&signature=9a8bdae1c6a464adf4daefd8643b888ccadc15f5e227e97c7738fe420c140ed4&req=fCQmH8x%2BnoJdFb4V1XW4gVhX8ea2%2FMVqGXTnB2cDgeqtTFSJXWSMxMT4O6EJ%0ALhsQHh3cILr4UF7H2tBIomt6Vg%3D%3D%0A) 2. Drag a template onto the storyboard. ![](https://downloads.intercomcdn.com/i/o/841950517/36fcece3a1b096aecc2cde63/Screenshot+2023-09-29+at+14.24.58.png?expires=1781611200&signature=7665cfaffbf808553d739f5e12203e5cc571bb4f98417cc2421f893d60dc7c89&req=fCQmH8x%2BmIBYFb4V1XW4gdOsg1hDY2Q88hDdO0BIytU2VDIxbvwCrKcVo1SE%0ARI4Aupul5mKE7xtY4jTWTEZCww%3D%3D%0A) 3. Click "Connect on the right in the configuration panel. ![](https://downloads.intercomcdn.com/i/o/841950739/eb7f8cd66f0ef033b6e0de13/Screenshot+2023-09-29+at+14.25.08.png?expires=1781611200&signature=ae1a1d5aa41f87bba1e66e9e36c97c1cbfc68b3c8e31f36d71845e8523d63ac6&req=fCQmH8x%2BmoJWFb4V1XW4gXF10tR8EmSLkSfsVqWDn9bK84Pz0euLkGbtHVPv%0AB63bex7q8%2FGhJ4552G%2BnX%2Bw5KA%3D%3D%0A) 4. Enter the required details in the popup. ![](https://downloads.intercomcdn.com/i/o/841951102/cc95e27261c2c0be7a635ddb/Screenshot+2023-09-29+at+14.25.47.png?expires=1781611200&signature=454e7c561ea15c709469bb82b8b654039d3e936ac23b4b205f91731c2b9a8fa0&req=fCQmH8x%2FnIFdFb4V1XW4gVrennsX433rzQO9KL9a1mLl%2BwYsSoaeWJKc9fyQ%0AzC0qYW%2B1P9pd0J12XowAgE5XZQ%3D%3D%0A) 5. The credential will now be available for use. ![](https://downloads.intercomcdn.com/i/o/841951322/0f38e98e302a529a88a6f081/Screenshot+2023-09-29+at+14.26.23.png?expires=1781611200&signature=c00b1a3b40fa0f3a9888f461b630bd5d160d350ec7caf8f46d27d100a39df2a9&req=fCQmH8x%2FnoNdFb4V1XW4gbRpsHQiIUx8%2FvoQq8IAsgLjnEOzbz7aEnu%2BRZ8M%0A8eDBpMxHG2fvuhxIE0USLAdsew%3D%3D%0A) > **Note:** We recommend you control access to your credentials where possible. To learn more about restricting credentials, [see here](https://www.tines.com/docs/credentials#restricting-a-credential). > ​ > > **Note:** Not every tool we connect to has the connect button and flow outlined above (though we continue to add more each week). But that doesn't mean you can't still connect to those tools. ### Sharing a Credential Credentials will, by default, only be accessible to the team they are created within. Credentials can be configured to be shared with all other teams in the tenant by selecting the 'Everyone' access option. ![](https://downloads.intercomcdn.com/i/o/732535304/bd4b25d0b62fc1c61fb9ada8/image.png?expires=1781611200&signature=d6c737501f66c1fcbb110af1b6adcb4da582df60ad00108ac6289ade7bb576af&req=cyMlE8p7noFbFb4V1XW4gWAsNfgoUr2RxuCJOAMZCebzMqN9Npp14Btjvybr%0ACvmBx1HITnOPuohVPT0kNmTu7A%3D%3D%0A) Credentials with the same name as Credentials shared across multiple Teams will use the Credential located within the same Team as the Story. > **👉 For more details on each credential type [see here](https://www.tines.com/docs/credentials).** ## Connecting with the Tines builder community ## Building together: Ways to engage with fellow Tines builders We’re proud of our builder community. By connecting with other builders, you’ll discover new ways to use Tines, share your expertise, and learn from peers who are solving similar challenges across industries. This is your space to collaborate, ask questions, and get inspired… whether you’re looking for practical advice, creative workflow ideas, or simply a network of people who get what you do. Together, we’re building smarter, faster, and more intelligent workflows… one story at a time. In this spirit of collaboration and shared success, we offer multiple avenues for our builders to connect, share insights, and inspire one another. ### Join the Tines Slack Community Our Slack community serves as the digital hub for Tines builders worldwide. Here, you can: - Ask questions and get real-time assistance from other builders - Share your stories and workflows - Discover innovative use cases and implementation strategies - Stay current on product updates and upcoming events - Network with professionals facing similar challenges The Slack community provides an accessible, always-on space for builders at all skill levels to connect and grow together. Fill out [this Tines page](https://hq.tines.io/pages/6f8b122ccba3cb7e8e0d3531d1b70eb2/) to join today. ### Attend Builder Connect events Throughout the year, we host [Builder Connect](https://www.tines.com/events/builder-connect/) events in various cities worldwide. These in-person gatherings offer unique opportunities to: - Meet local Tines builders face-to-face - Participate in hands-on workshops and demonstrations - Share workflow challenges and solutions - Network with regional security, IT, and operations professionals - Learn directly from Tines experts and power users Builder Connects blend technical learning with community building, creating spaces where relationships form and collaboration flourishes. ### Meet us at an industry event Look for the Tines team and community members at major industry events including: - BSides conferences - Black Hat - ElasticON - And many other IT and security conferences [here](https://www.tines.com/customer-center/#events) These events provide excellent opportunities to connect with Tines representatives and fellow builders while exploring how Tines intelligent workflows fit into the broader security, automation, and AI ecosystem. ### Participate in "You Did WHAT With Tines?!" (YDWWT) Our popular [YDWWT](https://www.tines.com/ydwwt) competition showcases the creative and unexpected ways builders are using Tines. By participating, you can: - Discover unconventional workflow use cases - Get inspired by innovative approaches to common challenges - Share your own unique implementations - Learn how others are pushing the boundaries of what's possible with Tines YDWWT celebrates the ingenuity of our community and demonstrates the platform's flexibility across diverse scenarios. ### Annual builder recognition We continue to celebrate builder ingenuity each year by further recognizing outstanding contributions and implementations across our community. This is done through programs such as the [Top Builder](https://www.tines.com/blog/what-does-it-take-to-become-a-top-builder-in-tines/) awards, [YDWWT competitions](https://www.tines.com/ydwwt), webinars, and more. This recognition: - Highlights exceptional stories - Celebrates innovative problem-solving - Identifies builders who have achieved remarkable results - Inspires the broader community with real-world success stories ### Advisory Boards We offer paths to participate in our invitation-only Customer Advisory Board (CAB) and Technical Advisory Boards (TAB). These groups provide strategic input on our storytelling, sharing top-of-mind problems from the industry, and ensuring we continue to evolve in alignment with customer and market needs. ## Our commitment to community At Tines, we believe that the strength of our platform is magnified by the strength of our community. Whether you're troubleshooting a specific workflow, seeking inspiration for new use cases, or simply wanting to connect with like-minded professionals, the Tines builder community offers valuable resources and relationships to support your success. We invite you to engage with fellow builders through any or all of these channels. Let’s continue building together! ## "Could not create event – Story run has reached the maximum number of events in a single branch." Error ## Overview As you build and run stories in Tines, you might run into the following error: ``` Could not create event – Story run has reached the maximum number of events in a single branch. ``` This article covers the cause and solution to this behavior. ## Cause and solution This error means the Tines 30k event limit has been reached for a single branch (this is limited to a particular story run). A branch means an individual path in a story run. For example, in the screenshot below, the story run had 5 events, across 2 branches which each are 3 events long (as the execution splits along 2 paths after the first action). We typically see the error happen when there is an infinite loop involved in a story: ![](https://downloads.intercomcdn.com/i/o/1171486291/3e0d38c6b0aaed56811d1bba/image.png?expires=1781611200&signature=65fe9dfc5602285bd79948e588acb82db74ccdee3eaa5d38be77978780843c9e&req=dSEgF812m4NWWPMW3nq%2BgQkWmzcH%2BpLva%2BUBSW8QJs6EXr7dMLP2eI2LsUcf%0Ab9KbEhHgn8tf29C2twl2QIa2LV0%3D%0A) > 🟢 **Solution**: Navigate to the story the alert was created for, identify, and correct where a possible infinite loop might be happening. ## Need further assistance? Have questions or still seeing the error after working through the sections above? We are happy to help! ⬇️ [Contact Tines Support](https://www.tines.com/contact#support) **with the information below**, when available: > ℹ️ **General Information:** > > - Date and time of the reported behavior. > > > ℹ️ **Story Details:** > > - Impacted Story's URL (include all URLs if there are multiple stories impacted). > > - Impacted Action's ID (include all IDs if there are multiple actions impacted). > > - The action configuration(s): > > - You can copy + paste actions into a code block; this will provide the configuration of the action(s) in a JSON format so that Tines Support can use it into our test environments. ## "Could not find a matching action to return event..." Error ## Overview While building out and running stories in Tines, especially with [send to story actions](https://www.tines.com/docs/stories/send-to-story/), you might run into the following error on your sub-stories: ``` Could not find a matching action to return event. If this action ran because of a Send to Story event, ensure that the original event contained #agent_id and #event_id keys. ``` This article covers common causes and solutions to the behavior. ## Cause and Solution ### Cause One: Independent action run An action within a send to story flow was run independently, outside of the send to story flow (i.e. manually running an action). > 🟢 **Solution:** If this occurred because you ran an action manually, you'll want to re-emit the last event from the upstream webhook "entry" action in the story instead. > > ![](https://downloads.intercomcdn.com/i/o/1171582768/94b0344f4af7b9fabbd02b2e/image.png?expires=1781611200&signature=9361bd5f9de9931310c888b0563983286e398d7e3ba8e9aa92c854699537c374&req=dSEgF8x2n4ZZUfMW3nq%2BgdU%2FPKIb9gNa2siGixeFCRILYVKtAHhHDwzqKJNq%0Ac5yxnqyHbJKl3HY2EnZMYCPRkgc%3D%0A) ### Cause Two: Page action outside of the send to story flow There is a page action in the sub-story as another input/entry. When the page action emits an event, this error will show in the exit action of the sub-story, as the flow happened outside of the send to story flow. > 🟢 **Solution:** Include page actions within your send to story flow. > > ![](https://downloads.intercomcdn.com/i/o/1171576021/07816b3ca93965fd48c49935/image.png?expires=1781611200&signature=d7c42d2381193a0fe91dc79d8bd04e7f24aab4dde99344e3d7f9e801410e56f5&req=dSEgF8x5m4FdWPMW3nq%2BgQ7WxXvduS2tibt5hx6cAxjpDm%2F9lA4j5HKvcqEA%0A8jBlyX112lxeUZTh5fzdzYDCBZM%3D%0A) ### Cause Three: Non-send to story event source A story is set up for a send to story flow, and a request comes into a webhook (configured as an "entry" action) from a source other than a send to story action. > 🟢 **Solution:** If you are not using a story in a send to story flow, make sure to turn off the **Send to Story** setting within the story configuration panel. > > ![](https://downloads.intercomcdn.com/i/o/1171580122/8fcda4a11b550f4a87121ca3/image.png?expires=1781611200&signature=7384b048ec004a3dc09b51852c3ba4edbe923440d518457884ff52ee68f87c68&req=dSEgF8x2nYBdW%2FMW3nq%2BgVMDXCId2KP2UzEdFBIpF4qceGQDuWg%2FKclLdfiu%0A6kQCl0uDUdgZZbXnyR4YWtkBVgI%3D%0A) ## Need further assistance? Have questions or still seeing the error after working through the sections above? We are happy to help! ⬇️ [Contact Tines Support](https://www.tines.com/contact#support) **with the information below**, when available: > ℹ️ **General Information:** > > - Describe the behavior in detail, including steps to replicate (*we recommend providing this information via a screen recording*). > > - The time and date of the reported behavior. > > > ℹ️ **Story Details:** > > - Impacted Story's URL (include all URLs if there are multiple stories impacted). > > - Impacted Action's ID (include all IDs if there are multiple actions impacted). > > - Relevant action event data. You can find this via the [event panel](https://www.tines.com/docs/events/). > > - The action configuration(s): > > - You can copy + paste actions into a code block; this will provide the configuration of the action(s) in a JSON format so that Tines Support can use it into our test environments. ## Create and update a record Records are a powerful feature in Tines used to introduce structured data into your team's stories, which is particularly useful for performing trend analysis to monitor when specific actions or events occur. The below video demonstrates create a record in Tines. [Watch video](https://www.youtube.com/embed/3gxechUZTUA?rel=0) ## Creating a record To capture and store structured data from your story actions, follow these steps: 1\. Add the record action: Go to tools on the left-hand side and drag a record action onto your story canvas. 2\. Connect actions: Connect the action preceding where you want to store the data to the Record action. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2219611079/b6f890108a08b6782133c9d17fb3/add%2Brecord.gif?expires=1781611200&signature=0ee271617223a190452ba17bf88044cbede448be002188f99b8560be7f78b669&req=diImH89%2FnIFYUPMW3nq%2BgaDf0orGQt6iY7LTeOia2Nge7MhGmbJ6Nc1eBieq%0AS5IZSBu90ur1hNcA80C6mVmnZm4%3D%0A) 3\. Define the record type: - In the record action configuration, choose your record type. - To create a new type, click create new at the bottom. - Give your record a name, such as "malicious IP". 4\. Configure columns: By default, `timestamp` and `story name` are stored. Add any custom values (columns) you need, such as `IP` (as text). You can change the data type of a column from text to a number if necessary. 5\. Click save. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2219615303/e04515b2e0892dcd431f8502c734/record+type.gif?expires=1781611200&signature=1351ee6652d3faa110c66f12969f4f30afd1a758406b8613d12cebde125b34e9&req=diImH89%2FmIJfWvMW3nq%2Bgfnbu3qw1ONtyKz9lb48g3%2BWqCYXeeG9G0NQStwe%0A9KvUcQUQYL5x68TtlFxXmNqq5LQ%3D%0A) ## Setting the value for data storage Next, set the values for the custom columns using data from previous actions in your story. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2219616043/d5d38a4b1def47ec222347f019a0/796c4c58-303c-4d53-a292-fc9fbddfc816?expires=1781611200&signature=0f468c21bf6367e8da9b9cb66795b96cbf89a8ead1d54f76cb04b00280994b8c&req=diImH89%2Fm4FbWvMW3nq%2BgZmALR%2Fr4cQh1V5E2uYslgHaHYrkui3TlNYAdAz4%0AlE%2BM%2FHhSk6voHQ%2Bdsv9thzoM9%2BU%3D%0A) ## Viewing and managing records Once the event has passed through the record action, the data is stored. ### Accessing records 1. Go back to your **team** view. 2. Scroll down to **records**. 3. Search for your record type (e.g., "malicious IP"). ![](https://downloads.intercomcdn.com/i/o/am0g137l/2219617252/3f3a4b4baa1d53adb765b2c72f62/records+navigation.gif?expires=1781611200&signature=4503b2a55780c189c48b19f352c5d5ba3a4f8f03c083c5c2a66f2ddcf1dc5927&req=diImH89%2FmoNaW%2FMW3nq%2BgbgEKCwjNWIKwkX92w0PAA2GzTGpArD2GcylClOC%0ADMXuf2DgfuQkNx%2B8CtXBQ31M%2FRU%3D%0A) The records view displays all associated columns: story name, timestamp, IP, and scan. ### Filtering and reporting You can manage the stored data directly from the records view: - Filter: In the top right-hand corner, you can filter your data by date, choosing specific dates or ranges like yesterday, the last seven days, or the last 365 days. - Customize view: You can remove the view for certain columns. - Export: Export the data as a CSV file to create reports for leadership. ### Reviewing a single record To view the data associated with a single event: - Click the arrow on the left-hand side of a record entry. - This pulls up the data and payload from the story that generated the record. - From this detailed view, you can click a link to view the story it originated from or copy the link to the record to share internally. ## Updating a record An existing record can be updated via: - Tines Tenant - Tines API ### Tines Tenant Enabling the ‘Set as editable’ option will allow you to edit the values within your record. > Note: The values within the ‘Story Name’ and ‘Timestamp’ record columns cannot be edited. Within your tenant, navigate to the record > Manage record and enable ‘Set as editable’. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2222240323/d0a85231eed7adc1c326e910936c/set+record+as+editable.gif?expires=1781611200&signature=1580b6e6eafef36808f0e5621abe99cfcf1e96aa38f6190007b32080863add72&req=diIlFMt6nYJdWvMW3nq%2BgZh%2FXJW8oeDDH1C0x%2BmnJBg5XxA8AE8p6ylQUkKG%0AwwlLnegKz4PjcGQM8S5c7ll66pc%3D%0A) ### Tines API Use the [update](https://www.tines.com/api/records/update) records Tines API to update records. > Read more about records in our docs [here](https://www.tines.com/docs/records/). ## Creating credentials in Tines You can create a credential at the team level in Tines or within the story. A credential will only be available in the story when it is created for the team in which that story resides. > **To learn more about credentials, see [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** [Watch video](https://fast.wistia.net/embed/iframe/y0wkwcdn2d) ### Create a credential for the team 1. Select the team you wish to add the credential to. 2. Select "Credentials". 3. Click "New Credential" and select the tool you are connecting to or the type of credential required. ![](https://downloads.intercomcdn.com/i/o/840039422/f2a1c8b6b16a3c93c3b8925f/Screenshot+2023-09-27+at+12.00.57.png?expires=1781611200&signature=b8ec677d81fc26b0e18bfb85be839d83545f1883fce12fbf90014710055874a1&req=fCQnFsp3mYNdFb4V1XW4gRynhsw5%2B7c6P7%2B7lQROZCB8IuHCtIui%2Fywc1xBY%0ABh%2B67FPD6LCgum%2FXfmzsjfkE8w%3D%3D%0A) 4. Each type of credential requires different information. Complete the required fields. You can find more details of the different types of credentials [here](https://www.tines.com/docs/credentials). 5. The credential is now available for use in the stories in the team. ### Create a credential in a story > **Not every vendor has this capability. We continue to add more each week.** > > **To access authentication guides for various tools, [see here](https://explained.tines.com/en/collections/3801629-authentication-guides).** 1. Open the storyboard and select "Templates". 2. Select the vendor you wish to authenticate with. In this example, we select Okta. ![](https://downloads.intercomcdn.com/i/o/841950332/d6988b2b6d865573a0f03de6/Screenshot+2023-09-29+at+14.24.46.png?expires=1781611200&signature=9a8bdae1c6a464adf4daefd8643b888ccadc15f5e227e97c7738fe420c140ed4&req=fCQmH8x%2BnoJdFb4V1XW4gVhX8ea2%2FMVqGXTnB2cDgeqtTFSJXWSMxMT4O6EJ%0ALhsQHh3cILr4UF7H2tBIomt6Vg%3D%3D%0A) 3. Drag a template onto the storyboard. ![](https://downloads.intercomcdn.com/i/o/841950517/36fcece3a1b096aecc2cde63/Screenshot+2023-09-29+at+14.24.58.png?expires=1781611200&signature=7665cfaffbf808553d739f5e12203e5cc571bb4f98417cc2421f893d60dc7c89&req=fCQmH8x%2BmIBYFb4V1XW4gdOsg1hDY2Q88hDdO0BIytU2VDIxbvwCrKcVo1SE%0ARI4Aupul5mKE7xtY4jTWTEZCww%3D%3D%0A) 4. Click "Connect on the right in the configuration panel. ![](https://downloads.intercomcdn.com/i/o/841950739/eb7f8cd66f0ef033b6e0de13/Screenshot+2023-09-29+at+14.25.08.png?expires=1781611200&signature=ae1a1d5aa41f87bba1e66e9e36c97c1cbfc68b3c8e31f36d71845e8523d63ac6&req=fCQmH8x%2BmoJWFb4V1XW4gXF10tR8EmSLkSfsVqWDn9bK84Pz0euLkGbtHVPv%0AB63bex7q8%2FGhJ4552G%2BnX%2Bw5KA%3D%3D%0A) 5. Enter the required details in the popup. ![](https://downloads.intercomcdn.com/i/o/841951102/cc95e27261c2c0be7a635ddb/Screenshot+2023-09-29+at+14.25.47.png?expires=1781611200&signature=454e7c561ea15c709469bb82b8b654039d3e936ac23b4b205f91731c2b9a8fa0&req=fCQmH8x%2FnIFdFb4V1XW4gVrennsX433rzQO9KL9a1mLl%2BwYsSoaeWJKc9fyQ%0AzC0qYW%2B1P9pd0J12XowAgE5XZQ%3D%3D%0A) 6. The credential will now be available for use. ![](https://downloads.intercomcdn.com/i/o/841951322/0f38e98e302a529a88a6f081/Screenshot+2023-09-29+at+14.26.23.png?expires=1781611200&signature=c00b1a3b40fa0f3a9888f461b630bd5d160d350ec7caf8f46d27d100a39df2a9&req=fCQmH8x%2FnoNdFb4V1XW4gbRpsHQiIUx8%2FvoQq8IAsgLjnEOzbz7aEnu%2BRZ8M%0A8eDBpMxHG2fvuhxIE0USLAdsew%3D%3D%0A) > **We recommend you control access to your credentials where possible.** > > **To learn more about restricting credentials, [see here](https://www.tines.com/docs/credentials#restricting-a-credential).** ## Credentials FAQs ## How are credentials stored in Tines? Credentials that are configured within Tines to authenticate with other systems are stored in two ways: 1. For cloud Tines tenants, the AWS RDS database. 2. For self-hosted Tines tenants, in the Postgres database. ## If a resource or credential is renamed, does it update the change to all stories? Yes, any story using a resource or a credential that is renamed that change will be updated in those stories. ## Is there a limit on the number of credentials on a tenant? No, there is currently no limit on the number of credentials that can be stored in Tines. ## Can I have more than one credential in a story? Yes, you can have more than one credential in a Tines story. Tines can interact with several systems in one story, for example, taking information from Slack or MS Teams and updating a Jira or ServiceNow ticket. > Note: Some systems may only allow one credential or token when interacting with them, e.g. Slack ## Why is my credential not showing on the storyboard? A credential will only appear on the properties panel when used in an action. ## Can I have multiple Slack credentials within Tines for the same Slack workspace? No. If there is more than one active Slack credential for the same workspace, Slack will revoke one token when the other token refreshes. This applies to the entire Slack tenant. > For more detailed information on credentials, read our docs [here](https://www.tines.com/docs/credentials/). ## Credentials in Tines Credentials in Tines are a secure way to store sensitive information such as API tokens and passwords that need to be used in actions. The `credential` formula key allows users to reference this sensitive information without exposing the actual values in action configurations. Think of credentials in Tines as your digital vault—a secure, centralized place to store sensitive information like API keys, passwords, and tokens that your automation needs to access critical systems. ### **Types of credentials** Tines supports several types of credentials: - Text - JWT tokens - OAuth2.0 - AWS - HTTP Request - Mutual TLS - Multi Request - Product-specific credential flows ### **Creating credentials** Credentials can be created in two ways: 1. From the dashboard by selecting your team name, then "Credentials," and clicking "New" 2. Directly within a story using templates for specific vendors ![](https://downloads.intercomcdn.com/i/o/am0g137l/1807181800/451ff73a518233bfc284a84ab08a/CleanShot%2B2025-10-31%2Bat%2B18_04_14-402x.png?expires=1781611200&signature=c85b74de2f757ffe128697946962567ff8e84ffb2882647cb045a119f05e02b9&req=dSgnEch2nIlfWfMW3nq%2BgXPrfcbpbjWXdlyXWtlmlh9wQUiQRsZQF9ky2Xkb%0AlsNTmIy561DGtc%2BYEye%2BDCPYtLs%3D%0A) Watch how to create a credential here: [Watch video](https://fast.wistia.net/embed/iframe/y0wkwcdn2d) > **👉 Learn more about credentials [here](https://www.tines.com/docs/credentials/).** ## Cribl Authentication Guide ### First, get credentials from Cribl 1. Login to [Cribl Cloud](https://login.cribl.cloud/) 2. On the top bar, select **Products**, and then select **Cribl**. 3. In the sidebar, expand **Organization**, and then select **API Credentials**. 4. Select **Add Credential** (or Add an API credential, if this is the first Credential in the system). 5. Specify a **Name** and an optional Description of the Credential’s purpose. 6. If applicable, under **Organization Permissions**, select the permission that the Credential’s tokens will grant. 7. If you chose the User permission, under Workspace Access, define access to specific Workspaces. 8. If you selected the Member permission for any Workspace, additionally select product-level permissions for that Workspace. (The User permission is not available for API Credentials.) 9. Confirm with Save. 10. The new API Credential will appear on the **API Credentials** page. Each Credential exposes a Client ID and Secret, details of Workspace access and other information. ### Then, get your Cribl Cloud URL To locate your Cribl.Cloud URL, navigate to **Workspace** > **Access** in the sidebar of your Cribl.Cloud. ### Finally, create a Cribl credential in Tines **Cribl connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Cribl" and follow the prompts to connect. > **Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/cribl).** > > **More on creating credentials in Tines [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can also find a selection of Cribl stories in the [story library](https://www.tines.com/library?view=all&s=cribl).** ## Criminal IP Authentication Guide **Criminal IP** is a Cyber Search Engine and Attack Surface Management(ASM) platform to find everything in Cybersecurity with an impressive amount of data capacities, API speed, and price. ## First, get your CriminalIP API Key 1. Login to your [CriminalIP](criminalip.io/en/login?h2=%2F) account. New users can "Register" for a Criminal IP account if they do not already have one. 2. On the main page, click your "Profile" and then "My Information" ​ ![](https://downloads.intercomcdn.com/i/o/767237133/81c03069540e44f13a8e2912/image.png?expires=1781611200&signature=686926793e6d6766a4da1a2e32d3f58b0cb872291b3b57429df4bb88f1c4ed03&req=cyYgFMp5nIJcFb4V1XW4gZ53i8mSyD9PtF9%2FiX71KuWG4Axg2pZValaIrdG3%0AmXfrP7Y2e1CD94tAVrKzI9%2BsvA%3D%3D%0A) 3. Under "API Key", click the "Copy" button ​ ![](https://downloads.intercomcdn.com/i/o/767237467/2dfa23155e265c53320c070a/image.png?expires=1781611200&signature=0bb416855206b7e2c31e3fd38d5593d0623937a2d7bffb64df4c6516d7c3b081&req=cyYgFMp5mYdYFb4V1XW4gfsxOZh00g%2BZw2Ytrf0NSBFR%2B6VCwzQGGFLDBVz6%0Au%2FiNFERIAY49ZpKRgNRu4OGWsg%3D%3D%0A) ## Then, create a CriminalIP credential in Tines **CriminalIP connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "CriminalIP" and follow the prompts to connect. **Manual credential creation** This method is not recommended as the CriminalIP connect flow creates this credential with much less complexity. However, if you need to create this credential set manually, see the following steps below: 1. Click "+ New Credential" and select "Text" 2. Input the values for the CriminalIP credential 1. **Name:** Required 2. **Description:** Optional 3. **Value:** Your copied API key value 4. **Domains:** api.criminalip.io 5. **Access:** What other teams can also use the API ​ > **Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/criminal-ip).** > > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of CriminalIP stories in the Tines [story library](https://www.tines.com/story-library?s=criminalip)**[.](https://www.tines.com/story-library?s=criminalip) ## CrowdStrike Authentication Guide CrowdStrike is a global cybersecurity leader with an advanced cloud-native platform for protecting endpoints, cloud workloads, identities, and data. Here's our guide for integrating with CrowdStrike. ## First, create a CrowdStrike API client: 1. Go to [https://www.crowdstrike.com/login/](https://www.crowdstrike.com/login/) 2. In your CrowdStrike account, visit "Support and Resources" and click "API Clients and Keys" ![](https://downloads.intercomcdn.com/i/o/863738274/7ccc2d1d69154d2d59ef847b/crowdstrike_panel.png?expires=1781611200&signature=92e5a642b292c7235d1df822319340def2b5fa88e6beb4f7334f74c4689927e7&req=fCYkEcp2n4ZbFb4V1XW4gQpAQhhTxIjXwLqBq5yKq%2B%2FDa4KCZ%2BjDEBioOZp6%0AzsrtE7N3oZW0OB%2BJ13v8Oh3IqQ%3D%3D%0A) 3. Next, select "Create API Client" ![](https://downloads.intercomcdn.com/i/o/863739094/60e0a09a0c8387b9a175224b/Crowdstrike+create+API+client.png?expires=1781611200&signature=e86356dcd30cd3024d6ea98998951016451a2094b5bbbcebdb19b1553c342c08&req=fCYkEcp3nYhbFb4V1XW4gbXOdzfIOA1oGcA9HByvyWe0gJVSHA2LgE83QjiE%0AIRUt4F8IpSspvYaDe2MIVAzfvA%3D%3D%0A) 4. Enter details about the API Client and select the relevant scopes, then click "Create" ![](https://downloads.intercomcdn.com/i/o/863753349/271e3f5e43c93b0950d06c61/Crowdstrike+API+Client.png?expires=1781611200&signature=e8dc81061f3abcf74669634b920cab472feb61dc1ad2c03fc1aa933d8f013a8a&req=fCYkEcx9noVWFb4V1XW4gYlC7F4MB6xBmdY7LUO%2BMsSeVjmLCc%2BxNKi13zhe%0Ateuc9gzf9kpJO6HNqdd9MbPEAw%3D%3D%0A) 5. Copy the API "Client ID", "Secret", and "Base URL" ![](https://downloads.intercomcdn.com/i/o/863754277/97fb124f3ec6b513057b0591/Crowdstrike+API+Secret.png?expires=1781611200&signature=bfbc3ea897913cf435abb75bfea78d888dc36f2e260b157f0d89d3ab6441575e&req=fCYkEcx6n4ZYFb4V1XW4gcOjgm3bWyCpT2287aFHp%2BnSkCjLyG7nJ0qqsZWz%0Ah2W7JbSwu%2FVGQaMPm3PdF%2BM9BQ%3D%3D%0A) ## Then, create a CrowdStrike credential in Tines **CrowdStrike connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team using the CrowdStrike API and click "Credentials" 3. Click "**\+** New Credential" and select "Crowdstrike" from the menu 4. Input the values for the CrowdStrike credential: 1. **Client ID:** Your Client ID 2. **Client Secret:** Your Secret 3. **Base URL:** Your Base URL 5. Click "Connect" > **Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/crowdstrike).** > > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines). > You can find a selection of CrowdStrike stories in the Tines [story library.](https://www.tines.com/story-library?s=crowdstrike)** ## Custom certificate authority ### **What is a certificate authority (CA)?** CA is a trusted entity that issues Secure Sockets Layer (SSL) certificates. This is a common security practice that establishes trust and verify information between systems communicating over the internet. ### **Configuring a *custom* certificate authority in Tines** Here's how to configure your CA to use across all IMAP and HTTP Request Actions in Tines: 1. Open your Tines tenant 2. Click the URL bar and input the following at the end of the URL `/admin/custom_ca` It will look like: `https://tenant.tines.com/admin/custom_ca` 3. Enter the PEM encoded X.509 public certificate (or certificate chain) for your custom certificate authority 4. Click `Save` Your custom certificate authority will then be used in addition to the standard public certificate authorities when validating the certificates of the IMAP and HTTP endpoints your Actions are contacting. ## Custom Tenant URLs ## Overview Tines supports custom tenant URLs, allowing you to change from the default format like `silent-beach-3471.tines.com` to a custom domain like `acme.tines.com`. Should you choose to do this, this guide outlines what you will need to be aware of, how to prepare, and best practices for a smooth transition. > Notes: > > 1. This is only for Business and Enterprise edition tenants > > 2. To change your tenant name or request a custom domain, reach out to your CSM, CSE or Tines Support, and they will go through the process of setting one up with you. ## Important to know: - Webhook URLs - External systems sending webhooks will fail - OAuth Credentials - Callback URLs will need immediate updates - SSO Configuration - This may break; please disable before migration OR create recovery codes - Published Pages - All shared page links will break - API Endpoints - Scripts/integrations using Tines API will fail - Email Actions - Stories with hardcoded tenant URLs in emails Both [disabling SSO](https://www.tines.com/docs/admin/single-sign-on/) and [creating login recovery codes](https://www.tines.com/docs/admin/recovery-codes/) are done in Tines. ## Backwards Compatibility There's an option to keep your old domain temporarily active. This will allow webhooks and pages to keep working with your old URLs. However, your SSO and OAuth will still require updates. We recommend fully migrating within 30-60 days of your new tenant URL being deployed ## Pre-Migration Checklist: We recommend following these suggested steps for a successful migration. ### 1 week before: - Audit all systems sending webhooks to Tines - Document published pages shared externally - Identify scripts/tools using Tines API - Search stories for hardcoded URLs - List all OAuth credentials - Notify users of migration timing ### 3 days before: - Decide on your SSO approach (disable or create recovery codes) - Plan out your OAuth callback updates - Schedule during low-activity period ### Migration Day: 1. Disable SSO or create recovery codes 2. Execute domain change + enable backwards compatibility 3. Immediately update OAuth callbacks and test 4. Update SSO config and re-enable 5. Test critical workflows > Steps on disabling and enabling SSO can be found [here](https://explained.tines.com/en/articles/12729713-single-sign-on-sso). > > Steps on changing your domain name can be found [here](https://www.tines.com/docs/admin/custom-domains/). > > Read more about OAuth [here](https://www.tines.com/docs/credentials/oauth/). ### Next steps: - Update external webhook senders - Redistribute new page URLs - Update API integrations - Monitor errors daily ## Key Tips ### Do: - Enable backwards compatibility for transition - Migrate during off-hours - Test SSO/OAuth immediately after - Allow 30 days for full migration ### Don't: - Disable backwards compatibility until everything is updated - Skip user communication ## Need help If something isn’t working or you need help with any of the above steps, please contact [support](https://www.tines.com/contact/#support). ## CyberArk Authentication Guide CyberArk allows you to seamlessly secure identities while accessing any resource across any infrastructure, including hybrid, SaaS and multi-cloud. You will need the following resources to setup CyberArk Password Vault authentication: - CyberArk Password Vault URL - CyberArk Password Vault Username (for On-Premise)/CyberArk Password Vault Client ID (for SaaS) - CyberArk Password Vault Password (for On-Premise)/CyberArk Password Vault Client Secret (for SaaS) - CyberArk Password Vault Account ID (the ID of the specific service/application you need to retrieve credentials for) ## Create CyberArk Password Vault resources and credentials in Tines You will need to create: - Three resources: "CyberArk Password Vault URL", "CyberArk Password Vault Username"(for On-Premise)/"CyberArk Password Vault Client ID"(for SaaS), and "CyberArk Password Vault Account ID" - Two HTTP Request type credentials: "CyberArk Password Vault Token" and "CyberArk Password Vault Token" #### Resources 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Resource" 3. Click "+ New Resource" 4. Input the values for the CyberArk Password Vault resource 1. **Name:** CyberArk Password Vault URL 2. **Description:** Optional 3. **Builder:** Your CyberArk Password Vault URL 5. **Optional** 1. **Access:** What other teams can also use the resource 6. Click "Save resource" 7. Click "+ New Resource" 8. Input the values for the CyberArk Password Vault resource 1. **Name:** CyberArk Password Vault Username (for On-Premise)/CyberArk Password Vault Client ID (for SaaS) 2. **Description:** Optional 3. **Builder:** CyberArk Password Vault Username (for On-Premise)/CyberArk Password Vault Client ID (for SaaS) 9. **Optional** 1. **Access:** What other teams can also use the resource 10. Click "Save resource" 11. Click "+ New Resource" 12. Input the values for the CyberArk Password Vault resource 1. **Name:** CyberArk Password Vault Account ID 2. **Description:** Optional 3. **Builder:** Your CyberArk Password Vault Account ID 13. **Optional** 1. **Access:** What other teams can also use the resource 14. Click "Save resource" #### Credentials ##### Step 1 To generate a CyberArk Password Vault bearer token, follow the steps outlined for the appropriate scenario. ##### Scenario 1: Tines Cloud Hosted and SaaS CyberArk Password Vault ![](https://downloads.intercomcdn.com/i/o/994393365/b6db05272a8f9f89cc44d5cb/image.png?expires=1781611200&signature=df41d53b06059bc3e85a83853849e52f0c33af259531c7dcfd2ae707ca80fc24&req=fSkjFcB9nodaFb4V1XW4gTfaFs6kckSNboBU8P%2BCihkNR4O7nYacYtwv5XAr%0AmACNG9pTR0wB31cmeyb18oqvbQ%3D%3D%0A) 1. Navigate to the team that will be using the API and click "Credentials" 2. Click "+ New Credential" and select "HTTP request" 3. Input the values for the CyberArk Password Vault credential 1. **Name:** CyberArk Password Vault Token 2. **Description:** Optional 3. **URL:** `https://<>/oauth2/platformtoken` 4. **Content Type:** JSON 5. **Method:** post 6. **Payload:** Copy the below object and paste into the "Plain code" section: ​ ``` { "client_id": "<>", "client_secret": "<>", "grant_type": "client_credentials", "concurrentSession": "True" } ``` 7. **Secret:** CyberArk Password Vault Client Secret 4. Click "Save" 5. Click "Run request" and make sure it returns a successful response. 6. **Location of token from response:** `cyberark_password_vault_token.body` 7. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains 2. **Access:** What other teams can also use the API 8. Click "Save" ##### Scenario 2: Tines Cloud hosted and On-Premise CyberArk Password Vault ![](https://downloads.intercomcdn.com/i/o/927114418/c6fbaeddac184192053f2f67/image.png?expires=1781611200&signature=d3f3fd6c33f069436def6e650d8670fd98e98793fbe81094b1ef04816db6b015&req=fSIgF8h6mYBXFb4V1XW4gTo2UhTh7fer1bwS66AKZ4pyKnw%2BLRkNe6RptL%2BN%0AESis5IsUiyoUm6ZajPG%2F%2FMtNjQ%3D%3D%0A) 1. Navigate to the team that will be using the API and click "Credentials" 2. Click "+ New Credential" and select "HTTP request" 3. Input the values for the CyberArk Password Vault credential 1. **Name:** CyberArk Password Vault Token 2. **Description:** Optional 3. **URL:** `https://<>/passwordvault/api/Auth/cyberark/logon` 4. **Content Type:** JSON 5. **Method:** post 6. **Payload:** Copy the below object and paste into the "Plain code" section: ​ ``` { "username": "<>", "password": "<>", "concurrentSession": "true" } ``` 7. **Secret:** CyberArk Password Vault Password 8. Click "+ Add option" and add "Use tunnel" 4. Click "Save" 5. Click "Run request" and make sure it returns a successful response. 6. **Location of token from response:** `cyberark_password_vault_token.body` 7. **TTL:** `30` 8. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains 2. **Access:** What other teams can also use the API 9. Click "Save" ##### Scenario 3: Tines Self Hosted and On-Premise CyberArk Password Vault ![](https://downloads.intercomcdn.com/i/o/927115365/b6b42198bb97cc2941493a33/image.png?expires=1781611200&signature=ef5f88a65ec21e81d9730e733406af33e039a17023a4f7af33a5e12be836c123&req=fSIgF8h7nodaFb4V1XW4gWb3JytJ2%2FVQES7zAHBCjS93KOr6CAIdc3H4mQMC%0A5Xh1ik7WsKCfPHTozValPcvk0w%3D%3D%0A) 1. Navigate to the team that will be using the API and click "Credentials" 2. Click "+ New Credential" and select "HTTP request" 3. Input the values for the CyberArk Password Vault credential 1. **Name:** CyberArk Password Vault Token 2. **Description:** Optional 3. **URL:** `https://<>/passwordvault/api/Auth/cyberark/logon` 4. **Content Type:** JSON 5. **Method:** post 6. **Payload:** Copy the below object and paste into the "Plain code" section: ​ ``` { "username": "<>", "password": "<>", "concurrentSession": "true" } ``` 7. **Secret:** CyberArk Password Vault Password 4. Click "Save" 5. Click "Run request" and make sure it returns a successful response. 6. **Location of token from response:** `cyberark_password_vault_token.body` 7. **TTL:** `30` 8. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains 2. **Access:** What other teams can also use the API 9. Click "Save" ##### Step 2 Now that the CyberArk Password Vault bearer token is stored in a credential, the token can be leveraged to make a subsequent call to retrieve specific service/application credentials. **For Service/Application token (SaaS):** 1. Navigate to the team that will be using the API and click "Credentials" 2. Click "+ New Credential" and select "HTTP request" 3. Input the values for the CyberArk Password Vault credential 1. **Name:** CyberArk Password Vault Token 2. **Description:** Optional 3. **URL:** `https://<>.priviledecloud.cyberark.cloud/PasswordVault/API/Accounts/<>/Password/Retrieve` 4. **Content Type:** JSON 5. **Method:** post 6. **Payload:** Copy the below object and paste into the "Plain code" section and modify as required: ​ ``` { "reason": "EnterReason" } ``` 7. **Headers:** `"Authorization": "<>"` 4. Click "Save" 5. Click "Run request" and make sure it returns a successful response. 6. **Location of token from response:** `cyberark_password_vault__token.body` where `` is the service you are retrieving the credentials for 7. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains 2. **Access:** What other teams can also use the API 8. Click "Save" **For Service/Application token (On-Premise):** 1. Navigate to the team that will be using the API and click "Credentials" 2. Click "+ New Credential" and select "HTTP request" 3. Input the values for the CyberArk Password Vault credential 1. **Name:** CyberArk Password Vault Token 2. **Description:** Optional 3. **URL:** `https://<>/passwordvault/api/accounts/<>/password/retrieve` 4. **Content Type:** JSON 5. **Method:** post 6. **Payload:** Copy the below object and paste into the "Plain code" section and modify as required: ​ ``` { "reason": "api testing", "TicketingSystem": "SIR12342134", "TicketId": "CHG0000123", "ActionType": "show", "isUse": false, "Machine": "tines" } ``` 7. **Headers:** `"Authorization": "<>"` 8. (Optional) Click "+ Add option" and add "Use tunnel" 4. Click "Save" 5. Click "Run request" and make sure it returns a successful response. 6. **Location of token from response:** `cyberark_password_vault__token.body` where `` is the service you are retrieving the credentials for 7. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains 2. **Access:** What other teams can also use the API 8. Click "Save" Your credentials should look like the following: **Step 1** **For Scenario 1:** ![](https://downloads.intercomcdn.com/i/o/994403783/54d1e68e93509aeb64e3197b/image.png?expires=1781611200&signature=e77255bc5b509e607590e5addfdd3f6ebda3b0f46beb0cb9ea6398d5ad82497f&req=fSkjEsl9molcFb4V1XW4gchd4PPdzXbjeX%2BQXmp%2Bifyir%2FXuTddtENzHH3CA%0ArLeY0mCQqK9trwQuvhtwgV%2BeMA%3D%3D%0A) ![](https://downloads.intercomcdn.com/i/o/994403968/5e4861bf7ac4c7d8f132e45a/image.png?expires=1781611200&signature=a546f3395dac7aaab33b41fb3d6567d29c56f686a3d871894130cc788d79f6ba&req=fSkjEsl9lIdXFb4V1XW4gfQ%2B0zkB7SN6R82t3%2B%2B88doKWhCQYulAq4%2FMpuoA%0A%2F2UaJ7TNnBuF%2F9hIKIHWhU0NrA%3D%3D%0A) ![](https://downloads.intercomcdn.com/i/o/994404076/8c8bf2120caf48f2bd41d072/image.png?expires=1781611200&signature=e0455282d6c5c91cbc414e6566c6ac3a20590a9ae1613b15b6aab885bfcf8568&req=fSkjEsl6nYZZFb4V1XW4gbPTyPklcdUf%2FnFLNYntjbhPJ6jWAE8X4C%2FD9oKb%0Ab1%2FLAVrqJhIwda2VH%2BtRsDWWcg%3D%3D%0A) **For Scenario 2:** ![](https://downloads.intercomcdn.com/i/o/927113043/934e988aa8130bc600c83e39/image.png?expires=1781611200&signature=d9d31cf9bc1900e9af8ec8acac5ecdff3dc2fbb2dfbbddf36b68ed21550f2042&req=fSIgF8h9nYVcFb4V1XW4galhDCAFgWc21XmTuNnYtXU%2FwsuDmovfJtO3fEPH%0Al8pYM2yUNzQYs7JHQYzrrjLvpA%3D%3D%0A) ![](https://downloads.intercomcdn.com/i/o/927113716/04dcfe8ab784c9e7d8394b37/image.png?expires=1781611200&signature=b0a7aaaa44ca03a9539b055a94e6fc35489d7520f5f06c42af31534e593c5d3b&req=fSIgF8h9moBZFb4V1XW4gUAij5gzUGARJZZPNIvlgMKPYOh2K%2BWJJAwxNshA%0A2fRpEyAXW5GdYcGvJziK49Zd8Q%3D%3D%0A) ![](https://downloads.intercomcdn.com/i/o/927113774/ed339591de0d858779bae19e/image.png?expires=1781611200&signature=a1f4dcab3fe7100c5e8bbfc9ba8b123d45c7fb1a8d1d824e5d6872ba1248efef&req=fSIgF8h9moZbFb4V1XW4gb736ThvmAg2%2BYfraPm9lcU3BUeuGnq%2ByIT1AMC2%0AHyfUulUIoFx6uJuW%2Bc4kiG07QQ%3D%3D%0A) **For Scenario 3:** ![](https://downloads.intercomcdn.com/i/o/927113043/934e988aa8130bc600c83e39/image.png?expires=1781611200&signature=d9d31cf9bc1900e9af8ec8acac5ecdff3dc2fbb2dfbbddf36b68ed21550f2042&req=fSIgF8h9nYVcFb4V1XW4galhDCAFgWc21XmTuNnYtXU%2FwsuDmovfJtO3fEPH%0Al8pYM2yUNzQYs7JHQYzrrjLvpA%3D%3D%0A) ![](https://downloads.intercomcdn.com/i/o/927113112/58f88aae30c2039c81e88c08/image.png?expires=1781611200&signature=2cbfdcca498abd3da59d530066334a8eecb51dcf035255eadc9219741fcfa5b7&req=fSIgF8h9nIBdFb4V1XW4gRl1KmgbtrAO3Bb733sss%2BikspgH3hTOnYs78TQ0%0AW0QgtcomiO2Tj7OQzSqDh7CDmA%3D%3D%0A) ![](https://downloads.intercomcdn.com/i/o/927113179/c8a0c74b558ec633dfa0e20b/image.png?expires=1781611200&signature=376cee9c35e703a3faa50b5f1825e15671e3bce19c06fa078ca217f0054df17c&req=fSIgF8h9nIZWFb4V1XW4gf2VMZMlvgkiBuXi02N0ZTItKDU0qhPu%2BGvvbqiv%0Amb%2BTwEyWJdPApvl6Ketz1wkceA%3D%3D%0A) **Step 2** **For Service/Application token (SaaS):** ![](https://downloads.intercomcdn.com/i/o/994405949/defcdb5d4c3545cceeb91da1/image.png?expires=1781611200&signature=83bc462cfdb37ffeed6b92a25e2382e5cf46ce6fd250e5b80a1b21cf72875f9c&req=fSkjEsl7lIVWFb4V1XW4gTopGmeLAOKfDrRBakogS%2FNxbkkWh7WT3X%2FC%2BLwx%0Ad8MJmRwwMd9cxYSUIGqbJxzT%2BA%3D%3D%0A) ![](https://downloads.intercomcdn.com/i/o/994406631/e4050daa26910f2484124b8f/image.png?expires=1781611200&signature=aecc9c15920c769c5543ed42e7b611f5a1c110fb2178236ff5d498e5479ef441&req=fSkjEsl4m4JeFb4V1XW4gZdCeQEL%2BANZyE7zyo668jsFhE9xehu944cE9931%0AGZc6lIEF9MLfLrdNF0vUFW%2BujQ%3D%3D%0A) ![](https://downloads.intercomcdn.com/i/o/927127948/7114d3878c64cbd587025f22/image.png?expires=1781611200&signature=0a0824d919416ec830f931a0618522e44037b1872e3e86dc3f01908ad06c3b74&req=fSIgF8t5lIVXFb4V1XW4gQIFgmOOhmZRZ8D5c0DVjebwVFvvJCGJkSpvtCdm%0AieUV7UTMoUOCB5guTZ9e19JdgQ%3D%3D%0A) **For Service/Application token (On-Premise):** ![](https://downloads.intercomcdn.com/i/o/927127817/ca37740d2f20119a6bd9e9a5/image.png?expires=1781611200&signature=f75ec02d82608aaec55e40f69e95de72ca51b398f85299c9c058514a9ac841a7&req=fSIgF8t5lYBYFb4V1XW4gTxXIF4Foj2R4zWOfkCC9zYPkc3ZgsCjgNZVS2qm%0ADlIvL8OBAsqfJVFaYkxV4Q8sJQ%3D%3D%0A) ![](https://downloads.intercomcdn.com/i/o/927127865/aa6026ea210ccf3747e3e63b/image.png?expires=1781611200&signature=a08eaf5fe2084cd741bf5ca434826ddeeb5f91db76c92b22198f96899950cd46&req=fSIgF8t5lYdaFb4V1XW4gRmoMQd%2FxBtLvfu6VaApbbDpuPU31vk%2B5Y9KxLj2%0AxxgUPkBrZ2VPa1kCuOEg8dkWMg%3D%3D%0A) ![](https://downloads.intercomcdn.com/i/o/927127948/7114d3878c64cbd587025f22/image.png?expires=1781611200&signature=0a0824d919416ec830f931a0618522e44037b1872e3e86dc3f01908ad06c3b74&req=fSIgF8t5lIVXFb4V1XW4gQIFgmOOhmZRZ8D5c0DVjebwVFvvJCGJkSpvtCdm%0AieUV7UTMoUOCB5guTZ9e19JdgQ%3D%3D%0A) > **More on creating credentials in Tines [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can also find a selection of CyberArk Password Vault stories in the [story library](https://www.tines.com/library?view=all&s=cyberark%20password%20vault).** ## Cybereason Authentication Guide Cybereason offers an endpoint protection platform. It delivers antivirus software, endpoint detection and response with one agent, and a suite of managed services. ### First, create a Cybereason resource in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Resource" 3. Click "+ New Resource" 4. Input the values for the Cybereason resource 1. **Name:** cybereason\_username 2. **Description:** Optional 3. **Builder:** Your Cybereason username 5. **Optional** 1. **Access:** What other teams can also use the resource 6. Click "Save resource" ### Lastly, create Cybereason credentials in Tines You will need to create two credentials: - One Text type: "cybereason\_password" - One HTTP request type: "cybereason\_cookie" ##### Text type 1. Navigate to the team that will be using the API and click "Credential" 2. Click "+ New Credential" and select "Text" 3. Input the values for the Cybereason credential 1. **Name:** cybereason\_password 2. **Description:** Optional 3. **Value:** Your Cybereason password 4. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains 2. **Access:** What other teams can also use the API 5. Click "Save" ##### HTTP request type 1. Click "+ New Credential" and select "HTTP Request" 2. Input the values for the Cybereason credential 1. **Name:** cybereason\_ccokie 2. **Description:** Optional 3. **URL:** `https://integration.cybereason.net:8443/login.html` 4. **Content-Type:** `"Custom": "application/x-www-form-urlencoded"` 5. **Method:** post 6. **Payload**: Copy the below object and paste into the "Plain code" section: ​ ``` { "username": "<>", "password": "<>" } ``` 7. **Disable redirect follow:** Click the "+ Option" button, select choose "Disable redirect follow" and ensure the box remains ticked: ​ ![](https://downloads.intercomcdn.com/i/o/832725944/57a47844ef996222f4204fa1/image.png?expires=1781611200&signature=fa144f0171c03bb609a343dfb42fe24fb767026ea67dcd0e805a37b53cc6008a&req=fCMlEct7lIVbFb4V1XW4gciVerxWPCt79UTFpXBmQCJtEAV79%2F3%2FyHjBPmGi%0A9plwuG2zAFGMXuiw62XVbFtr0A%3D%3D%0A) ​ 8. Click "Run options" and make sure you get a successful response like the following: ​ ![](https://downloads.intercomcdn.com/i/o/832731234/26e80339806f48d36f2e51c1/image.png?expires=1781611200&signature=f24eddefa4eb1ce524d676a1c601149307df4fea4f58bbb82a98260032a6dca2&req=fCMlEcp%2Fn4JbFb4V1XW4gQVHytLhUW1b0pD7fBhOWt8eFoPjSuZiUKEpR4Ho%0AX0NAYqBdPmtzPSJTnFAoQ30tsw%3D%3D%0A) ​ 9. **Location of token from response:** `SPLIT(cybereason_cookie.headers["set-cookie"], ";") |> FIRST(%)` 3. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains 2. **Access:** What other teams can also use the API 4. Click "Save" Your credential should look like the following: ![](https://downloads.intercomcdn.com/i/o/832729358/b9a0693e9b30fd7d25bfb7a5/image.png?expires=1781611200&signature=50296d42e5ceda9e365c60c1a671fa43aecba2546b64cd2a5c724b57a44ce615&req=fCMlEct3noRXFb4V1XW4gSIY0n6RBoSRypg9lLQji7Kl7ROuazs%2BHDLIk1Fx%0A7GhWCo0tFspQO62asBl5tXC4Mw%3D%3D%0A) ![](https://downloads.intercomcdn.com/i/o/832729482/676fd102dae93c0127312635/image.png?expires=1781611200&signature=b4e669782b3e54f617feb678f04ab44af8192fe4daa481c811586564eb854a0d&req=fCMlEct3mYldFb4V1XW4gRzNH2kfy8WUm7DxSnF5gZIKTLDQTUqRg1bc4ElV%0AtkWVoXf6Dm4eMN6vYxmJvf5cHQ%3D%3D%0A) ![](https://downloads.intercomcdn.com/i/o/832730309/cc7c62cf25275fa3417fadf3/image.png?expires=1781611200&signature=23d1151c25715fe678a56fa1f1cfa8a551a2e4b8a3f4c155ec984454288c0403&req=fCMlEcp%2BnoFWFb4V1XW4gZjcg14Y4FcEYycoybsHRzNra9hvMSWKaaHnx7qM%0A2OH%2B7xDZ4iCY4gGQLcVlYATbEw%3D%3D%0A) > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Cybereason stories in the [story library](https://www.tines.com/library?s=cybereason&view=all).** ### Using the credential in an action The Header configuration for your Cybereason credential should be: ``` "Cookie": "<>" ``` Here is an example Cybereason action you can copy and paste onto your storyboard in Tines: ``` {"standardLibVersion":"35","actionRuntimeVersion":"4","agents":[{"disabled":false,"name":"Retrieve Cybereason Sensor Information","description":"Retrieve sensor infomration","options":"{\"url\":\"https://<>/rest/sensors/query\",\"method\":\"post\",\"content_type\":\"json\",\"payload\":{\"limit\":1000,\"offset\":0,\"filters\":[]},\"headers\":{\"Cookie\":\"<>\"}}","position":{"x":375,"y":1095},"type":"httpRequest","timeSavedUnit":"minutes","timeSavedValue":0,"monitorAllEvents":false,"monitorFailures":false,"monitorNoEventsEmitted":null,"recordType":null,"recordWriters":[],"form":null,"cardIconName":"httpRequest","createdFromTemplateGuid":"2dca49465829825a3f4f5ddaee6b1321c9667ffa07d713ab8186b60a9be3d607","createdFromTemplateVersion":1,"originStoryIdentifier":"cloud:aa47f8215c6f30a0dcdb2a36a9f4168e:d4c15df0f02ba4789095426607003199"}],"links":[],"diagramNotes":[]} ``` ## Cylance Authentication Guide **Cylance** was a pioneer in cybersecurity AI, replacing legacy antivirus software with preventative solutions and services that protect the endpoints—and businesses. While other security providers claim to use AI in their products, they fall short of the full promise of AI to prevent future cyberattacks. ## First, get your Cylance application details 1. Log into your Cylance console as an Administrator 2. Select "Settings" and click "Integrations" 3. Click "Add application" 4. Name the application "Tines" 5. Provide the access privileges for the actions you want to be able to take in Tines: ``` - device:list - threat:read - threat:devicelist ``` ![](https://downloads.intercomcdn.com/i/o/768987856/27a40ffc622794ba026ed8a0/image.png?expires=1781611200&signature=407ca2cf8847277f8d3c75c4b9ed367b75a43a0285dc8dc86e3eeb79242131a6&req=cyYvH8F5lYRZFb4V1XW4gb3J1ijJCs76t8ZfIgtjSuPxenEqdjePs9e0zXRy%0ANLH5%2FEYDVH0JNx4htjEW0bTvOQ%3D%3D%0A) 6. Click "Save" and copy the "Application ID" and "Application secret". ## Next, create a Cylance credential in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credential" 3. Click "+ New Credential" and select "JWT" 4. Input the values for the credential 1. **Name**: Required 2. **Description**: Optional 3. **Algorithm**: HS256 4. **Payload:** 1. **iss:** Represents the principal issuing the token, which is [http://cylance.com](http://cylance.com) 2. **jti**: Unique ID for the token, which can be used to prevent reply attacks. This can be a random string 3. **sub** - Principal subject to the claim, which would hold your Cylance "Application ID". 4. **exp:** `< PLUS(%, 1800)>>` 5. **iat:** `<>` 5. **HMAC Secret**: "Application Secret" copied earlier **Important Note:** Do not choose the option to automatically generate these values in Tines. Use the [DATE() formula](https://www.tines.com/docs/formulas/functions/date) to generate both `exp` and `iat`. ![](https://downloads.intercomcdn.com/i/o/768992448/641d3f3e50a00cef7c0107ff/image.png?expires=1781611200&signature=0f699f77d914ec2487cda984f55ca31f3e2556ae5885ad08beabf0cca11cbfef&req=cyYvH8B8mYVXFb4V1XW4gUNmua0pKhpTlzBSz3eG4NXhmoixHWFP2E2W%2FEPj%0A512wmb0XZMVo3Xo9BS%2BzOAJ5bg%3D%3D%0A) ## Using the credential in an action Exchange the JWT credential for a Cylance access token using the Auth Token action below as the first step in your story: ``` {"standardLibVersion":"28","actionRuntimeVersion":"4","agents":[{"disabled":false,"name":"Auth Token","description":null,"options":"{\"url\":\"https://protectapi.cylance.com/auth/v2/token\",\"method\":\"post\",\"payload\":{\"auth_token\":\"<>\"},\"content_type\":\"json\"}","position":{"x":375,"y":240},"type":"httpRequest","timeSavedUnit":"minutes","timeSavedValue":0,"monitorAllEvents":false,"monitorFailures":false,"monitorNoEventsEmitted":null,"recordType":null,"recordWriters":[],"form":null,"cardIconName":null,"createdFromTemplateGuid":null,"createdFromTemplateVersion":null}],"links":[],"diagramNotes":[]} ``` > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Cylance stories in the [story library](https://www.tines.com/story-library?s=cylance).** ​ ## Darktrace Authentication Guide Connect Tines to Darktrace to create powerful automations with the below authentication guide. ### First, get the relevant credentials needed in Darktrace To authenticate Darktrace for use with Tines, you will need the following: - Public token - Private token - Darktrace domain Public and private tokens can be generated on a per-user basis or via Global tokens. For further details, visit [Darktrace's Authentication Info Page](https://portal.darktrace.com/product-guides/main/api-tokens). ### Then, create a Darktrace credential in Tines **Darktrace connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Darktrace" and follow the prompts to connect. ##### **Manual credential creation** This method is not recommended as the Darktrace connect flow creates this credential with much less complexity. However, if you need to create this credential set manually, see the following steps below: 1. Click "+ New Credential" and select "Text" 2. Input the values for the Darktrace credential 1. **Name:** Required 2. **Description:** Optional 3. **Value:** Your private token 4. **Metadata:** Enable metadata and add the below metadata: ``` { "domain": "your Darktrace domain", "public_token": "your Darktrace public token" } ``` This will allow you to reference the credential's metadata via the `INFO` key. This is also used in our templates. 3. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. As Darktrace uses signature based authentication, the secret is used to create a signature and cannot have a restricted domain. Do not enter a value for this field. 2. **Access:** What other teams can also use the credential. > Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/darktrace). > > For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines). ## Data transformation example - Automatic mode ## Overview **Automatic mode** lets you ask Tines to decide when and how to apply transformations to your data. It’s like telling Tines to handle the heavy lifting automatically without you having to manually trigger each transformation. All you need is a little bit of prompt engineering! ## Tines references Before getting started, we recommend familiarizing yourself with the surrounding functionality this article covers - [Tines - Automatic Mode](https://www.tines.com/docs/actions/types/event-transformation/automatic/) ## Make it happen ### Scenario Copy (`CMD + c`) the JSON block provided below and paste (`CMD + v`) it onto the storyboard (these are action tiles and will auto-populate!). **Run** them and see how Automatic Mode outputs results within the **Events** panel: - **Fruit Example:** Using Automatic Mode, we loop through an array of fruits to insert each array value into a message. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1451039821/4d1a8968ae66a1067ea22bd65aa2/image.png?expires=1781611200&signature=d89608b41f443e4a57dc5a7acc53b30863b5c6a1f9ff4f43f16514ab4a21854a&req=dSQiF8l9lIldWPMW3nq%2BgZLZqnA8p4sQExZiEFIlW7Y7RlFspLCJJ%2F52FnEQ%0A4bRsMYHUqinLY796nX0w4Tshtdw%3D%0A) - **Email Example**: Using Automatic Mode, we extract the URLs presented within an email body. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1451042695/a31b8e32f87d9728aac21a2f9849/image.png?expires=1781611200&signature=32326c4cf415ea2cb3af34ec2c9ac231876b7e3f3794046911be638f4551fbca&req=dSQiF8l6n4dWXPMW3nq%2BgUaL8rpETHAeIzh0E0BX9CkRq4444jhV%2FdW1w7Mh%0Ao8vLbensQPRS3SqfLIUgZODVzCg%3D%0A) * * * ### Actions #### Fruit Example ``` {"standardLibVersion":"81","actionRuntimeVersion":"32","agents":[{"disabled":false,"name":"Automatic","description":null,"options":"{\"mode\":\"automatic\",\"input\":\"=fruit\",\"guidance\":\"Write the following sentence for each element in the array, replacing the fruit and color.\\n\\n\\\"The fruit is color.\\\"\",\"language\":\"python\",\"script\":\"def main(input):\\n sentences = [f\\\"The {fruit.get('name')} is {fruit.get('color')}.\\\" for fruit in input]\\n return sentences\"}","position":{"x":1140,"y":900},"type":"eventTransformation","timeSavedUnit":"minutes","timeSavedValue":0,"monitorAllEvents":false,"monitorFailures":false,"monitorNoEventsEmitted":null,"caseConfiguration":{"subStatus":null,"tags":[]},"recordType":null,"recordWriters":[],"form":null,"createdFromTemplateGuid":null,"createdFromTemplateVersion":null,"templateTags":[],"originStoryIdentifier":"cloud:0a13dfc5dbb71212cab0ad314b7fe531:f0064f807ac02bf877a6ff31d9b76916"},{"disabled":false,"name":"Fruit","description":null,"options":"{\"mode\":\"message_only\",\"loop\":false,\"payload\":[{\"name\":\"banana\",\"color\":\"yellow\"},{\"name\":\"strawberry\",\"color\":\"red\"},{\"name\":\"orange\",\"color\":\"orange\"}]}","position":{"x":1140,"y":825},"type":"eventTransformation","timeSavedUnit":"minutes","timeSavedValue":0,"monitorAllEvents":false,"monitorFailures":false,"monitorNoEventsEmitted":null,"caseConfiguration":{"subStatus":null,"tags":[]},"recordType":null,"recordWriters":[],"form":null,"createdFromTemplateGuid":null,"createdFromTemplateVersion":null,"templateTags":[],"originStoryIdentifier":"cloud:0a13dfc5dbb71212cab0ad314b7fe531:f0064f807ac02bf877a6ff31d9b76916"}],"links":[{"sourceIdentifier":"1","receiverIdentifier":"0"}],"diagramNotes":[]} ``` #### Email Example ``` {"standardLibVersion":"81","actionRuntimeVersion":"32","agents":[{"disabled":false,"name":"Email Message","description":null,"options":"{\"mode\":\"message_only\",\"loop\":false,\"payload\":{\"body\":\"\\n\\n\\n

Hey [Recipient's Name],

\\n\\n

Hope you're doing well! Just wanted to send over a few links that might come in handy.

\\n\\n

The project docs are over here: \\n Notion Docs.

\\n\\n

If you need to check on any tasks or update your progress, you can do that on \\n Trello.

\\n\\n

Our meeting schedule is all on \\n Google Calendar.

\\n\\n

And if you run into any issues, the FAQ page might have the answers: \\n Microsoft Support.

\\n\\n

Let me know if you need anything else!

\\n\\n

Cheers,
[Your Name]

\\n\\n\\n\"}}","position":{"x":1335,"y":825},"type":"eventTransformation","timeSavedUnit":"minutes","timeSavedValue":0,"monitorAllEvents":false,"monitorFailures":false,"monitorNoEventsEmitted":null,"caseConfiguration":{"subStatus":null,"tags":[]},"recordType":null,"recordWriters":[],"form":null,"createdFromTemplateGuid":null,"createdFromTemplateVersion":null,"templateTags":[],"originStoryIdentifier":"cloud:0a13dfc5dbb71212cab0ad314b7fe531:f0064f807ac02bf877a6ff31d9b76916"},{"disabled":false,"name":"Automatic","description":null,"options":"{\"mode\":\"automatic\",\"input\":\"=email_message.body\",\"guidance\":\"Extract the URLs from this message.\",\"language\":\"python\",\"script\":\"import re\\n\\ndef main(input):\\n # Use regex to find all URLs in the input HTML\\n urls = re.findall(r'href=\\\"(https?://[^\\\"]+)\\\"', input)\\n return urls\"}","position":{"x":1335,"y":900},"type":"eventTransformation","timeSavedUnit":"minutes","timeSavedValue":0,"monitorAllEvents":false,"monitorFailures":false,"monitorNoEventsEmitted":null,"caseConfiguration":{"subStatus":null,"tags":[]},"recordType":null,"recordWriters":[],"form":null,"createdFromTemplateGuid":null,"createdFromTemplateVersion":null,"templateTags":[],"originStoryIdentifier":"cloud:0a13dfc5dbb71212cab0ad314b7fe531:f0064f807ac02bf877a6ff31d9b76916"}],"links":[{"sourceIdentifier":"0","receiverIdentifier":"1"}],"diagramNotes":[]} ``` ## Data transformation example - Data mapping ## Overview **Data mapping** in Tines is about connecting the data you receive to the places where it’s needed in your workflow. This is done using **reference paths**, which allow you to pinpoint exactly where the data you want is located within the incoming event data. When Tines receives data (often in JSON format) from another system, you need to map the incoming fields to the correct spots in your workflow. This is done using **reference paths**; like giving Tines directions to find the data in the JSON response. ## Tines references Before getting started, we recommend familiarizing yourself with the surrounding functionality this article covers: - [Tines - Referencing data](https://www.tines.com/docs/formulas/referencing-data/) ## Make it happen #### Scenario [Watch video](https://www.youtube.com/embed/kSKS3VgAsxQ?rel=0) Reference employee data from a previous action. 1. Copy (`CMD + c`) the JSON block provided below and paste (`CMD + v`) it onto the storyboard (these are action tiles and will auto-populate!). 2. Click the “Employee” action tile. 3. Review the JSON structure of this action via the **Payload Builder** in the right config panel to familiarize yourself with the data it will pass. 4. Click the “Referencing Data” action tile. 5. Review the **Payload Builder** of this action as well. Notice how the Value pills are referencing the upstream “Employee” action tile’s JSON paths. 6. Click back to the “Employee” action tile. 7. Click **Run**. 8. Once the flow has finished, compare the **Events** of both actions and see how the upstream data is being referenced in the “Referencing Data” action. * * * #### Actions ``` {"standardLibVersion":"82","actionRuntimeVersion":"32","agents":[{"disabled":false,"name":"Employee","description":null,"options":"{\"mode\":\"message_only\",\"loop\":false,\"payload\":{\"user\":{\"name\":\"Angie\",\"email\":\"angie@tines.io\",\"profile\":{\"city\":\"Boston\"}}}}","position":{"x":165,"y":285},"type":"eventTransformation","timeSavedUnit":"minutes","timeSavedValue":0,"monitorAllEvents":false,"monitorFailures":false,"monitorNoEventsEmitted":null,"caseConfiguration":{"subStatus":null,"tags":[]},"recordType":null,"recordWriters":[],"form":null,"createdFromTemplateGuid":null,"createdFromTemplateVersion":null,"templateTags":[],"originStoryIdentifier":"cloud:0a13dfc5dbb71212cab0ad314b7fe531:f0064f807ac02bf877a6ff31d9b76916"},{"disabled":false,"name":"Referencing Data","description":null,"options":"{\"mode\":\"message_only\",\"loop\":false,\"payload\":\"The user's name is <>. Their email address is <>. They work at the <> office.\"}","position":{"x":165,"y":375},"type":"eventTransformation","timeSavedUnit":"minutes","timeSavedValue":0,"monitorAllEvents":false,"monitorFailures":false,"monitorNoEventsEmitted":null,"caseConfiguration":{"subStatus":null,"tags":[]},"recordType":null,"recordWriters":[],"form":null,"createdFromTemplateGuid":null,"createdFromTemplateVersion":null,"templateTags":[],"originStoryIdentifier":"cloud:0a13dfc5dbb71212cab0ad314b7fe531:f0064f807ac02bf877a6ff31d9b76916"}],"links":[{"sourceIdentifier":"0","receiverIdentifier":"1"}],"diagramNotes":[]} ``` ## Data transformation example - Data structures ## Overview Creating a **data structure** means organizing your data into a format that is easy to use in your workflow. In Tines, this involves defining a **data type**, which describes the structure of the data you’re working with. Data types in Tines are **schema-less**, meaning that the data doesn't have to follow a rigid structure. However, defining a clear structure helps to make the data easier to understand and work within your automation. ## Tines references Before getting started, we recommend familiarizing yourself with the surrounding functionality this article covers: - [Tines - Language description](https://www.tines.com/docs/formulas/language/) ## Make it happen #### Core Data Types in Tines - **Text**: A string of characters (e.g., a name, description, etc.). This data structure is colored purple within Tines. - **Integer**: A whole number (e.g., 123). This data structure is colored green within Tines. - **Float**: A number with decimals (e.g., 12.34). This data structure is colored green within Tines. - **Boolean**: A true/false value. This data structure is colored blue within Tines. - **Array**: A list of values, which can be of any type (e.g., an array of users or event data). This data structure is identified by square brackets (“\[“, “\]”) - **Object**: A collection of key-value pairs (e.g., an object containing user information like name, email, etc.). This data structure is identified by curly brackets (“{“, “}”). * * * #### Extra Information You might be asking, why is it important to identify these different data structure types in Tines? Here are a few reasons!: - **Troubleshooting:** If you misinterpret the structure, you may run into errors like trying to access an array as an object. Recognizing data structures helps in troubleshooting Tines functions and API responses effectively. - **Efficient data parsing:** Understanding JSON structures helps you extract and manipulate data correctly, whether it's a simple key-value pair, an array, or a deeply nested object. - **Interoperability:** As you’ll be working with different platform APIs in Tines, endpoint parameters may require that their value is set to a specific data structure. Familiarizing yourself with these will make it easier to work with any endpoint. * * * #### Scenario ![](https://downloads.intercomcdn.com/i/o/am0g137l/1450995457/028cf03ba4a9c379c6851a21a205/image.png?expires=1781611200&signature=632c97e9c36779b0d114fccbeeb7ded452a3d4920f8a19dcbe0299d424421f16&req=dSQiFsB3mIVaXvMW3nq%2BgSizdtBe8Jse7Og89DeAj1VHZt83sj7Zi2%2FIgMGq%0AZHOD4ZAkASCSU9P4rinPImh9w8s%3D%0A) Copy (`CMD + c`) the JSON block provided below and paste (`CMD + v`) it onto the storyboard (these are action tiles and will auto-populate!). **Run** them and see how the different data structures look within the **Events** panel. * * * #### Actions ``` {"standardLibVersion":"82","actionRuntimeVersion":"32","agents":[{"disabled":false,"name":"Data Types","description":null,"options":"{\"mode\":\"message_only\",\"loop\":false,\"payload\":{\"array\":[\"This is an array structure!\"],\"boolean\":true,\"float\":17.38,\"integer\":21,\"null\":null,\"object\":{\"value\":\"This is an object structure!\"},\"string\":\"This is text!\"}}","position":{"x":750,"y":1080},"type":"eventTransformation","timeSavedUnit":"minutes","timeSavedValue":0,"monitorAllEvents":false,"monitorFailures":false,"monitorNoEventsEmitted":null,"caseConfiguration":{"subStatus":null,"tags":[]},"recordType":null,"recordWriters":[],"form":null,"createdFromTemplateGuid":null,"createdFromTemplateVersion":null,"templateTags":[],"originStoryIdentifier":"cloud:0a13dfc5dbb71212cab0ad314b7fe531:f0064f807ac02bf877a6ff31d9b76916"},{"disabled":false,"name":"Real Example","description":null,"options":"{\"mode\":\"message_only\",\"loop\":false,\"payload\":{\"user\":{\"id\":42,\"email\":\"yanni@tines.io\",\"is_active\":true,\"survey_score\":96.5,\"favorite_foods\":[\"ramen\",\"burritos\"]}}}","position":{"x":915,"y":1080},"type":"eventTransformation","timeSavedUnit":"minutes","timeSavedValue":0,"monitorAllEvents":false,"monitorFailures":false,"monitorNoEventsEmitted":null,"caseConfiguration":{"subStatus":null,"tags":[]},"recordType":null,"recordWriters":[],"form":null,"createdFromTemplateGuid":null,"createdFromTemplateVersion":null,"templateTags":[],"originStoryIdentifier":"cloud:0a13dfc5dbb71212cab0ad314b7fe531:f0064f807ac02bf877a6ff31d9b76916"}],"links":[],"diagramNotes":[]} ``` ## Data transformation example - Functions ## Overview **Functions** in Tines allow you to perform calculations, manipulate strings, and work with data in creative ways. They are essential for transforming data in your workflows and can be applied to data at any point in the automation process. Tines has a set of **built-in functions** that you can use to manipulate data, here are some examples: - **Mathematical Functions**: Functions like `SUM`, `SUBTRACT`, `TIMES`, and `DIVIDED_BY` allow you to perform operations on numbers. - **Text Functions**: Use functions like `CONCAT`, `TITELIZE`, and `DOWNCASE` to manipulate text. These functions are useful for formatting data or combining text values. - **Logical Functions**: Functions like `IF`, `IS_PRESENT`, and `OR`, and `SWITCH` allow you to create conditional logic in your workflows. - **Time Functions**: Functions like `NOW`, `DATE`, and `DATE_DIFF` allow you to manipulate date and time data. ## Tines references Before getting started, we recommend familiarizing yourself with the surrounding functionality this article covers: - [Tines - Functions](https://www.tines.com/docs/formulas/functions/) ## Make it happen ### Scenario [Watch video](https://www.youtube.com/embed/v7_0sEDiGvA?rel=0) Copy (`CMD + c`) the JSON block provided below and paste (`CMD + v`) it onto the storyboard (these are action tiles and will auto-populate!). **Run** them and see how the different Tines functions executed within the **Events** panel: - Utilize the `IF` function to return a message based on a passed value. - Utilize the `DIVIDED_BY` function to divide two numbers. - Utilize the `TITLEIZE` function to capitalize the first letter of each word in a string of text. - Utilize the `NOW` function to return the current date and timestamp in UTC. * * * ### Actions ``` {"standardLibVersion":"81","actionRuntimeVersion":"32","agents":[{"disabled":false,"name":"Functions","description":null,"options":"{\"mode\":\"message_only\",\"loop\":false,\"payload\":{\"logical\":\"=IF(data.color = \\\"Blue\\\", \\\"Blue is my favorite color!\\\", \\\"This isn't my favorite color.\\\")\",\"mathematical\":\"=DIVIDED_BY(data.number, 2)\",\"text\":\"=TITLEIZE(data.message)\",\"time\":\"=NOW()\"}}","position":{"x":165,"y":1095},"type":"eventTransformation","timeSavedUnit":"minutes","timeSavedValue":0,"monitorAllEvents":false,"monitorFailures":false,"monitorNoEventsEmitted":null,"caseConfiguration":{"subStatus":null,"tags":[]},"recordType":null,"recordWriters":[],"form":null,"createdFromTemplateGuid":null,"createdFromTemplateVersion":null,"templateTags":[],"originStoryIdentifier":"cloud:0a13dfc5dbb71212cab0ad314b7fe531:f0064f807ac02bf877a6ff31d9b76916"},{"disabled":false,"name":"Data","description":null,"options":"{\"mode\":\"message_only\",\"loop\":false,\"payload\":{\"color\":\"Blue\",\"number\":8,\"message\":\"welcome to tines!\"}}","position":{"x":165,"y":1005},"type":"eventTransformation","timeSavedUnit":"minutes","timeSavedValue":0,"monitorAllEvents":false,"monitorFailures":false,"monitorNoEventsEmitted":null,"caseConfiguration":{"subStatus":null,"tags":[]},"recordType":null,"recordWriters":[],"form":null,"createdFromTemplateGuid":null,"createdFromTemplateVersion":null,"templateTags":[],"originStoryIdentifier":"cloud:0a13dfc5dbb71212cab0ad314b7fe531:f0064f807ac02bf877a6ff31d9b76916"}],"links":[{"sourceIdentifier":"1","receiverIdentifier":"0"}],"diagramNotes":[]} ``` ## Data transformation example - Function stacks using |> % ## Overview A **function stack** is a sequence of multiple functions applied one after another. The `|>(%)` pipeline operator applies multiple transformations to the data in a chain, making it cleaner and more readable. Functions stacks are used as a sequencer to apply multiple functions one after another (`|>` being the separator) on the output value (`%`) of the previous function. Think of it as numbered instructions for a cooking recipe, where you must do step one before moving to step two. ## Tines references Before getting started, we recommend familiarizing yourself with the surrounding functionality this article covers: - [Tines - Operators](https://www.tines.com/docs/formulas/operators/) ## Make it happen ### Scenario ![](https://downloads.intercomcdn.com/i/o/am0g137l/1451016013/8ff4bde9cba4ae40762f1f020cdb/image.png?expires=1781611200&signature=50db3c1436c542eba584564b3fcc9e0728460ccace51bfd344cd7fc0a299d876&req=dSQiF8l%2Fm4FeWvMW3nq%2BgScGWKfdQho7H1bwksc2Wod1LBc3eq462Gh2w3cm%0A2x%2ByeZu%2Ff8aT4%2FaOj4bOlLBjrlo%3D%0A) Map user names in an array, then sort them alphabetically. 1. Copy (`CMD + c`) the JSON block provided below and paste (`CMD + v`) it onto the storyboard (these are action tiles and will auto-populate!). 2. Click the “Users” action tile. 3. Review the JSON structure of this action via the **Payload Builder** in the right config panel to familiarize yourself with the data it will pass. 4. Click the “Pull names and sort alphabetically” action tile. 5. Review the **Payload Builder** of this action as well. Notice how the formula stack utilizes the `MAP` function, which pulls the list of “name” values from the array, then the `SORT` function to sort the names alphabetically. The logic of these functions is separated by the `|>` and the `%` is used to reference the output of the first function (`MAP`) in the stack to be used in the `SORT` function. 6. Click back to the “Users” action tile. 7. Click **Run**. 8. Once the flow has finished, compare the **Events** of both actions and see how the function stack worked to transform the data. * * * ### Actions ``` {"standardLibVersion":"81","actionRuntimeVersion":"32","agents":[{"disabled":false,"name":"Users","description":null,"options":"{\"mode\":\"message_only\",\"loop\":false,\"payload\":[{\"id\":\"01\",\"name\":\"Hanna\",\"team\":\"CSM\"},{\"id\":\"02\",\"name\":\"Shelby\",\"team\":\"CSE\"},{\"id\":\"03\",\"name\":\"Ray\",\"team\":\"Training\"},{\"id\":\"04\",\"name\":\"Daniel\",\"team\":\"Support\"}]}","position":{"x":690,"y":750},"type":"eventTransformation","timeSavedUnit":"minutes","timeSavedValue":0,"monitorAllEvents":false,"monitorFailures":false,"monitorNoEventsEmitted":null,"caseConfiguration":{"subStatus":null,"tags":[]},"recordType":null,"recordWriters":[],"form":null,"createdFromTemplateGuid":null,"createdFromTemplateVersion":null,"templateTags":[],"originStoryIdentifier":"cloud:0a13dfc5dbb71212cab0ad314b7fe531:f0064f807ac02bf877a6ff31d9b76916"},{"disabled":false,"name":"Pull names and sort alphabetically","description":null,"options":"{\"mode\":\"message_only\",\"loop\":false,\"payload\":\"=MAP(users, \\\"name\\\") |> SORT(%)\"}","position":{"x":690,"y":825},"type":"eventTransformation","timeSavedUnit":"minutes","timeSavedValue":0,"monitorAllEvents":false,"monitorFailures":false,"monitorNoEventsEmitted":null,"caseConfiguration":{"subStatus":null,"tags":[]},"recordType":null,"recordWriters":[],"form":null,"createdFromTemplateGuid":null,"createdFromTemplateVersion":null,"templateTags":[],"originStoryIdentifier":"cloud:0a13dfc5dbb71212cab0ad314b7fe531:f0064f807ac02bf877a6ff31d9b76916"}],"links":[{"sourceIdentifier":"0","receiverIdentifier":"1"}],"diagramNotes":[]} ``` ## Data transformation example - Loop to restructure array ## Overview A **loop** is a powerful tool in Tines that allows you to go through each item in an **array** and apply changes or actions to each one. This is useful when you have a collection of items (like a list of users or events) and you need to process each item in a specific way. The loop helps you to: - Iterate over every item in an array - Restructure the data - Perform a specific task on each item In Tines, a loop action allows you to run through an array of data step by step and apply a transformation to each item. Each iteration of the loop processes a single element of the array at a time. Think of it as a way to break down larger chunks of data into smaller, manageable tasks that Tines processes sequentially. The loop action is particularly useful when the array has multiple objects or entries and you need to apply changes to each one. You can enable the LOOP within an action by going to the action's options at the bottom of the properties panel. From there, you'll need to assign an array to the value pill of the LOOP. Your array will now be available within your action by referencing LOOP.value. ## Tines references Before getting started, we recommend familiarizing yourself with the surrounding functionality this article covers: - [Tines - Event Transform Action - Looping](https://www.tines.com/docs/actions/types/event-transformation/message-only/#looping) ## Make it happen ### Scenario [Watch video](https://www.youtube.com/embed/exbHQEnMoJs?rel=0) Loop through an array of fruits to insert each array value into a message. 1. Copy (`CMD + c`) the JSON block provided below and paste (`CMD + v`) it onto the storyboard (these are action tiles and will auto-populate!). 2. Click the “Fruits” action tile. 3. Review the JSON structure of this action via the **Payload Builder** in the right config panel to familiarize yourself with the data it will pass. 4. Click the “Loop” action tile. Notice how the **Loop** option is enabled and is pointing to the “Fruit” action’s array. `LOOP.value` is the current iteration of the “Fruit” array (iteration one would be “`{“name”: “banana”, “color”: “yellow”}`” and so on). We are asking it to print the “name” and the “color” of each fruit. 5. Click back to the “Fruit” action tile. 6. Click **Run**. 7. Once the flow has finished, compare the **Events** of both actions and see how the upstream data in “Fruit” is being referenced in the “Loop” action. * * * ### Actions ``` {"standardLibVersion":"81","actionRuntimeVersion":"32","agents":[{"disabled":false,"name":"Fruit","description":null,"options":"{\"mode\":\"message_only\",\"loop\":false,\"payload\":[{\"name\":\"banana\",\"color\":\"yellow\"},{\"name\":\"strawberry\",\"color\":\"red\"},{\"name\":\"orange\",\"color\":\"orange\"}]}","position":{"x":1230,"y":420},"type":"eventTransformation","timeSavedUnit":"minutes","timeSavedValue":0,"monitorAllEvents":false,"monitorFailures":false,"monitorNoEventsEmitted":null,"caseConfiguration":{"subStatus":null,"tags":[]},"recordType":null,"recordWriters":[],"form":null,"createdFromTemplateGuid":null,"createdFromTemplateVersion":null,"templateTags":[],"originStoryIdentifier":"cloud:0a13dfc5dbb71212cab0ad314b7fe531:f0064f807ac02bf877a6ff31d9b76916"},{"disabled":false,"name":"Loop","description":null,"options":"{\"mode\":\"message_only\",\"loop\":\"=fruit\",\"payload\":\"The <> is <>.\"}","position":{"x":1230,"y":495},"type":"eventTransformation","timeSavedUnit":"minutes","timeSavedValue":0,"monitorAllEvents":false,"monitorFailures":false,"monitorNoEventsEmitted":null,"caseConfiguration":{"subStatus":null,"tags":[]},"recordType":null,"recordWriters":[],"form":null,"createdFromTemplateGuid":null,"createdFromTemplateVersion":null,"templateTags":[],"originStoryIdentifier":"cloud:0a13dfc5dbb71212cab0ad314b7fe531:f0064f807ac02bf877a6ff31d9b76916"}],"links":[{"sourceIdentifier":"0","receiverIdentifier":"1"}],"diagramNotes":[]} ``` ## Data type conversion ## Converting a string into an integer in Tines? To convert a string into an integer in Tines, you can use the `NUMBER` function. > To learn more about the `NUMBER` function with examples, see [here](https://www.tines.com/docs/formulas/functions/number). ## Ensuring your data maintains its original format When you use a pill within a piece of text, the value is converted to text and joined with any surrounding text. This isn't always what you want, sometimes you will want to add a complex object directly to a payload. To do this you can use a formula field, instead of a text field, inside the builder window. Using a formula field will return the value directly, rather than converting it to text. This is useful for cases where you want to return a dynamic non-text value, like an array or an object. > Read more about using pills and formulas [here](https://explained.tines.com/en/articles/8944051-formulas-and-pills-explained). ## Text mode v Formula mode You can choose the language type in the builder to control the data type of the output: - `text_mode`: If you have a value in text mode, it will treat the output as a text string. - `formula`: If you set the value to formula mode, it will treat the output as an object (array or JSON object, depending on the output of the functions used) You can change the language type in the builder as shown below: ![](https://downloads.intercomcdn.com/i/o/am0g137l/2234031862/36725f5211b74bc45e46d811a1b9/41fca7a5-5e06-45be-a1c0-a1c931c9281f?expires=1781611200&signature=db1bc1e9e91b055174bbe4ffce42aa22e2afccd5eec7018c4bd516422fdc8f67&req=diIkEsl9nIlZW%2FMW3nq%2BgQfpHZWqd%2FAc0mgoWxFnUaPTjt%2FL%2FmeOUD%2BaCioB%0AgTfnKD36%2BzgAwagIvLgqb5rTehA%3D%0A) Sample event output: ![](https://downloads.intercomcdn.com/i/o/am0g137l/2234031863/270f9f6f3c76a4e900ed1297e730/f790502a-a65e-4004-8d33-5284eeec9f28?expires=1781611200&signature=3710d0a529e8134aef36842dbaa35b7b795b161d4d4240c2cd9e6784a6667b32&req=diIkEsl9nIlZWvMW3nq%2BgegMSEafI4oBx0boYHiQs8VGdoo8OTJQo4klBWaV%0AAoHhA0QqTkKr5qESVi8D8Pdgupo%3D%0A) In this example: - `text_mode` treats the output as a text string, - `formula` outputs an array object ## Date and time operations ## What timezone does DATE("now") function return? `DATE("now")` will return a UTC time. > Read about the `DATE` function in our [docs](https://www.tines.com/docs/formulas/functions/date/). > > You can find an example of `DATE` function uses in the [story library](https://www.tines.com/story-library/87675/manage-time-formats-in-tines) ## How can I convert timezones in Tines? There are two examples in the action below, - UTC to PST (28800 seconds difference) - UTC to PDT (25200 seconds difference) ![](https://downloads.intercomcdn.com/i/o/am0g137l/2234212009/09699817c703df70a698d5837da5/85fc127a-8829-4ea1-a574-d6154375c1ec?expires=1781611200&signature=cc10f85f40ec4a345179a7308a8800b33d39420d5af8f70f8a2385f4d38c0a5e&req=diIkEst%2Fn4FfUPMW3nq%2BgYXH%2FBmtE9goZ35TjYl4dr3cKYZLlKyGBqE8LkdL%0AMNt2LGb7d6IzwnSIRRxkS4Zry%2Bs%3D%0A) You can copy/paste the below code into your story board: ``` {"standardLibVersion":"20","actionRuntimeVersion":"4","agents":[{"disabled":false,"name":"Timezone","description":null,"options":"{\"mode\":\"message_only\",\"PST\":\"< MINUS(%, 28800) |> DATE(%, \\\"%Y-%m-%dT%H:%M:%S\\\")>>\",\"PDT\":\"< MINUS(%, 25200) |> DATE(%, \\\"%Y-%m-%dT%H:%M:%S\\\")>>\"}","position":{"x":705,"y":780},"type":"eventTransformation","timeSavedUnit":"minutes","timeSavedValue":0,"monitorAllEvents":false,"monitorFailures":false,"monitorNoEventsEmitted":null,"spotlightTemplate":null,"spotlightWriters":[],"form":null,"cardIconName":null,"cardIconColor":null,"createdFromTemplateGuid":null,"createdFromTemplateVersion":null}],"links":[],"diagramNotes":[]} ``` ## Converting time into UNIX or epoch time To convert time into UNIX time, use the function `DATE("now", "%s")` ## Calculate the difference between two dates ### Option 1: Using formulas You can calculate time differences using the `DATE_TO_UNIX` formula: `=DATE_TO_UNIX("2026-04-15") - DATE_TO_UNIX("2026-01-01")` This gives you the difference in **seconds**. Then divide: ÷ `60` → minutes ÷ `3600` → hours ÷ `86400` → days Example in an event transform (automatic mode): ``` { "diff_in_days": "=DIVIDE(MINUS(DATE_TO_UNIX(date_two), DATE_TO_UNIX(date_one)), 86400)" } ``` ### Option 2: Using a run script action (python) If you need more precision or complex date math, a **python script** is very flexible: ``` from datetime import datetime date1 = datetime.strptime("#{{ date_one }}", "%Y-%m-%d") date2 = datetime.strptime("#{{ date_two }}", "%Y-%m-%d") diff = (date2 - date1).daysprint(diff) ``` > To learn more about the date function, [see here](https://www.tines.com/docs/formulas/functions/date) > > You can find an example of DATE function in the [story library](https://www.tines.com/story-library/87675/manage-time-formats-in-tines) ## Digital Guardian Authentication Guide Digital Guardian is an American data loss prevention software company that offers products to detect and prevent malicious actions by users and malware on endpoints. Its software is designed for both individual users and corporate networks, servers, databases, and the cloud. ## First, get Digital Guardian credentials You will need to have the following (found in your DGMC environment by navigating "System" -> "Configuration" -> "Cloud Services" from the DGMC menu. - Access Gateway Base URL - Authorization Server URL - API Access ID - API Access Secret ## Lastly, create a Digital Guardian resource and credential in Tines You will need to create: - One resource: "Digital Guardian URL" - One HTTP request type credential: "Digital Guardian" ##### Resource 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Resource" 3. Click "+ New Resource" 4. Input the values for the Digital Guardian resource 1. **Name:** Digital Guardian URL 2. **Description:** Optional 3. **Builder:** Your "Access Gateway Base URL" 5. **Optional** 1. **Access:** What other teams can also use the resource 6. Click "Save resource" ##### HTTP request type 1. Navigate to the team that will be using the API and click "Credential" 2. Click "+ New Credential" and select "HTTP Request" 3. Input the values for the Digital Guardian credential 1. **Name:** Digital Guardian 2. **Description:** Optional 3. **URL:** Your "Authorization Server URL, i.e. `https://authsrv.msp.digitalguardian.com/as/token.oauth2`. 4. **Content Type:** Form 5. **Method:** post 6. **Payload:** Replace `<>` with your "API Access ID" ​ ​ ``` { "client_id": "<>," "client_secret": "<>", "grant_type": "client_credentials", "scope": "client" } ``` 7. **Secret:** Your "API Access Secret" 8. Click "Save" 4. Click "Run request" and double-click on the `access_token` key to copy the path. 5. **Location of token from response:** Paste the path to the token in the value pill, `digital_guardian.body.access_token` 6. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains 2. **Access:** What other teams can also use the API 7. Click "Save" Your credential should look like the following: ![](https://downloads.intercomcdn.com/i/o/947482768/a28299cbfb1f69336d0828c7/image.png?expires=1781611200&signature=7e0c45e9715b4fe2c85dc8cb710ac9d99a52536dbb6f553fc3fe0c4ca907d365&req=fSQgEsF8modXFb4V1XW4gYX4fmOfX%2FCXMQSzC1QQzHLG%2FnW%2F4OslzU3S1Oh4%0ARi5iOqXcA1jddSnIKEKoZd7R9Q%3D%3D%0A) ![](https://downloads.intercomcdn.com/i/o/947482901/8def48f0ab65ceb3e0d0de7f/image.png?expires=1781611200&signature=b7fafe42ce35844987c52b6ced2446da73d9ea3323d03cd871a856ac92a485d5&req=fSQgEsF8lIFeFb4V1XW4gUiDxnvFDMZ0FN4emO%2FBEPtENhw8LggSw%2BUdqu4J%0AdmurEGkXSAufP4HaRA8EHRojqw%3D%3D%0A) ![](https://downloads.intercomcdn.com/i/o/947483015/5aaccb2f460d3dd6707f3a5b/image.png?expires=1781611200&signature=f4cbf7cb169da74168b37ae9bf34cdbe62c2a808bff87de8b8ea44ae0e91aa92&req=fSQgEsF9nYBaFb4V1XW4gYlBg5kXH%2Fi5FvW0y7QK6bzR8Ds3m7oTeKyEV694%0A%2FEBxH9h17mk5XWHEWOzR2YpLJQ%3D%3D%0A) > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Digital Guardian stories in the [story library](https://www.tines.com/story-library?s=digital+guardian).** ## Does Tines have a limitation on how often a scheduled action can run? The shortest frequency for [scheduling an action](https://www.tines.com/docs/actions/configuration#common-config) is one minute. The longest frequency (besides setting up a cron schedule) is once a month: ![](https://downloads.intercomcdn.com/i/o/1003457000/e6d36c293d50fb58432eb4fb/image.png?expires=1781611200&signature=cd57aa1edf4a8a6ed3bf92a2a9adf9f50fc4a94e8616c1d8e035a2fbe9ad3683&req=dSAnFc17moFfWfMW3nq%2BgQOx%2Fi11UIfsI8qmty6JQy4ztM0X3ItkUecJGK6N%0AaId9RKx0CsG2PNJ1bTXjv3v7w7Y%3D%0A) > **Note:** Each story run is independent and should not impact other story runs. If you are scheduling your actions on a short frequency, we recommend reducing your story event retention (via **Keep events and logs**) to avoid hitting any potential tenant event limits. ## Drata Authentication Guide **Drata** automates your compliance journey from start to audit-ready and beyond and provides support from the security and compliance experts who built it. ## First, get your Drata API Key 1. Log into the Drata dashboard [https://app.drata.com/dashboard](https://app.drata.com/dashboard) 2. Click on your username on the bottom left, then "Settings" ​ ![](https://downloads.intercomcdn.com/i/o/769833609/bee93a70ef1f8fb41d65da68/image.png?expires=1781611200&signature=e3a392a36359fd29004d8f36a71599d5e952b74174b953f6efc1349b633ada42&req=cyYuHsp9m4FWFb4V1XW4gb%2BFGO1ey17slMMxvonDw3Aw6bOcA3RpBIUP8k13%0AGaUbEJQiOWLpyffK5UMuaWmyGg%3D%3D%0A) 3. Click "API Keys" ​ ![](https://downloads.intercomcdn.com/i/o/769833831/991f78f6b32fdab0dbb53d7c/image.png?expires=1781611200&signature=927b6950060c924ced6df134a448863530632acd22ac342bd94101d0ef82862b&req=cyYuHsp9lYJeFb4V1XW4ga45RR9OKbmuejzVo9YPZk4XbfkJ1WfYsQVmYOQD%0AYAtjmS1MT%2F7UMqMo2Gvz09Seew%3D%3D%0A) 4. In the top right, click on "Create API Key" ​ ![](https://downloads.intercomcdn.com/i/o/769834121/c128ce3f794ed49ee8734d75/image.png?expires=1781611200&signature=16a390fc2f60f1231d993c9eb48695e60af837bca241ec5630956c64fe6d2cbf&req=cyYuHsp6nINeFb4V1XW4gR2e6GkrXTyLDzZSIy5g3%2BgLJn%2Fv%2BwYWMRDsDG9e%0Ai3dH982FZzVRgR4oFB8LF%2Fh1Cw%3D%3D%0A) 5. Name the key and choose the appropriate scopes for the key, and then click "Save" ​ ![](https://downloads.intercomcdn.com/i/o/769834658/30690aa38aa9667ea37ea89a/image.png?expires=1781611200&signature=123332fedf73672128accb797186186bfb2e9377703d19b481f8a0c1d082e389&req=cyYuHsp6m4RXFb4V1XW4gU0SmYRXz6DCi7jP4Ie5wVovr16R1FMaPZJ7ohSH%0AgOTjZnzncGuTEDShaQaDbO15WA%3D%3D%0A) 6. Copy the API Key, check the box and click "Done" ![](https://downloads.intercomcdn.com/i/o/769835030/46e93ca26e0bdedb78dfa956/image.png?expires=1781611200&signature=aab7990a1c5513c992f1bbfe0880bb81d21a5bc43e522386d6dcb9c6b54d5191&req=cyYuHsp7nYJfFb4V1XW4ge%2FrFh9SrOhBcqppO%2F4n1%2BmndOoO7J%2FwfU4ImJ2j%0Act27SqS64x8QCE9j8CuQtcAFnQ%3D%3D%0A) ## Then, Create a Drata credential in Tines **Drata connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Drata" and follow the prompts to connect. **Manual credential creation** This method is not recommended as the Drata connect flow creates this credential with much less complexity. However, if you need to create this credential set manually, see the following steps below: 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credential" 3. Click "+ New Credential" and select "Text" 4. Input the values for the Drata credential 1. **Name:** Required 2. **Description:** Optional 3. **Value:** API Key 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains 2. **Access:** What other teams can also use the API > **Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/drata).** > > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Drata stories in the [story library](https://www.tines.com/story-library?s=drata)** ## Elastic Security Authentication Guide Elastic Security **equips analysts to prevent, detect, and respond to threats**. The free and open solution delivers SIEM, endpoint security, threat hunting, cloud monitoring, and more. ## Create an Elastic Security resource and credential in Tines **Elastic connect flow:** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Elastic" and follow the prompts to connect. > **Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/elastic).** > > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Elastic Security** **stories in the [story library](https://www.tines.com/library?s=elastic%20security&view=all)** ## EmailRep Authentication Guide **EmailRep** uses hundreds of factors like domain age, traffic rankings, presence on social media sites, professional networking sites, personal connections, public records, deliverability, data breaches, dark web credential leaks, phishing emails, threat actor emails, and more to answer these types of questions. ## First, get your EmailRep API Key 1. Navigate to [https://emailrep.io/](https://emailrep.io/) and click "API Key" ​ ![](https://downloads.intercomcdn.com/i/o/769864132/f9d5ec69eb1081d670661574/image.png?expires=1781611200&signature=1e796268699891b2cfbfc0f2f967c47b69e7ba4a19b3982d49c7773313e9529b&req=cyYuHs96nIJdFb4V1XW4gXAy4Ly7aXuu31OQeQWvhrqTUp6abXAt%2BYhNIOAC%0AEtN3eNjkIK4bBUBNpOR4sdeiRw%3D%3D%0A) 2. Select the plan that fits your needs. 3. Enter the required details to receive your API key ​ ![](https://downloads.intercomcdn.com/i/o/769864507/251aadf495d772674acf5953/image.png?expires=1781611200&signature=f93137184a505f3464513697290e0d579b3bf239a344bcadb11a6b22c9ceb75e&req=cyYuHs96mIFYFb4V1XW4gdTd%2F4mIJDbUuBvVIpsp6bOBqjXWIq1N%2BzQC3tC4%0AKnlch8MVXMPVcbyy7w%2FMj%2FAWgg%3D%3D%0A) ## Then, create an EmailRep credential in Tines **EmailRep connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "EmailRep" and follow the prompts to connect. **Manual credential creation** This method is not recommended as the EmailRep connect flow creates this credential with much less complexity. However, if you need to create this credential set manually, see the following steps below: 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credential" 3. Click "+ New Credential" and select "Text" 4. Input the values for the EmailRep credential 1. **Name:** Required 2. **Description:** Optional 3. **Value:** API Key 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains 2. **Access:** What other teams can also use the API > **Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/emailrep).** > > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of EmailRep stories in the [story library](https://www.tines.com/story-library?s=emailrep)** ## Encoding UTF8 on action run Some users get this error message: > Could not create event – PG::CharacterNotInRepertoire: ERROR: invalid byte sequence for encoding "UTF8" error This can happen if we use non-UTF8 characters in an event. All events emitted are UTF8 JSON. When you BASE64 Decode the string it generates data that cannot be placed into the event due to it not being UTF8 friendly resulting in the error. The reason you can see an output on the test and pill builder preview is because these does not attempt to write the data to an event yet. The error only occurs when trying to place the data into an event to be emitted. ## Ermetic Authentication Guide Ermetic is an identity-first cloud-native application protection (CNAPP) and infrastructure security platform that automates asset discovery, risk analysis, runtime threat detection, compliance and least privilege remediation. ## First, get an Ermetic API token 1. Login to your Ermetic account 2. Click on the "Settings" cog and then click the "API" tab ​ ![](https://downloads.intercomcdn.com/i/o/889080231/514efa64cc625916074ba600/image.png?expires=1781611200&signature=1f51122182b6b59d4524f0ce32e45a3819a592c001bba94a8cab864913c975b9&req=fCguFsF%2Bn4JeFb4V1XW4gWPbppb%2FR7FtrD%2FWZNZsU7OdjjVyLXVBcD6CNd%2F0%0A7Yd81HQQaW1zOrhCMGGIP96Z3Q%3D%3D%0A) ​ 3. Click "+ Create token" 4. Name the token. choose the appropriate role, and click "Create Token" ​ ![](https://downloads.intercomcdn.com/i/o/889080834/2ed16284c34fda9c2392515e/image.png?expires=1781611200&signature=a7f85c14178694f39d086d90430f1d1c035b302900b2e92ce03938c8b38b1035&req=fCguFsF%2BlYJbFb4V1XW4gaJDefqVimGqoZjQNynBg8VgzqfIfA0txzcU58F1%0ALMxy9L42YCH%2BL3NVSS%2F6rkX3XQ%3D%3D%0A) ​ 5. Copy your token and click "Close" ​ ![](https://downloads.intercomcdn.com/i/o/889081593/14d2f8b5924135b239af1f62/image.png?expires=1781611200&signature=f8abff30f0fdd917e538558ff428ae2ff0d20c4b3b77bb89310debf8c1b611a9&req=fCguFsF%2FmIhcFb4V1XW4gQffbJn69j9o9bGTEqPbM8BIED4kpyOFssfit0td%0AYzRIX1D4W8aIx3Q1Ke0MfNMifA%3D%3D%0A) ## Lastly, create an Ermetic credential in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Text" 4. Input the values for the Ermetic credential 1. **Name:** Ermetic 2. **Description:** Optional 3. **Value:** Your token 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API 6. Click "Save" > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Ermetic** **stories in the [story library](https://www.tines.com/library?s=ermetic&view=all)** ## "Error evaluating formula: To use this credential with Run Script Actions, add the special "run-script" keyword..." Error ## Overview While working with credentials in Tines, you may run into the following error: ``` Error evaluating formula: To use this credential with Run Script Actions, add the special "run-script" keyword to the credential's list of supported domains and URLs. ``` This article covers the cause and solution to this behavior. ## Cause and solution This error occurs when a user attempts to use a credential in a Run Python Script action that doesn't have the `run-script` keyword added in its configuration and domain restriction is enabled. > 🟢 **Solution:** Add the `run-script` keyword into the credential's **URLs and Domains** setting. Make sure it is space limited. For example: > ​ > > ![](https://downloads.intercomcdn.com/i/o/1171543760/2991c011cd1e83d04bde56e4/image.png?expires=1781611200&signature=55e3d71e59830f4c7275c64955d61af3c0c3bb947ed0f7893614be593d908582&req=dSEgF8x6noZZWfMW3nq%2BgY48LsmYOE9sM4wdcFMqEWCzSFQVsu%2BmSS7ymxkB%0AtyO9r7Y1CrFJY%2B10VT6V%2BQUtHIk%3D%0A) ## Need further assistance? Here are resources to help better understand the infrastructure surrounding the behavior: - Tines: [Credentials](https://www.tines.com/docs/credentials/) - Tines: [Domain restriction](https://www.tines.com/docs/credentials/credential-configuration/domain-restriction/) - Tines: [Run Python script](https://www.tines.com/docs/actions/templates/templates/frequently-used-templates/run-python-script/) ## Error handling: Best practice guide Effective error handling is crucial for building reliable and resilient stories. This guide outlines the key methods for configuring retries, advanced error logging, and comprehensive monitoring to ensure you are immediately aware of, and can recover from, potential issues in your story. ## Useful resources - [This story](https://www.tines.com/library/stories/1244430/?name=using-records-to-improve-story-performance-in-tines) from our Library that utilizes Tines Records to improve story performance. - [This story](https://www.tines.com/library/stories/1257767/?name=how-to-optimize-tines-stories) in our Library has general best practices around story building (it goes hand-in-hand with the blog below). - [This blog](https://www.tines.com/blog/optimizing-tines-building-efficiently/) on Optimizing Tines Stories - Tips and Tricks for Building Efficiently - Tines [University](https://www.tines.com/university/). ## Configuring retries and error statuses for HTTP requests To manage temporary service interruptions, you can configure your HTTP request actions to automatically retry upon failure. ### Set retry on status > Note: This setting must be enabled for the "Retries" setting (section below) to work. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2218433004/7caa67cc4a73ab3e237ae2ebeb23/retry+on+status.gif?expires=1781611200&signature=f2e7ef9bead68610da59f83db95789f4e52c1dc6cea15d72f97e900dde5b73d9&req=diImHs19noFfXfMW3nq%2BgdTjCkhXrZ4Y7c74HdiNZK3hZ58FSenkeNArK2ez%0AsO9vnS87%2BBLxQRZCulYNxLHF0ao%3D%0A) Useful examples include: - **Status code 0 (Timeout):** This is useful when a service is completely unreachable and does not send a response. - **400–499 status codes (Client errors):** These typically indicate user-side issues, such as a 401/403 credential problem or a 404 not-found error. - **500-599 status codes (Server errors):** These error codes indicate that something is wrong on the server side, such as the service being unavailable. ### Set retries You can set the number of times that Tines will retry your action, up to a maximum of 25. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2218433941/2e210959d34f404196472e2cd9f0/retries.gif?expires=1781611200&signature=e7ad2fea72cf2b12c8bf66c284976d6c3edf3e2ce9cfbac654820b3599652604&req=diImHs19nohbWPMW3nq%2BgfZ4ec6ZVBvjOk3Gp9GwK3oUvsOC7jmo8hPQBWnE%0AtWXex7JbrUZ3bUhwQrgOdR%2Fw9Kk%3D%0A) These retries can be configured to execute on specific status codes with retry on status, such as 500 errors, which often indicate temporary service unavailability. Note: The precise calculation for the time between retries is available in the [product documentation](https://www.tines.com/docs/actions/types/http-request/). ### Log error on status Use the "log error on status" feature to handle specific error types. Similar to retry on status, examples include: - Status code 0 (Timeout). - 400–499 status codes (Client errors). - 500-599 status codes (Server errors). ### Retries in templates Even when using templates with a friendly graphical user interface, you can still configure retries by selecting the action, choosing the "look inside" option, and configuring the HTTP parameters to set "retry on status". ![](https://downloads.intercomcdn.com/i/o/am0g137l/2218438273/bf476a280dbaddfdd212d40f0a0e/retry+on+template.gif?expires=1781611200&signature=04448fff91e9476bca6bf563249eeb8a600aa56ee0fe757d59f64a3b3f851082&req=diImHs19lYNYWvMW3nq%2BgcDdp5wK0Vke4q1FQ2n3myHkAg6B%2BUFd2atfD2hg%0AA6k7Ks00Z798nkq7Ntd6YPOK%2BMc%3D%0A) ## Advanced error logging techniques Beyond standard status codes, you can implement methods to detect errors that are hidden within a successful response. ### Handling errors in a 200 success body Some APIs, like Slack, may return a 200 status code even when the request wasn't actually successful. In the example below, omitting the channel ID for a Slack message still results in a 200 status code, but the response body contains an error. To catch these, use the **log error if** feature. First, you must inspect the event data's body structure to locate the error object. > Note: The `OUTPUT` variable: The `log error if` function examines the action's `output` before the event is sent. This variable is distinct and cannot look at upstream event actions. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2218441246/c82e2c9b805a25e88cd177d337fc/slack+error+with+200+status.gif?expires=1781611200&signature=eb73685cc0de67c20a439774c538de00dfee62841823f7f36ecbdac60da03481&req=diImHs16nINbX%2FMW3nq%2BgVoMir4r7t%2B04gSiurtsIeWYUjFwiXlXnU%2FSCzs9%0AlfKEes8WEqT%2FIQhRyxJlXnb%2Fa1U%3D%0A) Configure `log error if` to check the `OUTPUT` variable for the presence of this error object path: `IS_PRESENT(OUTPUT.body.error)`. This is the system default when you add this option. ## Monitoring and notification best practices There are two primary ways to receive alerts about action failures: - By setting a failure path on a specific action. - By setting up story-level monitoring. - By setting up action-level monitoring. ### Action-specific failure path Configure a separate flow to run after an HTTP request action fails using the "emit failure path" feature. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2218447094/eeeca0ac947f2b7f293588db9447/emit+failure+path.gif?expires=1781611200&signature=c9a39e49170df13b09b158852ca4f41e496b40f4093ce7b5dd018924ab2636ac&req=diImHs16moFWXfMW3nq%2BgSRDp1ILyLgjQTG53s3u5Yimomr0%2BPd%2FubzrS4be%0AI1CpRew2LzvnrTuwgodKgyGEysM%3D%0A) This creates a dedicated path for sending failure notifications, whether by email, Slack message, or another channel. You can also configure it to an HTTP request action that automatically opens a ticket in an external system like Jira. ### Story-level monitoring Monitoring can be set up in the story settings to send notifications when an action fails. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2218444534/9a7860e3b6b5e089d9dbc57e8481/story+level+monitoring.gif?expires=1781611200&signature=5cde450a2094e7299290ccfb8fcb4d9adebf615c4e71bb91ab25487e518585ea&req=diImHs16mYRcXfMW3nq%2Bge16YdGJsVjXrCS7WxqMPRUHgxo1hMGY4MxnDFag%0AGLspBhn3crksFGE4V0uZDB1jLDo%3D%0A) ### Entire story failure Configure the story settings to notify you when any action fails within the story. ### Action-specific monitoring For finer control, you can set up monitoring for a specific action by going to the action's Status tab and selecting monitoring. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2218445933/832fb9ef060b00434415c37d5f23/action+level+monitoring.gif?expires=1781611200&signature=7ea525d0eb2efabc055aa4e6444826673504fe8a53df0c5f1c7e6c4c5dce8311&req=diImHs16mIhcWvMW3nq%2BgTliO64jmLWhRuQeroarzrOMvgXurcpQKJuhsEq6%0Ahv9t8enArFBSLG0BI0ivL1oUH6s%3D%0A) ### Notification methods Notifications can be sent to: - An email address. - A webhook URL: This allows you to trigger a separate story for customized error handling. > Note: These must be set at the story-level, including for action specific monitoring. ### Tenant health page You can get a high-level view of story activity in the Tenant health page. The "Live activity" section there provides a count of errors for each story listed. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2218449963/1c6ea53de367fbc1c60c30b761c1/live+activity+erros.gif?expires=1781611200&signature=8b238ec6870f74e7cf5aac1a9a0d2d64cbc0d33247569b3fc8c80c9927b41b2f&req=diImHs16lIhZWvMW3nq%2BgUfy7ykXJ3jSXK%2BXQd4taH8IOHAsxyrtRTEm4ahJ%0Aved64RHvl4MHScDWf62yuZkW3Hk%3D%0A) ### Best practices for failure notification content When configuring failure notifications, include crucial troubleshooting data to quickly diagnose the issue. Essential data can include: - The date of the failure. > Tip: Utilize the [`DATE`](https://www.tines.com/docs/formulas/functions/date/) + [`NOW`](https://www.tines.com/docs/formulas/functions/now/) functions to dynamically set the date value. - The story ID and story name. - The story URL (to redirect you to the exact story). - The ID of the story run. > Tip: These 3 can be pulled using the [META variable](https://www.tines.com/docs/formulas/referencing-data/#metadata). - The error message. - The status code. > Tip: These can be pulled via upstream reference paths to the action that returned the error. > Note on built-in vs. custom notifications. Using the built-in story monitoring for email results in a pre-configured, linked email. Using a webhook, however, allows for greater customization and integration with platforms like Slack. ## Event FAQs ## **What access does a user with a view role have to events?** A user with a viewer role cannot run or re-emit events. You can look at an event, but hovering over re-emit gives the 🚫 icon. > **👉 For more details on teams and roles [see here](https://www.tines.com/docs/admin/teams)** ## Is there a way to get the event ID as it is emitted? ### List event You can run the `list-event` API endpoint immediately after the action as shown [here](https://www.tines.com/api/stories/actions/list-events/). The last event ID would relate to the one running. ### Metadata The META key exposes a useful set of information about the current environment. View the full data structure it generates [here](https://www.tines.com/docs/formulas/referencing-data/#metadata). To get the event ID, you can use: `META.event.id` > To learn more about the structure of Tines events, click [here](https://www.tines.com/docs/events) ## How do I update the results of an event payload for a previous action in a story? In general, we do not edit or modify events once they have been emitted. However, an action with the same name can overwrite an event. In the example below, - An alert is given a severity. - A set of conditions are checked. - The event is updated with a new severity. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2303259798/07d435e4599d2899b501ef4f42c3/d5a5521e-146f-4c36-aeed-36c43b487dbb?expires=1781611200&signature=82f0f4d102bdf8be769b05c4e077d24f0eaca8e1b9825b5c7477e4240c12131c&req=diMnFct7lIZWUfMW3nq%2BgZ%2BdicXeEBkdNR%2Bqf5tqdCPzvJbRZyWItjCrU%2F%2F9%0ASnZkJJN7l%2FaojgV8VqBE1dBLSec%3D%0A) ## Does remitting an event count towards your event limit? Remitting an event in Tines will count towards your permitted monthly event limits. > - To learn more about Tines features and pricing, click [here](https://explained.tines.com/en/articles/7007597-understanding-tines-pricing-plans). > > - Read about event limits in this [article](https://explained.tines.com/en/articles/12688669-what-s-an-event-in-tines). ## Event transform action FAQs ## Is there a way to emit more than sixty events per minute using throttle? Sixty events per minute is the maximum that a throttle can emit. > Learn more about throttle [here](https://www.tines.com/docs/actions/types/event-transformation/throttle). ## How can I reset an event transform action in deduplicate mode? You can reset the event transform action in [deduplicate mode](https://www.tines.com/docs/actions/types/event-transformation/deduplicate) and clear the look back cache by clicking on the "status" tab and clicking on the red button as shown below. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2253001122/54094519074d0acccd19dc322ab3/CleanShot%2B2023-04-24%2Bat%2B15_29_54-402x.png?expires=1781611200&signature=2e7c81adaaccfca2a95de65a9760c7984114b0964d4ec883c5cee4b968bd5c93&req=diIiFcl%2BnIBdW%2FMW3nq%2BgW4wtbpQRp%2FbgWXGxjDUbfZ5Rde5LBCxMImd3Hs%2B%0AkHoEKxFiEr9aMIFaeuO5e285paI%3D%0A) ## Is there a maximum value for the delay mode of event transform? There is no maximum value for the event transformation delay mode. If the previous event has expired and been deleted, delays will not work. > For more details on delay mode see [here](https://www.tines.com/docs/actions/types/event-transformation/delay). ## Exabeam Authentication Guide **Exabeam** is a global cybersecurity leader and creator of New-Scale SIEM™️ that helps organizations detect threats, defend against cyberattacks, and defeat adversaries, offering a new way for security teams to approach threat detection, investigation, and response (TDIR). ## First, get your Exabeam API Key 1. Navigate to "Settings > Core > Admin Operations > Cluster Authentication Token" 2. Click on the "+" icon ​ ![](https://tines-f60bb36f92a5.intercom-attachments-7.com/i/o/771361626/9179719e34effe6375f30ac8/RSb-TGIvL_wDClCwXF0RoUuZvVfbIMzcsOnf1cdUl1YcSQ0MYgFv0aUrTjaY9AI4l6q52WVbNLmSgtW4iwYOfDrkkJ1UBKSxMR2YiSGirYJR2OgrqrXP8xys_zpJ7qWzyngD5NZnDeGbnl2gP-vtahg?expires=1781611200&signature=8d2826e713e17e57801e87f944fc8acc7682f33c5018d85b444906e5ae78c6a4&req=cycmFc9%2Fm4NZFb4V1XW4gf%2FlrmjPbzdrArdPt5JL36bbSv9Ng3IcYe2H2R4M%0AL6AyZreK6mCpYCBMTTxqX9%2F5ag%3D%3D%0A) 3. Fill out the "Token Name" an "Expiry Date", select the "Default Roles" and then click "Add token" ​ ![](https://tines-f60bb36f92a5.intercom-attachments-7.com/i/o/771361632/e96bbf7d086a5bfdbd33026c/dOakp84u1rqKbO9XnB68Xr55kM3D8i6Mr8NnRLOuGVNY-opqjZeFXrMI6LsUezVX0Vyuat1ZCM-NjGHgCu-G7aeBYMGfj7VHPHin_2cnsvstPlHxLtptyn-w0vevLXUJXBZvF2JvaNWx8ERzdBwgvS4?expires=1781611200&signature=972a4a86638d3a59f544d0c5dbc6dc3a2a9353114aafb3eb35ddb52cb1e23d79&req=cycmFc9%2Fm4JdFb4V1XW4ge0Gd2QOOEBRtLe7zUKwFbw2oRGyQia5JCFaHxU0%0AefYX6JiGyXJ42TGttQcDBGdqbw%3D%3D%0A) 4. Select "Add New API Client" 5. Enter details about the API Client, select the relevant scopes, then click "Add" 6. Copy the "API Client ID" and "Secret" ## Lastly, Create an Exabeam credential in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credential" 3. Click "+ New Credential" and select "HTTP Request" 4. Input the values for the Exabeam credential 1. **Name:** Required 2. **Description:** Optional 3. **URL:** `https://api.us-west.exabeam.cloud/auth/v1/token/` 1. The Base URL may be different depending on where you account is based. 1. **Content Type:** JSON 2. **Method:** post 3. **Payload:** `{"client_id": "API Key","client_secret": "API Key Secret","grant_type": "client_credentials"}` 4. **Headers:** `{"accept": "application/json"}` 5. Click "Run options" and double-click on the key named `access_token` in the response. 6. **Location of token from response:** Paste the value copied in the previous step. 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains 2. **Access:** What other teams can also use the API > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** ## Using the credential in an action When you make an API request, include the HTTP request type credential in the `Authorization` header after "Bearer" like: ​ ``` Bearer <>​ ``` ## Example approach: API pagination ## Overview When communicating with APIs, you may receive a response that doesn't include all the results you expected. API pagination is a way to break large amounts of retrieved data into smaller, more manageable chunks. Compare this to online shopping, where you click "next" each time you want to view more items. This article explains how to dynamically manage API pagination in Tines, ensuring you retrieve all the data you need. ## Tines references Before getting started, we recommend familiarizing yourself with the functionality this article covers: - [Tines - HTTP Request action](https://www.tines.com/docs/actions/types/http-request/) - [Tines - Condition action](https://www.tines.com/docs/actions/types/condition/) > **Tines tip:** Import our [Implement pagination with these techniques](https://www.tines.com/library/stories/91375) story into your tenant to help visualize how pagination can work in your story flow. ## Make it happen ### Identify pagination data API pagination often involves looping through multiple pages of data. So first, we need to determine if the API endpoint we're accessing has additional pages. In this video, we reach out to the Pokémon API endpoint and verify if it has more results than what's provided in the first page (i.e., the first response). [Watch video](https://www.youtube.com/embed/K2gNymbN1io?rel=0) In the API response (via the HTTP Request action's events), we can see that there is a `next` value with a URL. This URL indicates there are more pages of data: ![An event data payload from the Pokémon API showing the first page of results. The response shows count: 1302, with the next value highlighted in a red border containing a URL to the second page (offset=20&limit=20) and previous set to null, indicating this is the first page of results.](https://downloads.intercomcdn.com/i/o/am0g137l/1256643618/80d5b8e4656501c7d78eea016a80/image.png?expires=1781611200&signature=7ca3eeeb719e992b559f862871235f5b2f0c4c5ea3a9cc1739197dcc7e5a5dec&req=dSIiEM96nodeUfMW3nq%2BgbTRMbwXnlTIX2yZxaxCuwU%2BS02heuEiAdbY3IT8%0AD8yWYHRMlJTXQ8XkZCeQCi9cNUE%3D%0A) ### Dynamically call an API endpoint While looping, we need our pagination HTTP Requests to be dynamic. This means adjusting them based on the current state of the loop, so that we're always pulling the correct data from the correct page. In this video, we look at how referencing the `next` value of the upstream Get data action works to dynamically pull the next page of the API endpoint. [Watch video](https://www.youtube.com/embed/IuHrgnD2eSk?rel=0) > **Note:** > > - When creating a pagination loop in Tines, we retain the same name for the actions that run the HTTP Requests. When we build our loop later on, we want to have our Condition action dynamically use whatever value is at the `get_data.body.next` path. > > - Other platforms may provide pagination values in their API responses differently than the example in this article. We always recommend checking your endpoint's documentation for more information. In the output of the second HTTP Request action (the "pagination" action), we can see in its events a `next` value (showing there's more data to pull) and a `previous` value (showing that there were results pulled before this request). ![A Tines storyboard showing two HTTP Request actions both named ](https://downloads.intercomcdn.com/i/o/am0g137l/1256660178/83937e4efc87c84f9a47858ad08d/image.png?expires=1781611200&signature=29aebc8a26c99f562651f0f9a4be21fb1e6a3279bfdb446c58758cbcafbbaffb&req=dSIiEM94nYBYUfMW3nq%2BgQpkq1uz5lZvzyRtH8KjFrdgkoHPOKTYBM4L0VSS%0AtPBnJRLRP95OVMD9TiUGpozlWFI%3D%0A) ### Validate a pagination loop To ensure our pagination loop is functioning correctly, we add a Condition action that validates the loop's progression, acting as a checkpoint to confirm that the loop is moving forward and pulling in the correct data. In this video, we set up a Condition action to check if the `next` object of the Pokémon API endpoint returns a non-null value. *Note: In this video, you'll see the action referred to as a "Trigger." This action has since been renamed to "Condition action." The functionality is the same.* [Watch video](https://www.youtube.com/embed/IptVk_0t34k?rel=0) With the Condition action in place, we can now loop the data, having the flow iterate to the next page. ![A Tines storyboard showing the Condition action ](https://downloads.intercomcdn.com/i/o/am0g137l/2179707469/a4d1c7997de1c0619803ead7684d/CleanShot+2026-03-19+at+15_01_58%402x.png?expires=1781611200&signature=a9bb9059a3d3b77561ab6666c73cd57bb18d458b3d920f85f692ffd1bb6adc01&req=diEgH85%2BmoVZUPMW3nq%2BgckNw9St6bd2gBQO7iiey%2Bo4oMXYpdooxo7ReM4o%0AAGk4UKEOxh0AW3wuCTyxPUs%2B3gg%3D%0A) ### End a pagination loop All loops must come to an end. We can use the Condition action's "no match" flow to handle this, essentially defining what the story should do when `next` returns a null value. In this video, we connect an Event Transform action to act as the end of the loop when the Condition doesn't match. [Watch video](https://www.youtube.com/embed/UJUgO7d9Q7Q?rel=0) Once `next` returns a null value, the story flow will go to the "Loop done" action, closing out the pagination loop. ![A Tines storyboard showing a pagination loop pattern. An HTTP Request action named ](https://downloads.intercomcdn.com/i/o/am0g137l/2179712300/e2c6178c7c6aeba932ef68e3c958/CleanShot+2026-03-19+at+15_03_11%402x.png?expires=1781611200&signature=52022cd40c72a58347ec15260714dfa4deb21b1dcf6d1b1fc109bf9d1611bc82&req=diEgH85%2Fn4JfWfMW3nq%2BgXtjcHuKrmjvoZV43VNQJOp7drRMPLlOTndQbrKJ%0Af%2F61ebWBPyYN%2Fo0x7Tmw62XEZkw%3D%0A) ## Example approach: API rate limiting ## Overview Imagine you're in a busy coffee shop, and the barista can only take a certain number of orders at a time to keep things running smoothly. If too many people place orders at once, the shop slows down or might even stop serving for a bit to catch up. This is similar to how **API rate limiting** works. Rate limiting is the set of rules that control how many requests a user or system can make to an API within a specific time frame. By enforcing these limits, APIs prevent overloads, ensure fair usage, and keep the system working efficiently for everyone. In this article, we'll go over how to handle API rate limiting within your Tines stories. ## Tines references Before getting started, we recommend familiarizing yourself with the functionality this article covers: - [Tines - HTTP Request action](https://www.tines.com/docs/actions/types/http-request/) - [Tines - Event Transform action - Explode mode](https://www.tines.com/docs/actions/types/event-transformation/explode/) - [Tines - Event Transform action - Delay mode](https://www.tines.com/docs/actions/types/event-transformation/delay/) - [Tines - Event Transform action - Throttle mode](https://www.tines.com/docs/actions/types/event-transformation/throttle/) > **Note:** We always recommend reading your API platform's documentation for specifics on their rate limiting boundaries. ## Make it happen ### Leverage HTTP Request action options By leveraging [HTTP Request action options](https://www.tines.com/docs/actions/types/http-request/#configuration-options) like `retry_on_status` and `retries`, you can handle rate limits gracefully. The `retry_on_status` option tells the action which HTTP status codes should trigger a retry. The `retries` option lets you customize the maximum number of retry attempts. Both are available by clicking **\+ Option** at the bottom of the action's config panel. For example, if an API returns a `429` ("Too Many Requests") response, you can configure the HTTP Request action to automatically retry with exponential backoff by adding `429` to the `retry_on_status` array. In this video, we show how to apply these two options for an HTTP Request action that returned a `429` response code. [Watch video](https://www.youtube.com/embed/n-QeEjNjHXc?rel=0) ### Create dynamic delays Sometimes it's necessary to [explode](https://www.tines.com/docs/actions/types/event-transformation/explode/) an array to feed individual values into an HTTP Request action, one at a time. When you do this, all the exploded events will try to process at once, which can trigger rate limits. By adding a [delay](https://www.tines.com/docs/actions/types/event-transformation/delay/) after the explode, you can control the pace. The Event Transform action's delay mode accepts a `seconds` option that supports formulas, so you can create dynamic delays. For example, you can reference the Explode action's `index` value and use basic math to space out your requests (e.g., adding five seconds per index so that each event is delayed slightly longer than the one before it). In this video, we look at an example of building a dynamic delay in a story. [Watch video](https://www.youtube.com/embed/4N7W26reVQM?rel=0) ### Apply throttling via throttle mode [Throttle mode](https://www.tines.com/docs/actions/types/event-transformation/throttle/) lets you control the rate at which events are emitted, regardless of how many events are queued up. For API rate limiting, this is useful when you want to set a fixed pace, for example, allowing only a certain number of events per minute to pass through to a downstream HTTP Request action. You configure throttle mode by setting `runs_per_minute` and `events_per_run`. The throttle applies across all story runs, so even if multiple runs are queued, the rate stays consistent. In this video, we look at an example of applying a throttle in a story. [Watch video](https://www.youtube.com/embed/K5jPjo7JFfw?rel=0) ## Review the results Tines gives you multiple options for managing API rate limiting. You can handle it reactively using `retry_on_status` to recover from rate limit errors, or proactively by using delays and throttles to control request pacing before hitting the limit. As you continue building, choosing the right approach (or combining them) will depend on the API you're working with and its specific rate limiting rules. ## Example approach: Data in, data out ## Overview Whether you're just starting out or are an advanced builder in Tines, transforming your data throughout a story is vital to success. In this article, we cover some common methods using simple scenarios for restructuring event data within your stories to fit your needs. ## Tines references Before getting started, we recommend familiarizing yourself with the functionality this article covers: - [Tines - Event Transform action](https://www.tines.com/docs/actions/types/event-transformation/) - [Tines - Webhook action](https://www.tines.com/docs/actions/types/webhook/) - [Tines - Loops](https://www.tines.com/docs/actions/types/event-transformation/message-only/#looping) - [Tines - Tags](https://www.tines.com/docs/formulas/language/#tags) - [Tines - CAPITALIZE function](https://www.tines.com/docs/formulas/functions/capitalize/) - [Tines - INCLUDES function](https://www.tines.com/docs/formulas/functions/includes/) - [Tines - MAP function](https://www.tines.com/docs/formulas/functions/map/) - [Tines - UNIQ function](https://www.tines.com/docs/formulas/functions/uniq/) - [Tines - WHERE function](https://www.tines.com/docs/formulas/functions/where/) ## Make it happen Both sections below use the following array: ``` { "items": [ { "name": "Gala Apple", "type": "apple" }, { "name": "Honeycrisp Apple", "type": "apple" }, { "name": "Macintosh Apple", "type": "apple" }, { "name": "Blueberry pie", "type": "pie" }, { "name": "Raspberry pie", "type": "pie" }, { "name": "Strawberry pie", "type": "pie" } ] } ``` ### Loops and tags In this video, we look at how to handle an incoming array and modify it to meet specific criteria. The criteria in this scenario is to: - Add "is delicious" after every `name` key value where "pie" is mentioned (i.e., "Blueberry pie is delicious") - Capitalize the `type` key value [Watch video](https://www.youtube.com/embed/BOyy7Bnpc6g?rel=0) We enable a loop in our Event Transform action to cycle through each object within the `items` array. We then use an `if` tag and the `INCLUDES` function to iterate through each looped `name` key value to check if "pie" exists. If it does, we add the "is delicious" string to it. If it doesn't, we leave the `name` key value as is. We also use the `CAPITALIZE` function to capitalize the `type` key value. ![An Event Transform action named ](https://downloads.intercomcdn.com/i/o/am0g137l/1224121365/a8e78e02e404378e4aead200d390/image.png?expires=1781611200&signature=7f181037d872e997b273c0826162633fac4d4e18f74d772f386e4dbf8ce5d1fe&req=dSIlEsh8nIJZXPMW3nq%2BgVT2v8UDRkIy3Da%2BdqeXk2EekesCPm7tq3L2kAVi%0AOFcH%2Fl55GHddb6J8FjZIb%2BntiG4%3D%0A) We **re-emit last event** from the "Catch Results" action and see the results of our pie formatting in the events of the "Format array" action. ![An Event Transform action named ](https://downloads.intercomcdn.com/i/o/am0g137l/1224123571/c985f0f090312cdbd2a826737702/image.png?expires=1781611200&signature=3479a054bbbf726cbe670136a7a1716cfb96daed922886f8fc2de8723a0bd0f0&req=dSIlEsh8noRYWPMW3nq%2BgT0sGcIzbbC%2FUb7qEtl9hJumsKnz0qJskYL8yFRe%0AB67z8CUI9beD1ptbpbDqqbScC%2Bw%3D%0A) ### Organize event data In this video, we look at how to take an incoming array and break it up based on a key identifier. In this example, we leverage the `type` key value of "apple" or "pie." [Watch video](https://www.youtube.com/embed/Y42fM-a9qag?rel=0) To create our categories (apple and pie), we use the explode mode of the Event Transform action. Since we only want to grab these specific values, we use the `MAP` and `UNIQ` functions to create a list array that includes one instance of each as the Explode **Path**. ![An Event Transform action named ](https://downloads.intercomcdn.com/i/o/am0g137l/1224109237/fb7bc536ff943ab8f89a813d7d1e/image.png?expires=1781611200&signature=c1cae4c553c806754232701f834818a614000ca74114e28704ebb3f1970bfef9&req=dSIlEsh%2BlINcXvMW3nq%2BgafkwPUEyS%2F0oSIXs8SlVVqVMtExig3idQnngRqh%0AdvbaBWkzKcyP3QIgt%2B8A8b7RWRs%3D%0A) This creates an event for each category. Now that they're established, you can organize the original array. Using the `WHERE` function in a subsequent Event Transform action, we compare the original array's `type` key values against the categories we created in the Explode to see if there are any matches. ![An Event Transform action named ](https://downloads.intercomcdn.com/i/o/am0g137l/1224116828/364fe40730b310466e91683105a0/image.png?expires=1781611200&signature=1b7e5c3971ad03ec167eff23394eb0333eab5075b3ab2543f8fcd060b2c95014&req=dSIlEsh%2Fm4ldUfMW3nq%2Bgf0JbinMYOHUoLcBXJR6KSBvSnc%2FcpHh%2FuCED0qO%0Apg2Xjzx3U13dN9mDh4yWGFwux0E%3D%0A) After re-emitting from a previous event, we can see how the final Event Transform action is showing only the pie results. ![An Event Transform action named ](https://downloads.intercomcdn.com/i/o/am0g137l/1224118067/48567957fcd05c29d19536fe84f6/image.png?expires=1781611200&signature=0102a22885d92b1a6161dcdea50dec1d84ba637bfffd2c2197b0d2a8601e9d46&req=dSIlEsh%2FlYFZXvMW3nq%2BgRaFnaUUxZN4LhoP9AEFOpZKv3S87apJ9LgolcAT%0A2yzK6a37FlYcmler9tXBRubgzsw%3D%0A) ## Review the results Mastering data transformation in Tines is key to building effective and efficient stories. By applying the methods outlined in this article, you can tailor your data structures to meet your specific requirements, improving the performance and clarity of your story flows. ## Example approach: Event timers ## Overview As you build out your Tines stories, you may need user interaction mid-process for tasks like reviews, action validation, or confirmations. Combining the `PROMPT` function with Condition actions and delays is a useful pattern for these scenarios. ## Tines references Before getting started, we recommend familiarizing yourself with the functionality this article covers: - [Tines - Event Transform action: Deduplicate mode](https://www.tines.com/docs/actions/types/event-transformation/deduplicate/) - [Tines - Event Transform action: Delay mode](https://www.tines.com/docs/actions/types/event-transformation/delay/) - [Tines - Prompts](https://www.tines.com/docs/formulas/prompts/) - [Tines - PROMPT function](https://www.tines.com/docs/formulas/functions/prompt/) - [Tines - Condition action](https://www.tines.com/docs/actions/types/condition/) ## Make it happen ### Test a PROMPT Prompts in Tines enable user interaction within your stories. Testing prompts ensures they function correctly, letting you verify user responses. In this video, we show how to set up a `PROMPT` function within a Send Email action for a user to interact with (we emulate the interaction by pasting the `PROMPT` URL into a browser). [Watch video](https://www.youtube.com/embed/Ipr0u8TRx7s?rel=0) ### Validate a PROMPT Since the `PROMPT` function enables feedback loops, we recommend adding a [Condition action](https://www.tines.com/docs/actions/types/condition/) immediately after the prompt action to validate clicks. Without this, the story may continue unchecked. In this video, we set up a Condition action to check if the `PROMPT` URL was clicked by the end user. [Watch video](https://www.youtube.com/embed/BMxVR5Uy02U?rel=0) ### Remove duplicates from a PROMPT flow To maintain the efficiency and accuracy of your story flow, it's important to remove duplicate submissions. [Deduplication](https://www.tines.com/docs/actions/types/event-transformation/deduplicate/) prevents repetitive actions and ensures that your automation only processes unique entries. In this video, we walk through adding deduplication to a PROMPT flow. [Watch video](https://www.youtube.com/embed/rCLEvo57m54?rel=0) ### Apply a delay with event timers If the Condition action's criteria isn't met, we can add a [delay](https://www.tines.com/docs/actions/types/event-transformation/delay/) so the user has time to click the `PROMPT` link. In a real-world example, users aren't going to have zero seconds to click on something before action is taken. In this video, we create a delay with seconds. You can always increase the delay as you develop stories for production. [Watch video](https://www.youtube.com/embed/CxgzSUsl3j0?rel=0) ## Review the results Whenever you have situational logic that relies on user interaction, it's good to do a final check. In this video, we see what happens if the user clicks the link and how the delay event data flows through (or stops at) the deduplication action. [Watch video](https://www.youtube.com/embed/VviamMm2fys?rel=0) ## Example approach: Refactoring stories ## Overview One of the best practices to follow when building stories in Tines is refactoring. In this article, we cover some simple scenarios that showcase the most common methods of optimizing your story builds. ## Tines references Before getting started, we recommend familiarizing yourself with the functionality this article covers: - [Tines - Event Transform action](https://www.tines.com/docs/actions/types/event-transformation/) - [Tines - HTTP Request action](https://www.tines.com/docs/actions/types/http-request/) - [Tines - Condition action](https://www.tines.com/docs/actions/types/condition/) - [Tines - DATE function](https://www.tines.com/docs/formulas/functions/date/) - [Tines - INCLUDES function](https://www.tines.com/docs/formulas/functions/includes/) ## Make it happen ### Collapsing multiple Event Transform actions In this video, we look at an example with four Event Transform actions. The first three are using functions to capture different aspects of the date: day, month, and year. The final Event Transform is a reference of the upstream actions' values. [Watch video](https://www.youtube.com/embed/Ex1xgDKNzPE?rel=0) **Refactoring:** Instead of calculating each date piece in individual actions, we use that same series of functions in the fourth "Total Info" action. Once consolidated, we are left with the same end results of day, month, and year within one action, instead of across four. ![A Tines storyboard showing the refactored ](https://downloads.intercomcdn.com/i/o/am0g137l/1223875557/b6d3ed3689076abd5841ead47bc1/image.png?expires=1781611200&signature=47efbaa7bcebad77eb684eb97da672806c2de7c4f8ea89c332f33507688cb35f&req=dSIlFcF5mIRaXvMW3nq%2BgT3XcQlVC57R5oYb5FkF7mCO1QdckN7U0bIJI%2F9S%0AkAf1ZRlrImlI%2BpLPeQeBsbUsfWI%3D%0A) ### Reducing actions with functions In this video, we look at an existing story that uses Explode, Implode, and a Condition action to check an array of spells returned from an HTTP Request action and see if the "Feast" spell is included in the array. *Note: In this video, you'll see the action referred to as a "Trigger." This action has since been renamed to "Condition action." The functionality is the same.* [Watch video](https://www.youtube.com/embed/wrxaCQcG--c?rel=0) **Refactoring:** Instead of building out this logic through multiple actions, this can be done using the `INCLUDES` function, which returns `TRUE` if the target includes the specified value. Wrapping the array in `TEXT` first makes it easier to check with `INCLUDES`. We build this into a Condition action to handle both `TRUE` and `FALSE` scenarios, if needed. ![A Tines storyboard showing the refactored ](https://downloads.intercomcdn.com/i/o/am0g137l/2179737496/5785d78b9ec187d0008d00242c5b/image.png?expires=1781611200&signature=6dac2448c9f846bba5b6f0f4c2836ff2e6cb802b889ad8b5b8327a2ea6dec5ef&req=diEgH859moVWX%2FMW3nq%2BgdYytK3qO3KKJV%2FBZkV8qe0cHhSv7TQp7pfh4YxJ%0A9wvBmbHz1W%2BO4OlQsQUpzs8aYR8%3D%0A) ## Review the results We optimize these stories by reducing the total count of actions on the storyboard. It's also easier to troubleshoot when all of the formula logic is within one action. ## Example approach: Story forks ## Overview While building in Tines, you'll find that there are many ways to structure a story beyond a linear flow. A story fork is a design pattern where multiple streams of actions branch out from a single "kickoff" action, process in parallel, and then come back together to continue as a singular flow. Story forks are useful both from a processing perspective (running tasks simultaneously) and a visual perspective (keeping your storyboard organized). ## Tines references Before getting started, we recommend familiarizing yourself with the functionality this article covers: - [Tines - Stories](https://www.tines.com/docs/stories/) - [Tines - HTTP Request action](https://www.tines.com/docs/actions/types/http-request/) - [Tines - Event Transform action: Implode mode](https://www.tines.com/docs/actions/types/event-transformation/implode/) ## Make it happen ### Map an HTTP Request We prepare our HTTP Request by identifying the URL, selecting the appropriate method (GET, POST, etc.), and specifying any necessary parameters. Let's look at an example using an API that doesn't require authentication (also known as an open API). The Dungeons and Dragons 5e API lets us request information about spells, classes, and monsters. You can ask for the entire list of spells or retrieve a specific one like "acid-arrow." You can explore this API here: [https://www.dnd5eapi.co/](https://www.dnd5eapi.co/) ![The D&D 5e API homepage showing a request for a specific spell. The base URL field displays If you enter that URL into your browser, you'll receive the same information as you would from an HTTP Request action. In this example, we'll use [`https://www.dnd5eapi.co/api/spells`](https://www.dnd5eapi.co/api/spells). ![The D&D 5e API homepage showing the ](https://downloads.intercomcdn.com/i/o/am0g137l/2241414686/e15eba9c6929691c1ab8e6d72fef/image.png?expires=1781611200&signature=6cc823179d26973fb7257076c19cf834ec6e8557f75ca77f670a928235c62d41&req=diIjF81%2FmYdXX%2FMW3nq%2BgUKsunayadzaFzWR4AuzUXFQa1%2B9AtinCmQ7EgWB%0APRHDJPUyWYVe53mKduW2wb8LygM%3D%0A)https://www.dnd5eapi.co/api/2014/ with "spells" entered as the endpoint. Below, the JSON response shows a count of 319 results, with the first entry being "Acid Arrow" at level 2 with the URL /api/2014/spells/acid-arrow." width='828' height='847' style='height: auto;'/> To use this URL in an HTTP Request action, copy the URL and paste it into the URL field in the action's configuration. This approach applies to any API you want to call from an HTTP Request action. In this video, we walk through setting up an HTTP Request action. [Watch video](https://www.youtube.com/embed/8Q1nUlLrcb4?rel=0) #### **​Example steps:** 1. Add an HTTP Request action. 2. Set the name. 3. Set the URL. Retrieve this from the API's documentation. 4. Set the content type to JSON. 5. Set the method to GET. Most open APIs that don't require authentication use GET for retrieving data. 6. Run the action and review the results in the event data. This approach applies to any API you want to call from an HTTP Request action. ​ ### Capture data in an Event Transform action When you fork a story, you often need to capture and organize data as it flows through each branch. The Event Transform action lets you catch the incoming data and normalize it for consistent use downstream. In this video, we walk through formatting event data with an Event Transform action. [Watch video](https://www.youtube.com/embed/55v-84pDJv4?rel=0) We use the naming convention "Format" to ensure that subsequent actions reference the `format.message` field. This approach lets you rely on the Event Transform action to normalize the data, so you don't need to worry about variations in the JSON paths across different HTTP Request actions that occur beforehand. #### **Example steps:** 1. Open the event data from the HTTP Request action you want to capture data from. 2. Copy the path to the value you need. 3. Add an Event Transform action and connect it to the HTTP Request action. 4. Set the name to "Format." 5. Paste the copied path into the message field. 6. Repeat for the other branch. > **Tines tip:** You can copy an action with `CMD+C` (or `Ctrl+C` on Windows) and paste it with `CMD+V` (or `Ctrl+V` on Windows). This saves time when you need the same action structure on multiple branches. ### Pull results together with implode Now we need to aggregate the results from both branches back into a single event. This is where the [implode mode](https://www.tines.com/docs/actions/types/event-transformation/implode/) of the Event Transform action comes in. Implode collects individual events and combines them into one. You configure it by specifying: - **Item path.** The data you want to collect from each incoming event. If each branch has an action named "Format" with a value in `message`, set the item path to `format.message`. - **Size.** The number of items to collect before emitting. Since this example has two branches, set the size to `2`. - **Identifier path.** How implode knows which events belong together. `STORY_RUN_GUID()` works well here because it generates a unique identifier for each story run, ensuring that only events from the same run are combined. In this video, we walk through combining results with implode. [Watch video](https://www.youtube.com/embed/Z5xlWVzxOYA?rel=0) #### **Example steps:** 1. Add an Event Transform action and connect both branches to it. 2. Set the name. 3. Set the mode to `implode`. 4. Set the item path to the data you want to collect. 5. Set the size to the number of branches (in this case, `2`). 6. Set the identifier path to `STORY_RUN_GUID()`. As an alternative to using an identifier path, you can add a `seconds` option via the **\+ Option** button at the bottom of the action. This tells implode to wait a set number of seconds after receiving the first event before emitting. If you use `seconds`, remove the identifier path. ![The Implode mode configuration panel for an Event Transform action, showing three fields: Item path set to format.message, Identifier path set to STORY\_RUN\_GUID(), and Size set to 2. A blue arrow points to the + Option button at the bottom of the panel. To the left, the + Option menu is open, displaying three available options: Customize output, Local values, and Seconds. The Seconds option is highlighted and described as ](https://downloads.intercomcdn.com/i/o/1168822519/ca6ac5e79ffd91482db10e16/b7104b05-c354-4ae8-87a3-df3295d86f77?expires=1781611200&signature=7a8809723111a3cb2e941d2c2dfdb88388b234d8d0a655faf78528261c945fdd&req=dSEhHsF8n4ReUPMW3nq%2BgXPIeWZf0HVzAxEGh9Wvp%2FPS8p8PNJm72zwE%2BFxY%0Agw5lA5WZucji00dAlaX9QQX4dfo%3D%0A) ## Review the results Run the story from the top and watch how the two branches process in parallel before the Implode action combines their results into a single event. This pattern is useful any time you need to gather data from multiple sources simultaneously and then continue processing it as one unit. ## Example approach: Story troubleshooting ## Overview While working in Tines, you may encounter situations that require troubleshooting. This article outlines a scenario that uses common methods to help resolve issues and ensure your stories function correctly. ## Tines references Before getting started, we recommend familiarizing yourself with the functionality this article covers: - [Tines - Pages](https://www.tines.com/docs/pages/) - [Tines - HTTP Request action](https://www.tines.com/docs/actions/types/http-request/) In this video, we walk through a story that experiences different errors. We also cover each of these topics at a high level throughout this article. [Watch video](https://www.youtube.com/embed/nCPrsYNRIgY?rel=0) ## Make it happen ### Page behavior In Pages, the **Page behavior** setting defines what happens after your **Button** is clicked. It can navigate to the next page, redirect to a URL, or display a success message. By default, it's set to **Show success message**. So if you want it to lead to another page, be sure to update this setting accordingly. ![A Page action named ](https://downloads.intercomcdn.com/i/o/am0g137l/1223732281/aa7e2f4b5f4e7a36fc47d5b2c4f7/image.png?expires=1781611200&signature=2cf804c0096e1af6bf7caf50f46c0bebc02fe72e3c44bd052b92ec1791a90bf9&req=dSIlFc59n4NXWPMW3nq%2BgQUJiSU60ytvQtE7FAuRuSmTwcWSIj1T8P7%2FlNWx%0ArCRhyJ6WQWx4Y5MmDzJnyjqjWVw%3D%0A) ### HTTP request error When making a request to a service, it's important to verify that the request is successful before proceeding with your story. After configuring your actions, always run them to ensure you're receiving the expected data. You can view more details in the **Logs** tab on the top right corner of the properties panel for a given action. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1223713801/b946d9b1863855a7d00635cb5123/image.png?expires=1781611200&signature=e86b7480a1d798c4678489081487bc100859ff87edc8727a5f56c191517e0b7e&req=dSIlFc5%2FnolfWPMW3nq%2Bgevqsz0zMafab7ZDty7NOQSMEl9wnK1TfOTY%2BkNj%0AvBU50kUyjU1rI8EdQi5Rq5ece0A%3D%0A) In the example provided, we get a `404` response status code. The **Logs** of the action tell us that it cannot `POST`. This means that we are more than likely using the incorrect method in our API call: ``` Failed with 404 status code Response body: Error 
Cannot POST /api/v2/pokemon/120
``` We change the **Method** option in our HTTP Request action from `POST` to `GET`. This returns a successful response. If you still get an error, it's always good to refer back to the documentation of the API you're reaching out to. ### Re-emit last event Instead of using the **Run** option on your actions, we recommend navigating to the last successfully executed action, clicking the three-dot menu in the bottom bar, and selecting **Re-emit last event**. This lets you quickly verify whether an updated or modified action works as expected. ![An HTTP Request action named ](https://downloads.intercomcdn.com/i/o/am0g137l/1223749273/aed9f3e97652a353b4ff13e763bd/image.png?expires=1781611200&signature=294294c1bbea4167290a91f63320881689e5db996eb15af3a32714c54f85e4ec&req=dSIlFc56lINYWvMW3nq%2BgbxFa8PPR91da3DJ4NUjnFI4U3o0pcFuV9Knoh6X%0ARSvDNXPJRZRSdCQfhaxCPblKiK8%3D%0A) ### Incomplete path error After re-emitting the last event from the top, we see that the final Page action has the following error in the **Logs** tab: ``` Incomplete path for value: `get_random_image.body.sprites.front_default.` ``` This means there was an extra period (`.`) at the end of the JSON path. We can also see this in the error itself. We'll fix this in the next section. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1223768834/ba731d559f98190015974628d4ec/image.png?expires=1781611200&signature=4c0d16a189bd43732cc1472effe33d18788f4a82a6802b15490fc58ca5667212&req=dSIlFc54lYlcXfMW3nq%2BgXES%2BJwsyJq4AW8sZR4qcTTCDEkljUVQd2m34z9O%0Ah3Ih2EpR9bg4bzduIMb5j%2Bv6hDc%3D%0A) ### Edit page Since this is a Page we're working with, we click the **Edit** option. ![A Page action named ](https://downloads.intercomcdn.com/i/o/am0g137l/1223808289/ae4cfb5574ade52c10cef4a2d5ff/image.png?expires=1781611200&signature=b3b4e46128e1ef410e9cb2eb91f195acc4631b609d905c089ebff7107867043a&req=dSIlFcF%2BlYNXUPMW3nq%2Bgb4r2XvxONNTIMNzTPjztPzhlAK4p3I4YCBoNzLT%0A5mJHttuHme%2Bl%2B6yyBfnwGrNctE8%3D%0A) This opens the Page configuration and lets us access its **Elements**. In this example, we're using an **Image**. We click on where it says **Couldn't load image**. Here, we can see in the editor **Path** the incomplete path error from before. Once that extra period (`.`) is removed, the results show what would be in that JSON path (since we fixed the previous HTTP Request action). ![The Page editor showing the Image element configuration after fixing the incomplete path error. The formula field at the top is highlighted, showing the corrected path get\_random\_image.body.sprites.front\_default (without the trailing period). The Result field is highlighted, showing a successful URL pointing to a Pokémon sprite image on GitHub. Below, the Page preview still shows ](https://downloads.intercomcdn.com/i/o/am0g137l/1223803821/baa7e1ce4fbef5296a3266d1cb8a/image.png?expires=1781611200&signature=b17dfae407905bffa74a22d607c626606fddea2a905563413d0194701c65e5e5&req=dSIlFcF%2BnoldWPMW3nq%2BgfywrrqidkhKeRwP64mtjailmgFR3VMyhDM0XqY0%0AZmfIZM2oKnKv0%2BON2iK%2BpzAVLDQ%3D%0A) ## Review the results After working through these issues, we run the story one last time to make sure it works as intended. Navigate to the first Page action as an end user, click Submit, and see the image results. ![The final results Page titled ](https://downloads.intercomcdn.com/i/o/am0g137l/2244981403/fefe03c6cec7ae9dc1709c0b70e5/image.png?expires=1781611200&signature=0ff8032add3a9eeb2363caaa6f1d0afcc3835f9d706a162510181f8d697535ff&req=diIjEsB2nIVfWvMW3nq%2BgYSYhY9rsfObuBYPoQsEeNVvKLI9SrMAyVsIMlNu%0A4lBDEIKOhBjzh%2BaCQeBOVguZ9Rk%3D%0A) ## ExaVault Authentication Guide ExaVault gives you a simple, reliable, and secure way to share files with anyone -- no matter what platform they use. ### First, get a ExaVault API key 1. Login to your ExaVault account at [https://www.exavault.com/](https://www.exavault.com/) 2. From the "Developers", select "API Keys" ​ ![](https://downloads.intercomcdn.com/i/o/852353816/43ec96ead07786003bbd5be3/image.png?expires=1781611200&signature=65294d994b496d4c27e48ed460d15a88b1d1a7545eba357ab17427632da4b777&req=fCUlFcx9lYBZFb4V1XW4geqFKyY2hEzXuOFJAUNyggEZ0Xpuq18IfoFUQrD5%0ARH2QP0fkpDCslUgINS56y%2BrY3w%3D%3D%0A) ​ 3. Click "Add API Key" 4. Name your key, enter your password and click "Save" ​ ![](https://downloads.intercomcdn.com/i/o/852354314/942e75cfb610e4078f188d47/image.png?expires=1781611200&signature=e119bbb2dc780696c4eddd3749674efcd4f404b5a68d7731b7e30028ca8052ff&req=fCUlFcx6noBbFb4V1XW4gakpzXhfxww728J%2FKL4JF8V4e53bK647LY0unOFv%0AI%2FcjRXIOBSOBkKTw9lYqJmdd7A%3D%3D%0A) ​ 5. Copy your API key ### Lastly, create a ExaVault credential in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Text" 4. Input the values for the ExaVault credential 1. **Name:** ExaVault 2. **Description:** Optional 3. **Value:** Your API key 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API 6. Click "Save" > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of ExaVault** **stories in the [story library](https://www.tines.com/library?s=exavault&view=all)** ## Exporting Dashboards In Tines, you can export both individual dashboard items or your entire dashboard. This article guides you on how to do this on either a one-time or recurring basis. Read our introduction to dashboards [here](https://explained.tines.com/en/articles/9521649-introduction-to-dashboards). ## Exporting ### Individual graph To export an individual dashboard item, click on the three dot options button on your graph and click ‘Export as image’. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2203633012/f4d6ada558e293775b933468ff83/dashboard+-+export+single.gif?expires=1781611200&signature=010216fca227d5a2a3eb6bc67a88fa7ba8693e346bd293e0a7d2bae23def30d2&req=diInFc99noFeW%2FMW3nq%2BgVvAlJMm7IZ3pwA3TZW9KnQ%2FNF9LeF8v%2F9fdyj8P%0AfTvr6FApJ5h5tCjzFP9R0YF5KY8%3D%0A) ### Entire dashboard To export an entire dashboard, click on the three dot options button at the top of your dashboard and click ‘Export as image’. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2203633982/e2d9859a706fdd7feb277d876002/export+all+dashboard.gif?expires=1781611200&signature=87da4694081337b0acbe32e78fdb89b8f5d4f390875432bbdb0b9acaa8cd260b&req=diInFc99nohXW%2FMW3nq%2BgVEUA91vBU8rP4UnDNjX0fg6kGNvT725SIWukh20%0AWNWm2VAg31DyHSUc0AZq0Pc9nRk%3D%0A) ### Export options Once you select your item for export, you can apply your preferences. Preference options include: - Graph background color - Light or dark mode - Graph size options ![](https://downloads.intercomcdn.com/i/o/am0g137l/2203631298/5e0a885d8da002827f3a153fef62/c2144361-c4de-431e-94b7-5ee2286cc6f5?expires=1781611200&signature=09ffa02aa3c1d102d6fd0c85743e88dd8398de3f6ce4cf8e57d72fa043a42258&req=diInFc99nINWUfMW3nq%2BgXpY1FiR1JeemkIgDFUGFUDxxyyCPQZeJwoQZyfP%0ALZ7R0rRFxEwdecZ%2Bre3saAyWxBI%3D%0A) ## Snapshot You can also email a PDF snapshot of your dashboard on a daily or weekly basis to a list of emails. In the toolbar at the bottom of your dashboard, click on ‘Snapshots’. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2203631300/d9537f0baf0268e729c7f4bd00c4/f99d80ba-9f22-425f-86a3-96d50cb602eb?expires=1781611200&signature=94345dbc82ab0fbd09e9051cfadd2fd321a45395fb960072d35332d6f8c9c486&req=diInFc99nIJfWfMW3nq%2Bgcl27SLxu5eF8sGkhmboJDeDX1MFEIp9LtLN1rCh%0AQq2Bf0JDreSlX2AMxlBdIths0wU%3D%0A) Give your snapshot a name and add your recipients. > Note: If you are adding multiple recipients, separate the email addresses with a comma. Set how often and when you want your snapshot to run. Finally, select which charts to include in your snapshot. You can preview your snapshot before saving. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2203637219/4a06523b40df68bbbd59ee488392/Snapshot+settings.gif?expires=1781611200&signature=0645a45050d7df6b799171d0d4e85704a2181595f2ca66e9c98cfd158209ec79&req=diInFc99moNeUPMW3nq%2BgboC8eOg8IWjgfQ8294f1%2BaOYrzSNccD6Jpo3aj4%0AJnygmQkePzeeQMdwIlCq9Kn1CQA%3D%0A) Learn more about dashboards in our [docs](https://www.tines.com/docs/records-cases/dashboards). ## ExtraHop Authentication Guide ### First, configure account in ExtraHop 1. Ensure your user account has the appropriate privileges set for the type of task you need to perform (See [ExtraHop privilege levels](https://docs.extrahop.com/9.3/rest-api-guide/#privilege-levels)) ### Next, create resource and credentials in Tines One resource and two credentials will need to be created: - Resource: "extrahop\_username" - Text type credential: "extrahop\_secret" - HTTP request type credential: "ExtraHop" ##### Resource 1. Navigate to the team that will be using the API and click "Resource" 2. Click "+ New Resource" 3. Input the values for the ExtraHop resource 1. **Name:** extrahop\_username 2. **Description:** Optional 3. **Builder:** your extrahop username 4. **Optional** 1. **Access:** What other teams can also use the resource 5. Click "Save resource" ##### Text type 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credential" 3. Click "+ New Credential" and select "Text" 4. Input the values for the ExtraHop credential 1. **Name:** extrahop\_secret 2. **Description:** Optional 3. **Value:** your secret 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains 2. **Access:** What other teams can also use the API 6. Click "Save" ##### HTTP request type 1. Click "+ New Credential" and select "HTTP Request" 2. Input the values for the ExtraHop credential 1. **Name:** ExtraHop 2. **Description:** Optional 3. **URL:** `https://.api.cloud.extrahop.com/oauth2/token` 4. **Content Type:** Form 5. **Method:** post 6. **Payload:** Copy the below object and paste into the "Plain code" section: ​ ``` { "grant_type": "client_credentials" } ``` 7. **Headers:** 1. **Header:** Authorization 2. **Value:** Basic <> 8. **Local values:** Click the "+ Option" button, select "Local values" and paste the below into the "Plain code" section: ​ ``` { "creds": "<>:<>" } ``` 9. Click "Run options" and make sure you get a successful response. 10. **Location of token from response:** `<>` 3. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains 2. **Access:** What other teams can also use the API 4. Click "Save" Your credential should look like the following: ![](https://downloads.intercomcdn.com/i/o/816806186/b6033d12f007ec86576416f6/image.png?expires=1781611200&signature=45322d24bed42c7cabfb21e530e2d27839db8af3d2a2d70ab2a6439492ed56eb&req=fCEhHsl4nIlZFb4V1XW4gaSUYDksrfsZXM%2BBztzefIhpAQ3ggjiym8wIHSqV%0AzZji85XlSDvZMd4OsGq4qD2DGw%3D%3D%0A) ![](https://downloads.intercomcdn.com/i/o/816806323/df0ad41f5bbe020b2c5869ab/image.png?expires=1781611200&signature=150cc330fee0ac08a814b8431106827e2208a05adad63a3bf4b475b25fa9bf2b&req=fCEhHsl4noNcFb4V1XW4gawJEnu71CDa%2FDCWfCU0DBMOIsIx6gW89y3YlBnI%0AzQ5ujTEGMFIZFasF6nzUMLR90g%3D%3D%0A) ![](https://downloads.intercomcdn.com/i/o/816806584/f2def15cceec9b19a1e562c9/image.png?expires=1781611200&signature=7330826133216117207963286b45082b618f0db6c03e4f8626eb152d7b5f1c17&req=fCEhHsl4mIlbFb4V1XW4gYKiXwdqVcqFIf9qTXQAOj6kRk0vdy58wczH0ED6%0A341LcFXCrCBMwjn31LIZU%2FxDAw%3D%3D%0A) > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of ExtraHop stories in the [story library](https://www.tines.com/story-library?s=extrahop).** ### Using the credential and resources in an action The Header configuration for your ExtraHop credential should be: ``` "Authorization": "Bearer <>" ``` Here is an example ExtraHop action you can copy and paste onto your storyboard in Tines: ``` {"standardLibVersion":"35","actionRuntimeVersion":"4","agents":[{"disabled":false,"name":"List All Detections in Extrahop","description":"List All Detections in Extrahop","options":"{\"url\":\"https://<>/api/v1/detections\",\"content_type\":\"application_json\",\"method\":\"get\",\"headers\":{\"Authorization\":\"Bearer <>\"}}","position":{"x":690,"y":510},"type":"httpRequest","timeSavedUnit":"minutes","timeSavedValue":0,"monitorAllEvents":false,"monitorFailures":false,"monitorNoEventsEmitted":null,"recordType":null,"recordWriters":[],"form":null,"cardIconName":"httpRequest","createdFromTemplateGuid":"c8388b626850667f74b5b65c1146a8fe288572c5ffe5fdc11db00ebfff2a1866","createdFromTemplateVersion":1,"originStoryIdentifier":"cloud:aa47f8215c6f30a0dcdb2a36a9f4168e:d4c15df0f02ba4789095426607003199"}],"links":[],"diagramNotes":[]} ``` ## Feedly Authentication Guide Feedly is a robust feed reader that aggregates information from around the web into one convenient place. You can use it **to view updates on any topic you're interested in**, whether they come from the news, blogs, social media posts, RSS feeds, or other sources. ### First, get a Feedly API key - Login to your Feedly account - In the top left, select your workspace name, then under *Workspace*, select **Settings** - Within Workspace settings section, select the **API** tab - Select **New API Token** - Name your Token, and select **Generate API Token** ### Lastly, create a Feedly credential in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Feedly" and follow the prompts to connect. > **Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/feedly).** > > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Feedly** **stories in the [story library](https://www.tines.com/library?s=feedly&view=all)** ## Fibery Authentication Guide Fibery is a work management platform designed to help teams collaborate, organize information, and manage their workflows. It provides tools for project management, task tracking, and knowledge sharing. Fibery focuses on providing a flexible and customizable environment to accommodate various team structures and workflows. ## First, get a Fibery API key 1. Login to your Fibery account 2. Click on the user menu and then click "Settings" ​ ![](https://downloads.intercomcdn.com/i/o/948716295/69bfb2b248f9e036b8540bd5/image.png?expires=1781611200&signature=c8f3b0756aaf90d7b2de354a38fdb07f80e768c7b89659fbecb2231cc766a405&req=fSQvEch4n4haFb4V1XW4gZBkUGrhunr1bg1w1IPecFd8%2BBXFZbfN9dqco58%2F%0AICMXZSaQdEhzmfJQby%2BirB1Raw%3D%3D%0A) ​ 3. Click "API Keys" and then click "Generate API key" ​ ![](https://downloads.intercomcdn.com/i/o/948716594/4ba9d036397c5c9e4e0b41bb/image.png?expires=1781611200&signature=f001673f92f18f295e367637cfbd970b9f1765f78cc486806da591d8af6a7ab9&req=fSQvEch4mIhbFb4V1XW4geM%2FIf23Mvg9Az8ZsBzBlN48mxdv%2BIHGJSWKSd1q%0AA%2BauISC0s0VSoghv0qSF12%2Bn7Q%3D%3D%0A) ​ 4. Copy your API key to a text editor ​ ![](https://downloads.intercomcdn.com/i/o/948717282/d75cff2d0dd031a514fa8cd5/image.png?expires=1781611200&signature=25f464f1873215683ae66ab4ddd490fce2da3080173c4553e32e67e3b7388d63&req=fSQvEch5n4ldFb4V1XW4gXXX3MGxnE3UxXWwJ6cLWjNCO9yzO1EdjocGpwiB%0ASFRx%2Fy3uilVZ%2F5zuAvO%2BnEc5UQ%3D%3D%0A) ## Lastly, create a Fibery credential in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Text" 4. Input the values for the Fibery credential 1. **Name:** Fibery 2. **Description:** Optional 3. **Value:** Your API key 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API 6. Click "Save" > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Fibery** **stories in the [story library](https://www.tines.com/library?s=fibery&view=all)** ## Formulas and pills explained Many automation tools claim to be no-code. But once you need to do something tricky, like precisely assembling a piece of text, or modifying the structure of data between APIs, you’ll find yourself blocked, or needing to write code. That's where formulas come in. If you’ve used tools like Excel, you likely already know how to use them. And with our built-in library of *hundreds* of functions, and easy-to-use formula “pills”, you can easily tap into the power you need. Here's how they work. Just like in spreadsheets, formulas in Tines allow you to *transform* data. Where a formula in a spreadsheet references data from other cells, a formula in Tines references data from various other places in Tines. Formulas in Tines let you reference: 1. Upstream event data 2. Resources 3. Credentials 4. [INFO](https://www.tines.com/docs/formulas/referencing-data#info) and [METADATA](https://www.tines.com/docs/formulas/referencing-data#metadata) ### **Referencing upstream actions with formulas** Let's pretend we have an action that fetches the value from a form on page. A downstream action could reference that data, for example, it could include the email address that the user submits. The formula would read something like: `user_form.body.your_email_address` ### **Referencing resources with formulas** Resources in Tines are reusable pieces of data. Things like the same text, object, array, and file can be used used multiple times across multiple stories. To reference a resource in a formula, you can use the special RESOURCE key. Let’s say we have a text resource named "Domain name", the following expression would fetch it: *`RESOURCE.domain_name`* ### **Referencing credentials with formulas** The CREDENTIALS key works identically to the previous RESOURCE example, for fetching credentials. **Note:** because these are inherently sensitive, we’ll never output a preview value in the formula builder when working with credentials. Use the following expression: *`CREDENTIAL.example_api_key`* ### **Add formulas using “formula pills”** Formulas are most frequently used in actions. You can add one to the content of actions in Tines using a formula *pill*. Think of pills like dynamic variables in action text. Pills allow you to reference and format incoming event data using formulas. There are a few kinds of formula pills; - Value pills - Tag pills When you use a pill, it displays the result of the formula expression when the action runs. For example, “The total amount is **SUM(array)***”* would read “The total amount is **300**”. Tags, on the other hand, control the flow of execution. Tags are particularly useful for doing things like building emails. You can add a Value or Tag pill like this: ![](https://tines-f60bb36f92a5.intercom-attachments-7.com/i/o/961980237/9babde3cb469fa10f32f8a6b/IZ9GA1qWvGNtf2KNHdvTZ4ZhI6wlffEXze2rC56p0JPaoWFbB5CVy1OthxE-UlJHExWYNY_XzR7cec2M0yvNh5fyxgYaE4ZKDwSR4plfpe0FpX4xPkNH5soLE_ns7TNBxx6OZc2IXcTWJ72BpFEmqck?expires=1781611200&signature=c18f57e9cd52e75a8484970eb39fc9b58d9ca652e2149990634b159f838539e4&req=fSYmH8F%2Bn4JYFb4V1XW4gffbKT3xQpq7HoGsnkP1ADYaxb%2BecP294kIhRoFg%0AGefHYhDSfUGaU7zphwihHRFNrw%3D%3D%0A) ### **Editing formulas** Use the popup formula builder to author your formula expression. We’ll show in-line help and documentation as you type, and a preview of the result. ### **Adding formulas using “formula fields”** When you use a pill within a piece of text, the value is converted to text and joined with any surrounding text. This isn't always what you want, sometimes you will want to add a complex object directly to a payload. To do this you can use a formula field, instead of a text field, inside the builder window. Using a formula field will return the value directly, rather than converting it to text. This is useful for cases where you want to return a dynamic non-text value, like an array or an object. ![](https://tines-f60bb36f92a5.intercom-attachments-7.com/i/o/961980253/43466eb6e6d9d7c72e883d2e/-MzMxOFsUKKZV44WRiF94JOtZC21LJffEqaycrWbcCd8Us3fzPZYm6YkxH7Z4agcgoHdWbMiQdbzordOX_CTJ2tk3g-C3yOXWF2oq9oICvTMtOsVgBUSMQeO_1drMutys4lja4FpN9tYWJ6OIV40kdA?expires=1781611200&signature=2235b75c1eeff45d5d800e1f4bb6a1bea94d994a8944d7862d1445b927559cbe&req=fSYmH8F%2Bn4RcFb4V1XW4gceE4ZpI8yueULdDbr3mNCPMPNy55Wx3%2Bgh3qZg3%0A4394%2BYWBSKkuILDRE6HmoAHIJA%3D%3D%0A) > To start building with formulas now, you should check out [these examples](https://www.tines.com/docs/formulas/examples), and our [library of functions](https://www.tines.com/docs/formulas/functions). ## Freshservice Authentication Guide Freshservice is a cloud-based IT Help Desk and service management solution that enables organizations to simplify their IT operations. The solution offers features that include a ticketing system, self-service portal and knowledge-base. ## First, get a Freshservice API key 1. Login to your Freshservice portal 2. Click on the user menu and then click "Profile Settings" ​ ​ ![](https://downloads.intercomcdn.com/i/o/969214998/5d342725eebf95b2d328f48b/image.png?expires=1781611200&signature=aa301f7c4bae153b201c1838ef5b708ffcc2f7a70b28dda979c995b12f953351&req=fSYuFMh6lIhXFb4V1XW4gYh9h%2BKyN01yjm01YZk%2Be92KznS8p1HEpct5bvC%2F%0A0Pt6%2FN%2Fuz9PYTAyXvIZUdt%2FQYA%3D%3D%0A) ​ 3. Copy your API key ![](https://downloads.intercomcdn.com/i/o/969215448/ceb7205a8cc09bc3e1e6ea71/image.png?expires=1781611200&signature=635c9f9e22d2945ebcd7b5546ea50fb85360621d0c41d5484b3b9a3d8794ab94&req=fSYuFMh7mYVXFb4V1XW4gQf%2FJhG%2FwiQimNtSnbBOFZeUsP1DvI07fsXQQwnG%0ArDpR9ljkPs3pqlGHwqVetMQgCw%3D%3D%0A) ## Lastly, create a Freshservice credential in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Freshservice" and follow the prompts to connect. ​ > **Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/freshservice).** > > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Freshservice** **stories in the [story library](https://www.tines.com/library?s=freshservice&view=all)** ## Functions FAQ A function is a reusable instruction that you can use to perform certain tasks in Tines. [This article](https://explained.tines.com/en/articles/9009911-functions-in-tines-explained) explains functions in Tines. ## Is there any performance difference between nesting function calls vs. using the pipeline? There is no difference in performance when using nesting functions rather than pipelines. Examples: - Nesting functions: `func2(func1())` - Pipeline: `func1() |> func2(%)` For more information on operators in Tines, [see here](https://www.tines.com/docs/formulas/operators). ## What type of regex does Tines use? Tines uses Ruby-compatible regular expressions (regex). > You can use [https://rubular.com/](https://rubular.com/) to test your regex as you build. ## How do I find which object in the array has the largest ID? You can use [SORT()](https://www.tines.com/docs/formulas/functions/sort) to sort the array based on the key and then use [LAST()](https://www.tines.com/docs/formulas/functions/last) to select the last object in the sorted array (the highest value) `SORT(example.data, "id") |> LAST(%)` To learn more about working with arrays, click [here](https://www.tines.com/docs/formulas/functions#arrays). ## How can I remove unwanted elements from an array? The REJECT function can remove unwanted elements from an array. This example removes empty strings from an array. `REJECT(array, ["", NULL, 0, FALSE])` Read about all of our functions in our docs [here](https://www.tines.com/docs/formulas/functions/). ## Functions in Tines explained ### What is a function? A function is a reusable instruction that you can use to perform certain tasks in Tines. You can tell Tines to do a whole range of things using functions, such as edit or transform data. Functions can also tell you things *about* data, giving you values like counts, dates, times, and others. Functions are a critical component of what makes Tines so powerful - allowing you to automate specific tasks with any set of data. The best thing about Functions in Tines? If you know how to use Functions in Excel, you already know how to use Functions in Tines. ### An example of a function Each function has a name denoted in `CAPSLOCK`. A simple example of a function is the function `JOIN`. Let's say you have a list of items and want to join them together in a single string, you would use the `JOIN` function. This function combines the elements in an array into a single text value. So, if you had an array that had four items in it, north, south, east and west, it might look like this: ![](https://tines-f60bb36f92a5.intercom-attachments-7.com/i/o/976661162/c282fdf94b5f4b8867152e30/NAbEPBYM7PyWa5j0UV3Y8VDWgIZqvKqb16OIzHr_UDf-_PSH1Lf1UIswM9QzlDQgRLY_o2zVMTdQmxXMpJPSHj_sCmeBcEgZOeXo-4lqHzCYUOrqo4XOKMRE3QQX8qb7iIyEJAOb_ymvl6sSjA9yds4?expires=1781611200&signature=ed47354d1d6c358988c5982637a0df9536fd5beb8ee94af55d85e8bad8fa3d59&req=fSchEM9%2FnIddFb4V1XW4gRcS9UK2KzE8mya2Awe%2BgcVtwmdzJBibS5lBkhqz%0AiaZeRsIBlQ1YBrvgkeVQaszgPg%3D%3D%0A) The `JOIN` function would join all those items together into a single string. The formula syntax for the `JOIN` function looks like this: `JOIN(array, join_text)`. To do this, you would add an Event Transform action containing that formula to your story. ![](https://tines-f60bb36f92a5.intercom-attachments-7.com/i/o/976661181/49f82fe099273f2e0d0b7f75/4K94xXJrSr5nZ7WNPtCYrv1uJa7WJnwQfrgeoMwvdrX6S4XrsA_iXB9-LvA6Lde5ffdTb3zWBHyEVqqt4zomO_Hsyb_f1K5YZgpkyZY3_wCzkisf_Y_-PBeXHoaLEfpMLHXJjSSH1XMG229XvtZYRls?expires=1781611200&signature=bb6c3db20fb65e723ccf48accd5791073f906e433e9c147512549f5127829259&req=fSchEM9%2FnIleFb4V1XW4gbtpMPBeNL5fHhG2fma5n90ZUdNbF0hifNsCxgtx%0A0Xg%2FH8OjN9FO9ljsUq4nBjZ7Nw%3D%3D%0A) Then, in the `JOIN` event Transform action, enter `JOIN(my_action.message, “ ”)` in the payload of the build pane. When you run the story, the output would be "north south east west". ### Best practice advice from the Tines team for using Functions Here at Tines we use functions *a lot*. So, to help you get up to speed with Functions as quickly as possible, we’re sharing our best practice advice with you. ### **First, let Eoin show you around** Eoin Magner is a customer success Engineer at Tines. In this 3-minute video below he shares his top tips for getting started with functions in Tines. [Watch video](https://www.youtube.com/embed/az_g2dxeXlc?rel=0) ### **Start simple** A great place to start is our functions library, [here](https://www.tines.com/docs/formulas). But, it’s a very long list and is most useful if you know what you’re looking for. So here’s a short list of *just some* of the useful (but also easiest the get started with) functions to get quick results from: - **[SIZE](https://www.tines.com/docs/formulas/functions/size)**: This function returns the number of characters in text or the number of elements in an array. For example if you had an array with four elements, the `SIZE` function would return an output of 4. ​ - **[PLUS](https://www.tines.com/docs/formulas/functions/plus)**: This function adds a number to another number. For example, if you had the number 6 in a message, you could use the PLUS function to add 2 to it, with an output of 8. ​ - **[DAY](https://www.tines.com/docs/formulas/functions/day)**: The function `DAY` returns the day of the month for the specified date. The accepted Format is \`year-month-day (year/month/day)\`. So for example, if you use the accepted format (e.g., 2022-03-19) you would get an output of `19`. ​ - **[DOWNCASE](https://www.tines.com/docs/formulas/functions/downcase)**: This function turns any uppercase character in text to lowercase. For example, it would turn ‘Hello World’ into \`hello world\`. ​ - **[JOIN](https://www.tines.com/docs/formulas/functions/join)**: As we saw in the example above, this function combines the elements in an array into a single text value using the argument as a separator. ​ - **[SORT](https://www.tines.com/docs/formulas/functions/sort)**: This function sorts elements in an array by a property of an element in the array. For example if you had an array of users, and each had the following elements: First Name, Surname, Id, Job, you could use `SORT` to order the list of users by surname. ​ - **[DEFAULT](https://www.tines.com/docs/formulas/functions/default)**: This function allows you to specify a fallback in case a value doesn’t exist. For example, if you wanted to say Hi "first name" but we don't have a first name, we can say "hi there" where the fallback is "there" - **[INCLUDES](https://www.tines.com/docs/formulas/functions/includes)**: This function returns `TRUE` if the target (which can be text, an object, or an array) includes the value, otherwise it will return as `FALSE`. For example if you had a target with a value of “Hello world” and you used the formula `INCLUDES(my_action.value, "world")`, it would return an output of `TRUE`. ### **Make use of example blocks** Our next piece of advice is to familiarize yourself with the **usage examples and in particular, the sample actions.** You can easily copy paste these from the functions library into your own story. It’s a serious time saver! Copy these into your own story to see and understand how it works there and then. Now you’ve got a great starting point to input your own specifics in place of the example content. ![](https://tines-f60bb36f92a5.intercom-attachments-7.com/i/o/976661199/ad06ae010f002aa9f4938915/eU0mdtPo2-gDHymp7giAlz4i8vjzwLXaSDwVR_R8aTiaQPzvom1ZgmIi8vT-sp8oOHJStr6_SLbYkMUQY-aMBOjPwsweM4p0ZzBgj9oBg0-9Ezh7Ynz_hReF5gZidlKYPbW6d2cYmdz0AsQ0c3WA1IY?expires=1781611200&signature=1b926106133a798cab696222bd11c084b7ecb41d721cd99a79e5d43f8530c60d&req=fSchEM9%2FnIhWFb4V1XW4gebPf1xX5KzkCaHCpcDJryNFZSvezkBjcz4taCOA%0A5yVDuCmtdIJQA9krNa%2Bg%2FYgK7Q%3D%3D%0A) ### **Leverage the highest-impact functions** There are *hundreds* of predefined functions in Tines, but some are more valuable than others. Where some are highly specific, others provide greater utility. Below is our list of the most valuable ones. These can also be some of the trickier ones to get working, so we recommend starting simple with the list above in #1. - **[MAP](https://www.tines.com/docs/formulas/functions/map):** The `MAP` function creates an array by extracting the values of a named property from an array of objects. ​ - **[LAMBDA](https://www.tines.com/docs/formulas/functions/lambda):** The `LAMBDA` function is basically a custom function, where you can create your own function to perform a specific task. `LAMBDA` can be used as a standalone function or within other functions, such as `FILTER`, to perform calculations on each item in an array. ​ - **[MAP\_LAMBDA](https://www.tines.com/docs/formulas/functions/map-lambda):** Now that we know `MAP`, and now that we know `LAMBDA`, it’s easiest to think of `MAP_LAMBDA` as a combination of these two. Where `MAP` iterates over an array, and `LAMBDA` gives us a reusable function, `MAP_LAMBDA` iterates over the array and performs an operation defined in the `LAMBDA` on each entry. ​ - **[WHERE](https://www.tines.com/docs/formulas/functions/where):** This function will select all the elements in an array where the key has the given value. ​ - **[FILTER](https://www.tines.com/docs/formulas/functions/filter):** Filter is a function that takes either an array or an object, along with either a lambda function or an array of values to retain. When provided with an array, it returns a new array containing only the values that satisfy the condition specified by the lambda function or are included in the array of values to retain. When given an object, it returns a new object containing only the key-value pairs where the values satisfy the condition specified by the lambda function or are included in the array of values to retain. ​ - **[REJECT](https://www.tines.com/docs/formulas/functions/reject):** This function lets you remove specified objects, lists, or arrays. For example, if you had an array 1,2,3,4,5,6,7,8,9,10, you could use `REJECT(my_array, ARRAY(2, 4, 6, 8, 10))` which would give you an output of 1,3,5,7,9. ​ - **[REDUCE](https://www.tines.com/docs/formulas/functions/reduce):** This function turns an array into a single value. For example, if you had a list of numbers, you can add them all together, multiply them, or find the maximum number. For example, if you had an array of numbers, you could iterate through the array, adding on the current number to the total of all previously summed numbers. ## Generate a HAR file for troubleshooting ## Overview When working with Tines Support, you may be asked to generate a HAR file to help with troubleshooting certain issues. In this article, we'll cover the steps on how to do this in commonly used web browsers. ## Tines references Before getting started, we recommend familiarizing yourself with the surrounding functionality this article covers: - A **[HAR file](https://en.wikipedia.org/wiki/HAR_\(file_format\))** [(**HTTP Archive file**)](https://en.wikipedia.org/wiki/HAR_\(file_format\)) is a log of a browser's network activity, and is useful for capturing information behind-the-scenes for scenarios like UI performance and API issues. - Need to strip out sensitive information from your HAR file before sharing it with Tines Support? Cloudflare offers a [HAR sanitizer tool](https://har-sanitizer.pages.dev/) that can be used to redact this data. > **Note:** A HAR file records and captures browser activity and can contain sensitive data such as cookies, passwords, client secrets, and other data. Please ensure that you remove any sensitive data and secure your HAR files accordingly. ## Make it happen Jump to your browser's section to get started: - [Chrome](#h_5d53b8cde2) - [Edge](#h_03c2bcaf7b) - [Firefox](#h_1340a02345) - [Safari](#h_8c90c47169) > **Tines Tip:** If you have any additional questions on how to generate a HAR file outside of this article, we recommend visiting your browser's documentation for more info. ### Chrome 1. Open Chrome and navigate to the location in Tines where the behavior is occurring. 2. Navigate to the **⋮** button → **More Tools** → **Developer Tools**. Alternatively, you can use the keyboard shortcut: `Ctrl + Shift + I` for Windows; `Cmd + Option + I` for Mac. 3. In the pop-up panel, select the **Network** tab. **Note:** You must keep this tab open while reproducing the behavior. 4. Click the grey **Ø** cancel icon to clear out existing logs. 5. Check the box next to **Preserve log**. 6. If the red **Record** button (●) is gray, click it to start recording. It should turn red when active. 7. Reproduce the behavior. 8. Once you've finished, click the Export button to save the HAR file to your computer. Here is a Chrome screenshot of the options mentioned in the steps above: ![](https://downloads.intercomcdn.com/i/o/1171498780/973e387e200f4a739ed13d86/image.png?expires=1781611200&signature=c1be1936a673c09b03b3a593c129f93763a9b9822bb97067863dceb44e45ee39&req=dSEgF813lYZXWfMW3nq%2BgYy382DgEMzzpM%2FfbKLq4Bh7aa%2FBGKFnzzO4mwql%0AGf5jviTcZGBZRZzVqLL1ptG%2Brxs%3D%0A) ### Edge 1. Open Edge and go to the location in Tines where the behavior is occurring. 2. Navigate to the **. . .** button → **More tools** → **Developer tools**. Alternatively, you can use the keyboard shortcut: `Ctrl + Shift + I` for Windows; `Cmd + Option + I` for Mac. 3. In the pop-up panel, select the **ᯤ Network** tab. **Note:** You must keep this tab open while reproducing the behavior. 4. Click the grey **Ø** cancel icon to clear out existing logs. 5. Check the box next to **Preserve log**. 6. If the red **Record** button (●) is gray, click it to start recording. It should turn red when active. 7. Reproduce the behavior. 8. Once you've finished, click the **↓** **Export HAR file** icon to save the HAR file to your computer. Here is an Edge screenshot of the options mentioned in the steps above: ![](https://downloads.intercomcdn.com/i/o/1171500059/879c75e8ffe52982d47fb948/image.png?expires=1781611200&signature=287614f4484a2368756d3653a613fa7415a58cdb7a84ab8167e36fc6b1a27112&req=dSEgF8x%2BnYFaUPMW3nq%2BgV8HFfFrheEzU9meZU%2FKLtaZtSV9S0Hf8ScDtJiO%0AX7FkRrXGEXHD5l5TFvQWJ0A7FEc%3D%0A) ### Firefox 1. Open Firefox and go to the location in Tines where the behavior is occurring. 2. Navigate to the **☰** button → **More tools** → **Web Developer Tools**. Alternatively, you can use the keyboard shortcut: `Ctrl + Shift + I` for Windows; `Cmd + Option + I` for Mac. 3. In the pop-up panel, select the **Network** tab. **Note:** You must keep this tab open while reproducing the behavior. 4. Within this tab, click on the⚙️cog icon → **Persist Logs**. 5. Reproduce the behavior. 6. Once finished, navigate to the ⚙️cog icon → **Save All as HAR** to save the HAR file to your computer. Here is a Firefox screenshot of the options mentioned in the steps above: ![](https://downloads.intercomcdn.com/i/o/1171519484/b4b0f871f7f59b9aa470b010/image.png?expires=1781611200&signature=10ae60a45f22c188d113b41d184c81bf302d99e156c02666ad77d1a06ef7aaaa&req=dSEgF8x%2FlIVXXfMW3nq%2BgZ2Y9vsH%2FcL23st%2FjqbPKrY4FP6BhjhPEkph48LG%0AlgzLtlYiEKsXyqCJCp9XdSgoY%2Fo%3D%0A) ### Safari 1. Open Safari and go to the location in Tines where the behavior is occurring. 2. Navigate to the **Develop** menu. **Note:** If you don’t see the **Develop** menu, go to **Safari** → **Settings** → **Advanced**, then check the box next to “**Show Develop menu in menu bar**”. 3. Click **Show Web Inspector**. 4. Navigate to the **Network** tab. **Note:** You must keep this tab open while reproducing the behavior. 5. Click the **ᯤ** icon → **Preserve Log**. 6. Reproduce the behavior. 7. Once you've finished, click **Export** to save the HAR file to your computer. Here is a Safari screenshot of the options mentioned in the steps above: ![](https://downloads.intercomcdn.com/i/o/1171514947/7cc72b54aad1c10f087ca14a/screenshot_2024-09-06_at_2_57_11_pm.png?expires=1781611200&signature=986f9c1f223e98b07137872229cec69507764965f7a66e55c649b21fe292b35f&req=dSEgF8x%2FmYhbXvMW3nq%2BgZ5LJqjgzLJsOk9JU0A0Z4lOaOiqDCkBvlZOFuoq%0AonrLrGreidwOEKyZlg4KPfwTwhA%3D%0A) ## Review the results Once you've successfully generated a HAR file from your browser, you can upload it to your conversation with the Tines Support team to continue investigating issues. ## Get started with Agents AI Agents in Tines give you the power of AI within your story. To use the AI Agent action, you need to have access to [Workbench](https://explained.tines.com/en/articles/9822635-introduction-to-workbench) *and* have [AI-powered features enabled](https://explained.tines.com/en/articles/9396326-how-do-i-turn-on-or-off-the-ai-powered-features). > **Note:** Using the AI Agent action will use AI run-time credits. You can see your credits used to date by each team in the AI settings modal. Learn more about AI run-time credits [here](https://explained.tines.com/en/articles/9369092-ai-action-credits-executions). To start, select the AI Agent action and drag it onto your storyboard. From there, you have two modes to choose from in the right-hand panel: Task and Chat. 1. **Task** - Define and run a prompt within your story. Optionally, add tools to take action on your behalf. 2. **Chat** - Create your own AI chat interface for audiences inside your organization. This video looks at when you should use a Task, and when a Chat would be better suited to your story: [Watch video](https://fast.wistia.net/embed/iframe/bbu629rptr) ### Customizing your agent Like all actions, you can update the name and description in the right-hand panel. Additionally, the modes in the AI Agent action have specific configuration options: #### Task | **Setting** | **Description** | | --- | --- | | Prompt | The task the action should perform during this run, including any data it should use. | | Tools | Optional. If you want the agent to take action, you should give it access to tools. Click on the tool in the AI Agent action on the storyboard or within the panel to configure it. Agents can only use the tools you give it access to. | > Note: In task mode, the agent defaults to a cheaper AI model when no tools are added. Once a tool is added, it automatically switches to the smart model. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1583669713/1bebf9b588b50c577e62d8c6fc8e/CleanShot+2025-06-23+at+10_11_17%402x.png?expires=1781611200&signature=d08e3ec0744a5d0d2d6a38c1d0ea9b9eb127a70ee87e711aa6eb04fabed35af2&req=dSUvFc94lIZeWvMW3nq%2Bgb0XY7xbzx9114gko3DOBYl2WGf2dwmy1RONXuwC%0Ao6nzE5NOcJLA5mTWvN2SSBmPMbo%3D%0A) #### Chat | **Setting** | **Description** | | --- | --- | | System instructions | The guidelines, rules, and constraints the AI model should follow. The task will be pre-configured with this instruction, which you should customize depending on the goal you're looking to achieve: You are a focused, expert assistant. You are talking to a user and aiming to achieve the following goal: {goal}​ | | Initial message | The initial message to send to the user when the chat page is loaded. If this is left blank, the agent will create a message based on the instruction. | | URL identifier | Defines the URL this chat page will be available at. Be cautious: changes could break bookmarks. | | Tools | Optional. If you want the agent to take action, you should give it access to tools. Click on the tool in the AI Agent action on the storyboard or within the panel to configure it. Agents can only use the tools you give it access to. | Chats use some of the same [customization options as Pages](https://www.tines.com/docs/pages/branding-and-style/). You can customize these to change the look and feel of the page, as well as the user experience of the page that will be sent to and seen by users. | **Setting** | **Description** | | --- | --- | | Access control | Choose who should have access to this chat. You can choose between "Only team members" or "Members of this Tines tenant" | | Appearance | Select light mode or dark mode for the chat. | | Action color | This will be used to tint certain interactive elements like buttons. | | Logo | Enable this to upload a logo for your page. This will appear at the top of the chat page. | ![](https://downloads.intercomcdn.com/i/o/am0g137l/1583670036/7aa63f99c51cd63bce0ef84717a4/CleanShot+2025-06-23+at+10_11_34%402x.png?expires=1781611200&signature=2fe1fc88263f779319b3218168676bf6e1a512285d04acbdef6f4de989413623&req=dSUvFc95nYFcX%2FMW3nq%2BgQixcbGTyuLoAa9RXKOO%2Bqe7TjnW%2BEEcfJDM92Tb%0A9v%2BhDEDNfFprflMzWNw6riMlsUQ%3D%0A) > Chats can be connected to an upstream page on the storyboard. Use the “Move to next page” behavior to allow navigating to a page, submitting, and then navigating to a chat. If you want a user to start a conversation with the agent, click "Copy private link" to copy the page URL. You can then share this with your users. Chat links can also be sent automatically in a workflow to kick off the conversation proactively, for example by using the "Send email" action, or a messaging template like Slack. **Events** Under the events tab you'll be able to delete or re-emit events, as well as view the details of each event. At the bottom of the events tab, you can choose to view the data as a conversation or JSON event. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1583652012/b27214881a7cddc3970445478f16/Convo+Event.gif?expires=1781611200&signature=74f9141e1907e10ab505b7249906dc7c5fe39f178d2e6df60dacc602b1bab878&req=dSUvFc97n4FeW%2FMW3nq%2BgTXsHU1q9QL6Ct%2F8aNlO%2BwNmZC3jj9ED9tFpGM3e%0AFK1Bs%2FwPalk%2Fg3aBM526ZVt5Ghg%3D%0A) * * * ## Resources **AI Agent action FAQs** All your burning questions about agents answered [here](https://explained.tines.com/en/articles/11510164-ai-agents-faqs). **How should I configure and use agents?** Take a look at our best practices for using agents in Tines [here](https://explained.tines.com/en/articles/11644147-best-practices-for-the-ai-agent-action). **Where can I find additional resources on agents?** We've gathered some helpful Explained articles together [here](https://explained.tines.com/en/collections/9473753-ai-in-tines). ## Get started with page templates Our new options for prebuilt page templates mean building pages in Tines just got easier. Choose to start with a blank page or pick from one of the preconfigured templates that align with your use case. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1553430680/5f4616896b9429eda95980cc2117/CleanShot+2025-06-03+at+11_58_18.gif?expires=1781611200&signature=e49cb1f454ffa9dce781e9d1d35281db3491d3b4a74a2a267086b1651aa4ac04&req=dSUiFc19nYdXWfMW3nq%2BgYrxVuq4STpWiYOF1EdtHL36Imsjerz2shhzff9L%0ANaYMOQaycP9BdZOsBj6IfhQ4yYc%3D%0A) These templates are intended as a starting point. We recommend familiarizing yourself with the [various page elements](https://www.tines.com/docs/pages/list-of-page-elements/) to then enhance the pages to fit your specific needs. The table below depicts the different available templates to choose from: | **Template** | **Description** | | --- | --- | | Allowlist | A form that allows users to allow specific items, users, or entries. | | App / service request | An app for users to request access to apps and services. | | Basic form | A simple form with a selection of user inputs for submission. | | Blocklist | A form that allows users to block specific items, users, or entries. | | Bug / issue report | A form to report issues and bugs. | | Expense reimbursement | A form for an example of expense reimbursements. | | Hardware request | A form for requesting hardware. | | New employee form | An example form for new employee information. | | Product feedback form | An example form for feedback on your product. Here you’ll also find examples of conditions. | | Simple survey | Example of a survey form. | > **TIP:** If you’ve selected a template and want to change to another, return to your storyboard and delete it. You can then add a new page and select a new template. ## Getting answers to your Tines questions You can get answers to your Tines questions via our Community Slack, in-product chat, Tines Explained, Tines University, and email. > **When you contact support, please follow [these guidelines](https://explained.tines.com/en/articles/8399626-hints-and-tips-from-the-tines-support-team) for an effortless support experience.** ### Community Slack We have hundreds of experienced Tines builders in our community. We encourage all users to discuss their use cases and feature requests, share any jobs, and participate in our growing and vibrant Community! Click here to **[register](https://hq.tines.io/forms/6f8b122ccba3cb7e8e0d3531d1b70eb2)**. Once registered, you can contribute and find answers from other Tines users and our team members. ### In-product assistance and tines Explained You can access in-product help by clicking "Help and Support" and selecting "Chat with Support" on the bottom left of your screen. Click on "Help" to access **[Tines Explained.](https://explained.tines.com/en/)** You can also contact the Tines support team, who will reply via chat. ### Tines University The **[University](https://www.tines.com/hub)** is the primary resource for assistance with building in Tines, including information on self-hosting, action types, API, and formulas. Within the University, you can search across blogs, docs (including API), the library, and video lessons, and if necessary, **[create a case for the Tines Support team](https://www.tines.com/contact-support)**. ### Status page If an issue with Tines affects multiple cloud-hosted customers, details will be provided at **[https://status.tines.com](https://status.tines.com/)** regarding the status, resolution, and cause of the issue. ### Email support Once a case is created via the University, correspondence with the Tines Support team will be via email: **[support@tines.io](mailto:support@tines.io)** - You will receive an email acknowledgment with a case number. - To update the case and the Tines Support team, please reply via email. ### Tenant unavailable If you can't access your tenant, check [https://status.tines.com](https://status.tines.com) for updates. Click [here](https://www.tines.com/contact/?with-query=tenant-down) to request emergency support if you still need urgent assistance. **Important Note:** Abuse of this facility may result in suspending support services. This is available for paying customers of Tines only. ### Why Support? When working with support, you work with a team that mitigates a single point of failure. We operate across multiple channels and are available 8x5 or 24x5, depending on your support contract. We also provide a query number. Once there is a number, there is an owner for your query. Finally, we use your queries and our responses to enhance our training and technical content, which benefits all the users of Tines. ## Getting started with Tines Accelerate your intelligent workflow strategy with the Tines edition fit to your needs. Sign up to community edition to get started with Tines today. [Watch video](https://fast.wistia.net/embed/iframe/idz7p9tew3) > If you want to do more with Tines, **[talk to our team](https://www.tines.com/book-a-demo/)** to find a solution that works for you. You can learn more about our pricing and packaging **[here](https://explained.tines.com/en/articles/9620399-understanding-tines-pricing-and-packaging).** #### Community edition Our *forever free* Tines community edition is great for experimenting. You get: - Unlimited viewers - Unlimited parallel workflow runs - Unlimited integrations - Workflow essentials - Workflow controls - SSO - 1 builder - 3 flows - [All Tines AI features](https://explained.tines.com/en/articles/9398967-what-tines-ai-features-are-available-to-community-users)\* \*Community edition tenants cannot bring their own AI models to Tines. #### Limits Below are the limits on the number of **events** and **flows** you can have in your Tines tenant. **Events:** | **Edition** | **Event limits** | | --- | --- | | Community | 25,000 monthly | Learn more about events [here](https://explained.tines.com/en/articles/12688669-what-s-an-event-in-tines). **Flows:** | **Edition** | **Flow limits** | | --- | --- | | Community | 3 | Learn more about flows [here](https://explained.tines.com/en/articles/10860654-what-is-a-flow-in-tines). ## Getting support while using Tines As you use Tines, questions about how to get the most out of your workflows or how certain features work will naturally come up. [Watch video](https://fast.wistia.net/embed/iframe/4axkoa6u1k) Here are some of the ways you can get answers to these questions depending on what you're focused on. - [Community Slack](#h_cacdbe9bc2) - [In-product help](#h_70be10109c) - [Email support](#h_dfe81e1e7a) - [Customer Center](#h_4396f29532) - [Status page](#h_c6e77e21ee) ### Community Slack We have thousands of experienced Tines builders in our community. We encourage all users to discuss their use cases and feature requests, share any jobs, and participate in our growing and vibrant Community! Click here to **[register](https://hq.tines.io/forms/6f8b122ccba3cb7e8e0d3531d1b70eb2)**. Once registered, you can contribute and find answers from other Tines users, Community Champions, and team members. ### In-product help You can access in-product help by clicking the "Support" option on the top right of your screen in the storyboard. Depending on your current screen, it may be on a submenu or a top-level item. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1803205751/3092d259e0888fd251a78fdbeaa9/CleanShot+2025-10-29+at+16_49_55%402x.png?expires=1781611200&signature=b6c62b8bf77d03674278c873468eab562fb0dda3332c6f5e36c1013a6add6ca3&req=dSgnFct%2BmIZaWPMW3nq%2BgZKXAWmabYoravHuyRyebbCuQPTyZCn%2Bd5sl2uEg%0Anyg%2BRSO1cxvkIopqKCK4jdfxi%2Bk%3D%0A) This will open a window where you can view your previous conversations, search our knowledge base, and access AI and human support. ##### **Your Support Experience with Tines + Intercom Fin AI** Tines uses AI for all our conversational support channels to get the answers you need when needed. Our support system combines Tines' powerful automation with Intercom's Fin AI Agent to deliver: - **Instant Responses:** Receive immediate answers to common questions 24/7 - **Intelligent Issue Resolution:** AI-powered assistance that understands your specific needs - **Seamless Escalation:** Complex queries are automatically routed to the right human expert - **Continuous Improvement:** Our Knowledge and Education teams learn from every interaction to serve you better through improving our documentation If you need to speak to a technical support engineer while working with Fin, respond with "Talk to a Person", and the chat will be routed to a Tines support engineer. > **💡 Note:** If you require support that does not leverage AI, you can email [support@tines.io](mailto:support@tines.io) ### Email Support You can create a case via [support@tines.io](mailto:support@tines.io) - You will receive an email acknowledgment with a case number. - To update the case and the Tines Support team, please reply via email. ### Customer Center The **[customer center](https://www.tines.com/customer-center/)** is the primary resource for all things Tines. It includes links to webinars, events, Tines University, a knowledge base, and documentation. You can also contact support via the support pop-up at the bottom right of the screen. ### Status page If there is an issue with Tines that affects multiple cloud-hosted customers, details will be provided at [https://status.tines.com](https://status.tines.com) regarding the status, resolution, and cause of the issue. We recommend you subscribe to the status page to ensure awareness of issues that may affect your tenant. ## GitGuardian Authentication Guide GitGuardian is a global cybersecurity startup focusing on code security solutions for the DevOps generation. GitGuardian helps developers, cloud operation, security, and compliance professionals secure software development define, and enforce policies consistently and globally across all their systems. ## First, get a GitGuardian API token 1. Login to your GitGuardian account 2. Click "API" ​ ​ ![](https://downloads.intercomcdn.com/i/o/889120846/50a88dd96fb33b6cc5566937/image.png?expires=1781611200&signature=bcd422141145d2b1cf601c38c16c7daeb38b601b384cc09ce04ee050a897a6e0&req=fCguF8t%2BlYVZFb4V1XW4gR8h1rftWxQlJylB4%2BiWM4%2B45pm5XMM01np0i60R%0AKxz8oPkzODqLliZjlio5GLyOTA%3D%3D%0A) ​ 3. Click "Personal access tokens" and then click "+ Create token" ​ ​ ![](https://downloads.intercomcdn.com/i/o/889121710/1dc25fa2a282be64c7e78beb/image.png?expires=1781611200&signature=225cd3ef3122375a39fdb131907586c65bff0cf64751a61075641d746c27a647&req=fCguF8t%2FmoBfFb4V1XW4gXhH3zslCMhxhMwj6f58TTWwyVUT5BwTZJwAwrjA%0AAp7M1olmSk78IoG22bGeS8qC8A%3D%3D%0A) ​ 4. Name the token, choose an expiry period, select the required scopes, and then click "Create token" ​ ​ ![](https://downloads.intercomcdn.com/i/o/889122615/a5a0b19117f4d49a9cfea3b9/image.png?expires=1781611200&signature=1baaaec4632be055cc9892a8ea4e2b1b863efc78502b9e276d39b003e7c2b3c6&req=fCguF8t8m4BaFb4V1XW4gX9SAp6LaL9wNwadgVJPmV5qNGn90r2yGbVe7FKF%0A4f1fVCNA3biG792RIu9x86%2FWMg%3D%3D%0A) ​ 5. Copy your token to a text editor ​ ![](https://downloads.intercomcdn.com/i/o/889123646/4dc039eae42c6b2bd777ff1d/image.png?expires=1781611200&signature=d5fb1a5ae4b0c10baca7a77301801449718974e21a6305d867586ff49a928e52&req=fCguF8t9m4VZFb4V1XW4gf%2FklM9YydQcLo%2FiAjQQn%2BaxkYgCT%2B6%2F4k1R%2FFON%0AY6Onn6XtueaNvZnj8e77ZoCMHg%3D%3D%0A) ## Lastly, create a GitGuardian credential in Tines **GitGuardian connect flow:** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "GitGuardian" and follow the prompts to connect. > **Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/gitguardian).** > > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of GitGuardian** **stories in the [story library](https://www.tines.com/library?s=gitguardian&view=all)** ## GitHub Apps Authentication Guide **GitHub, Inc**. is an Internet hosting service for software development and version control using Git. It provides the distributed version control of Git plus access control, bug tracking, software feature requests, task management, continuous integration, and wikis for every project. To authenticate with a [GitHub Apps](https://docs.github.com/en/apps/overview) installation token, you will need the following: - "Client ID" of the GitHub App - Required to generate a JWT token to obtain an installation token. - "Private key" of the GitHub App - Required to generate a JWT token to obtain an installation token. ## Firstly, create a GitHub App in GitHub 1. Navigate to the GitHub Apps page: [https://github.com/settings/apps](https://github.com/settings/apps) 2. Click "New GitHub App" 3. Fill out "GitHub App name", "Homepage URL" and make a selection for where the GitHub App can be installed. 4. Click "Create GitHub App" 5. Click "General" ​ ![](https://downloads.intercomcdn.com/i/o/am0g137l/1208272426/0b0fc40930db57cd47e4f54d0ed5/image.png?expires=1781611200&signature=4d8491e769b760279c1aa1c9b3d1bcfe582653ba212801da213c10c95557e38e&req=dSInHst5n4VdX%2FMW3nq%2BgXvtdAmSxq1IvhgrJmFGP7SxO%2FbGJseFpl30vF%2Fm%0AgabEBrTsLOHNepW0YWROsScwIUg%3D%0A) 6. Copy your "Client ID" to a text editor ​ ![](https://downloads.intercomcdn.com/i/o/am0g137l/1208279490/88a0f0c39cee33243019c1b302b5/image.png?expires=1781611200&signature=6be8f13774606787d21f570a1bf1d4f5f0442e3b5644d72d8575dc1eb228f13e&req=dSInHst5lIVWWfMW3nq%2BgYbUYUotMrCbV1Nj1oI8p9kxQDSfKzIy01rlknhU%0AFk9rhu%2BeCbpwuzxZuAVYb0drF3w%3D%0A) 7. Click "Generate a private key" to download a private key ​ ![](https://downloads.intercomcdn.com/i/o/am0g137l/1208272901/ddddeb52623d04dc1fe74c688436/image.png?expires=1781611200&signature=fb8b2ae6286f8e41e8d75cad9aea4dedf9f9978b4f4ac02683f649f4fe9da86d&req=dSInHst5n4hfWPMW3nq%2Bgd7%2FZonmmMhIe9czsVamvWXc1G%2BZp41G5TK%2FqHfa%0AnckGawftI4OCK4KlcxXoann3RTQ%3D%0A) ​ 8. Click "Permissions & events" and select the relevant permissions 9. Click "Install App" and install it to the required account/organisation ## Next, create resources and credentials in Tines You will need to create the following: - Resources: "GitHub Org" / "GitHub Username", "GitHub Client ID" - Credentials: - Text type: "GitHub Private Key" - Multi Request type: "GitHub Installation Token" ##### Resources 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Resources" 3. Click "+ New" 4. Input the values for the GitHub resource - **Name:** GitHub Org / GitHub Username - **Description:** Optional - **Builder:** Your GitHub org/username 5. Click "Save resource" 6. Click "+ New" 7. Input the values for the GitHub resource - **Name:** GitHub Client ID - **Description:** Optional - **Builder:** Your GitHub App's client ID 8. Click "Save resource" ##### Credentials 1. Navigate to the team that will be using the API and click "Credentials" 2. Click "+ New" and select "Text" 3. Input the values for the GitHub credential - **Name:** GitHub Private Key - **Description:** Optional - **Value:** Your GitHub private key - Ensure that "Preserve newline characters" is selected 4. Click "Save" 5. Click "OK" to domain restriction warning. - Ensure that no domain is entered as the credential won't be able to be used in the Multi Request type credential. 6. Click "+ New" and select "Multi Request" 7. Input the values for the GitHub credential - **Name:** GitHub Installation Token - **Description:** Optional 8. Under **HTTP Request 1**, click "<> Edit as JSON" and paste the following JSON: ​ ``` { "url": "https://api.github.com/orgs/<>/installation", "content_type": "application_json", "method": "get", "headers": { "Authorization": "Bearer <>" }, "local": { "iat": "=NUMBER(DATE(\"60 seconds ago\",\"%s\"))", "exp": "=NUMBER(DATE(\"10 mins from now\", \"%s\"))", "iss": "=RESOURCE.github_client_id" }, "customize_output": "=SET_KEY(\n OUTPUT,\n \"jwt\",\n JWT_SIGN(\n OBJECT(\n \"iat\",\n NUMBER(DATE(\n \"60 seconds ago\",\n \"%s\"\n )),\n \"exp\",\n NUMBER(DATE(\n \"10 mins from now\",\n \"%s\"\n )),\n \"iss\",\n RESOURCE.github_client_id\n ),\n CREDENTIAL.github_private_key\n )\n)" } ``` - For an app installed in a user account, change the `url` to `https://api.github.com/users/<>/installation` 9. Click "Done" 10. Click "Save" 11. Under **HTTP Request 1**, click "Run request" and confirm that the request is successful 12. Under **HTTP Request 2**, click "<> Edit as JSON" and paste the following JSON: ​ ``` { "url": "<>", "content_type": "application_json", "method": "post", "payload": {}, "headers": { "Authorization": "Bearer <>" } } ``` 13. Click "Done" 14. Click "Save" 15. Under **HTTP Request 2**, click "Run request" and confirm that the request is successful and double click on the key named `token` in the response. 16. **Location of token from response:** Paste the value copied in the previous step, i.e. `github_installation_token.body.token` 17. Click "Save" ## Lastly, using the credential in an action When you make an API request, include the Multi Request type credential in the `Authorization` header after "Bearer" like: ``` Bearer <> ``` An example action to get the contents of a repo you can copy and paste onto your storyboard: ``` {"standardLibVersion":"62","actionRuntimeVersion":"14","agents":[{"disabled":false,"name":"Get repo contents","description":null,"options":"{\"url\":\"https://api.github.com/repos/<>/<>/contents\",\"content_type\":\"application_json\",\"method\":\"get\",\"headers\":{\"Authorization\":\"Bearer <>\"}}","position":{"x":5715,"y":300},"type":"httpRequest","timeSavedUnit":"minutes","timeSavedValue":0,"monitorAllEvents":false,"monitorFailures":false,"monitorNoEventsEmitted":null,"caseConfiguration":{"subStatus":null},"recordType":null,"recordWriters":[],"form":null,"createdFromTemplateGuid":null,"createdFromTemplateVersion":null,"originStoryIdentifier":"cloud:aa47f8215c6f30a0dcdb2a36a9f4168e:86b7576feeb7d3b547f14441bd59f25c"}],"links":[],"diagramNotes":[]} ``` > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of GitHub stories in the [story library](https://www.tines.com/library/?s=github&view=all)** ## GitHub Authentication Guide **GitHub, Inc**. is an Internet hosting service for software development and version control using Git. It provides the distributed version control of Git plus access control, bug tracking, software feature requests, task management, continuous integration, and wikis for every project. ## Firstly, create a credential in Tines, 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credential" 3. Click "+ New Credential" and select "OAuth 2.0" 4. Copy the "Callback URL" ​ ## Next, create a GitHub OAuth App 1. Navigate to [http://www.github.com/](http://www.github.com/) and sign in. If you don't have an existing account, click on "Sign up" 2. Click on your profile in the top right-hand corner and select "Settings" ​ ![](https://downloads.intercomcdn.com/i/o/772238877/e78eb6fb0da6168fcdd69540/image.png?expires=1781611200&signature=e3e57d564423935b2acb704fd7ad69b844f48a028d44526780c06a5368533e5e&req=cyclFMp2lYZYFb4V1XW4gaNC2%2BrvoOjB%2FCEOU%2BXqhAXrpL1jrYWDgw%2F59O1T%0A%2F%2BsAM7N14dLUNrxKqqMeFAC0DA%3D%3D%0A) 3. Click on "Developer Settings" at the bottom of the sidebar on the left-hand side. ​ ![](https://downloads.intercomcdn.com/i/o/772239248/ed396bd0c417ce5432055ec5/image.png?expires=1781611200&signature=7834bcbfbdbaf27e5286c079bbd5b4ce70d5e481cdfd777b35ab6739341f855d&req=cyclFMp3n4VXFb4V1XW4gQTMwmRzIGZAmFwpmFvG4OPAJcc8aHlO%2BkybR8tl%0AWE%2BVJR0mKRfDB7gd%2FWkHf%2BAvTw%3D%3D%0A) 4. Click on "OAuth Apps" and then "Register a new application" ​ ![](https://downloads.intercomcdn.com/i/o/772239651/1243306a7b1d4f2a303d1011/image.png?expires=1781611200&signature=e7239d66585f1904425fc89dfd80a4f27d6cbb6fafb6a8953dc8869a16fbb017&req=cyclFMp3m4ReFb4V1XW4gcugQ%2Bhzo2ZIgH0cvTs28buLCL%2FaEDWx9sK9xit2%0A%2BFmZbRDPLa10ExGFDR6jwBLpKw%3D%3D%0A) ​ 5. Fill out the application details, using the "Callback URL" copied from your Tines credential for "Authorization callback URL". Once completed, click "Register application" ​ ![](https://downloads.intercomcdn.com/i/o/772247292/e40a2292732f42a422460af6/image.png?expires=1781611200&signature=1152f1597c50a0b0e01872e61db6da89044a757687ab6206b096d2673d2b62c0&req=cyclFM15n4hdFb4V1XW4gZnUWikfHhWsdQ%2BhkIwXqp5oO%2BPMhxyn9QwE4Px1%0A7pm7qZUNZL38b9lTsMoezX6u7Q%3D%3D%0A) 6. Click "Generate a new client secret" and copy the secret generated, along with the "Client ID" ​ ![](https://downloads.intercomcdn.com/i/o/772242008/b1260851e7f2145e3fa8716e/image.png?expires=1781611200&signature=9e75a5c18e886efd7b7c729a49ebb655f9854c3df599c2efd627022fa49b07b5&req=cyclFM18nYFXFb4V1XW4gZscx%2FZDZ2MsXyT191TaOxaSIhODybUyKTGSOTpz%0A08WTX%2BuKDkdpv3izLwDKL%2FuE4g%3D%3D%0A) ​ 7. Click "Update the application" ## Lastly, continue creating the credential in Tines 1. Input the values for the GitHub credential 1. **Name:** Required 2. **Description:** Optional 3. **Client ID:** "Client ID" copied earlier 4. **Client secret:** "Client secret" copied earlier 5. **Scope:** repo user 6. **OAuth Provider:** Manual 7. **Grant type:** Authorization code 8. **OAuth authorization request URL:** `https://github.com/login/oauth/authorize` 9. **PKCE challenge method:** None 10. **OAuth token URL:** `https://github.com/login/oauth/access_token` 2. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains 2. **Access:** What other teams can also use the API 3. When you click "Save", you may be asked to "Authorize Tines" ​ ![](https://downloads.intercomcdn.com/i/o/772246422/1c31aacecab1aece42d1ee5a/image.png?expires=1781611200&signature=5e21dd6c0f6f2e110ef55ce47b0f8e5a97aff13a44481f5bd1b29934e09e2108&req=cyclFM14mYNdFb4V1XW4gapgdpD9l4nbNaJ6xibOcjT1gTpmX001xWer6ViA%0AgxAnYm5iyGX94jwSc9MHWhLOEg%3D%3D%0A) > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of GitHub stories in the [story library](https://www.tines.com/story-library?s=github)** ## Google Workspace Service Account Authentication Guide Google Workspace is a suite of cloud-based productivity and collaboration tools offered by Google, formerly known as G Suite. It includes applications such as Gmail, Google Drive, Google Docs, Google Sheets, Google Slides, Google Calendar, Google Meet, and more. A [Google service account](https://cloud.google.com/iam/docs/service-account-overview) is a special kind of account used by an application, rather than a person. You can use a service account to access data or perform actions by the robot account or to access data on behalf of Google Workspace users. For more information, see [understanding service accounts](https://cloud.google.com/iam/docs/understanding-service-accounts). This authentication guide will guide you through configuring a service account and corresponding Tines credential for Google Workspace. ### Create a Google credential in Tines There are 3 ways to create your Google credential in Tines: 1. ##### **Google Service Account connect flow (*recommended*)** This connect flow will guide you through the process of creating your service account and creating a Google credential for you. See [How to configure the service account in Google](#h_bf1d128925) for specifics on scopes and roles for your service account with Google workspace. 1. Navigate to the team that will be using the API and click **Credentials** 2. Click **\+ New Credential** and select **Google Service Account** and follow the prompts to connect. 2. ##### **Actions on the storyboard** If you will be impersonating other users at a rapid rate as part of your Tines workflow, it may be preferred to generate this credential as part of the workflow via actions on the storyboard. While you *can* update the user input in a credential, it may lead to race conditions if you have multiple requests to update the credential at a time. Hence, many users opt to create the token needed in each story run, avoiding race conditions. 1. Follow the steps to [configure a service account in Google](#h_bf1d128925) 2. Save the service account email as a resource in Tines: 1. Navigate to the team that will be using the API and click **Resources** 2. Click **\+ New resource**, name it `google_svc_account_email`, and paste the service account email into the builder of the resource, select **Save resource**. ![](https://downloads.intercomcdn.com/i/o/1008493650/4dbc98e4d6428d161ccf2542/resource.png?expires=1781611200&signature=afd3c1a9fd19a9c5af5277b4dc46dbd9bb78eb71d0b3ccf54ec7052ff1e565df&req=dSAnHs13nodaWfMW3nq%2BgYvKOgJpq32bhnDXMRLxkSO6cH6esLLvGVPiuZi%2B%0ASY3wHJxMKyW1x%2BJj8HzLYS4yjcc%3D%0A) 3. Save the private key generated as a text credential in Tines: 1. Navigate to the team that will be using the API and click **Credentials** 2. Click **\+ New credential**, and select **Text** 3. Name the credential `google_svc_key`, select **Preserve newline characters** and paste the private key from your generated JSON file into the value. This starts with `-----BEGIN PRIVATE KEY-----` and ends with `-----END PRIVATE KEY-----\n`, select **Save**. 1. Import [this story](https://www.tines.com/library/stories/1235478/generate-a-google-service-account-credential) to your tenant. This is a Send to Story that generates a token and sends that generated token back to the story that called it. There is a sample action in the storyboard showing how to call the story and then use the generated token in any downstream actions. You can use these sample actions to then generate this token in any of your workflows. 3. ##### **Manual credential creation** This method is not recommended as the [Google Service Account connect flow](#h_645b108864) creates this credential with much less complexity. However, if you need to create this credential set manually, see the following steps below: **Step 1: Create the JWT credential** 1. Follow the steps to [configure a service account in Google](#h_bf1d128925) 2. Click **\+ New credential**, and select **JWT** 3. Name the credential `google_svc_jwt_token` or a unique name of your preference 4. Select Algorithm RS256. 5. Understand the payload component of the JWT credential. The fields are described below: ![](https://downloads.intercomcdn.com/i/o/1008540376/b47b35a6897d2ba80ba79273/jwt.png?expires=1781611200&signature=f4ba7827f1f935cf89d1dd1fd476652574169be0c5ea6b60bee894d7af635b32&req=dSAnHsx6nYJYX%2FMW3nq%2BgQc1Mx3TH70BA3MVdenO5I8Y1%2FiCvywITHLd31yg%0AfMuuIaRtpH%2FB5bKvXhURBDY5khc%3D%0A) See a sample JWT payload for a Google service account: ``` { "iss": "761326798069-r5mljlln1rd4lrbhg75efgigp36m78j5@developer.gserviceaccount.com", "scope": "https://www.googleapis.com/auth/devstorage.read_only", "aud": "https://oauth2.googleapis.com/token", "exp": 1328554385, "iat": 1328550785 } ``` 6. Complete the JWT payload as follows: 1. `iss`: The email address of the service account. This is the `client_email` value in your private JSON key. 2. `sub`: The email address of an admin in your domain that has access to manage users and groups. The service account will impersonate this user when performing actions defined in your workflows. 3. `scope`: Space-separated list of the scopes authorized for your service account. ``` https://www.googleapis.com/auth/admin.directory.group https://www.googleapis.com/auth/admin.directory.user ``` 4. `aud`: Insert `https://oauth2.googleapis.com/token` 7. Select the **Auto generate ‘iat’ (Issued At) & ‘exp’ (Expiration Time) claims** checkbox. Tines will automatically add “iat” and “exp” claims to the payload according to when the credential is used. 8. Copy and paste the private key from your private key file into the Tines credential. This starts with `-----BEGIN PRIVATE KEY-----` and ends with `-----END PRIVATE KEY-----\n` 9. When complete, the credential page should look similar to the below: ![](https://downloads.intercomcdn.com/i/o/1008548637/0d4b73feb4e1e58b2179ff11/manual-jwt.png?expires=1781611200&signature=f3509e774a370c8e4f88ddb0bdc10e30e24b61f1d8fd46b69ec33f3c83fcc8c8&req=dSAnHsx6lYdcXvMW3nq%2BgbRJyP%2Fk0oBhrZjTRnB3TPliP4D8lytlmtRJ0PXH%0A%2BjFt0IIvQOfHmnL3wRjHRGoMZc0%3D%0A) **Step 2: Create the HTTP Request credential** Once the JWT credential is created, you will reference this credential within another HTTP request credential to get the access token needed for your API requests to Google to work. 1. Confirm you've completed **step 1: Create the JWT credential** 2. Click **\+ New credential**, and select **HTTP Request** 3. Name the credential `google` or a unique name of your preference 4. Scroll down and select the button `Edit as JSON` and copy the below payload in: ``` { "url": "https://oauth2.googleapis.com/token", "content_type": "form", "method": "post", "payload": { "grant_type": "urn:ietf:params:oauth:grant-type:jwt-bearer", "assertion": "=CREDENTIAL.google_svc_jwt_token" } } ``` 5. Select **Done** 6. In the `Domains` field, enter `*googleapis.com` to restrict this credential to only being used in requests to that domain. 7. You're not done yet! Select **Save** for the Credential to save and re-open. 8. Scroll down and select **Run request**. This will run the HTTP request and show the results in JSON. If you successfully configured your service account, JWT credential, and HTTP request credential correctly, you will see a 200 status returned. 9. Copy the path to the access token in the successfully run request and paste the value in the section `Location of token from response`. This will be referenced each time an action is run in your workflows that calls this credential. [Watch video](https://www.youtube.com/embed/r-pr4a98m5Y?rel=0) 10. Select **Save** 11. You will now reference this HTTP request credential within your requests to Google on the storyboard. Try the Google Admin Console action templates to test this credential in a story. You will note that the templates reference a key `CREDENTIAL.google` in the authorization headers. If you named your HTTP request credential something different, update this reference for it to run successfully. ### How to [configure the service account in Google](https://developers.google.com/workspace/guides/create-credentials#service-account) 1. Enable the relevant API library for your service account - Go to [API Library](https://console.cloud.google.com/apis/library) and select your relevant Google Cloud project in the top left corner. - Search for and enable the [Admin SDK API](https://console.cloud.google.com/apis/library/admin.googleapis.com). 2. Create a service account and a key - Go to [Service Accounts](https://console.cloud.google.com/iam-admin/serviceaccounts) in the Google Cloud Console and select a project if prompted - Select **Create service account** - Enter a name for the new account and select **Create and continue** - Select the `Service Directory Admin` role and select **Continue** and then **Done**. This role is used for demo purposes only and not required for production. You should use a role appropriate to your needs. ![](https://downloads.intercomcdn.com/i/o/754288978/2866fa34917ebfaabe99c42c/Screenshot+2023-06-01+at+13.30.51.png?expires=1781611200&signature=1ec0a25bb1bf5c41dffc5ab7b515196891a1a1ff009d21fa9fc3e870826af3ed&req=cyUjFMF2lIZXFb4V1XW4gc83phHXjQhuRtBmU%2FXYydoPDGAtMSauZj6ChxW3%0AbSW1Lr30l6e8ZgVs6yUz%2BLpVYw%3D%3D%0A) - Click to open the newly created service account and select **Keys** - Select **Add key** and **Create new key** - Select **JSON** and select **Create** - Your private key (JSON file) will begin downloading to your computer. **Keep this file safe; it contains secret information and cannot be downloaded again** 3. Determine the [scopes](https://developers.google.com/identity/protocols/oauth2/scopes) to assign to your service account. Scopes provide a way to limit the amount of access that is granted to an access token or application. For Google Workspace, you can consider the below scopes: - [https://www.googleapis.com/auth/admin.directory.group](https://www.googleapis.com/auth/admin.directory.group) - [https://www.googleapis.com/auth/admin.directory.user](https://www.googleapis.com/auth/admin.directory.user) - A full list of OAuth 2.0 Scopes for Google APIs is available here. 4. Authorize the service account For Tines to access user data in Google Workspace, a Google Workspace administrator needs to authorize the service account created in the prior steps, this is a process known as delegating domain-wide authority. - Go to [Domain wide delegation settings](https://admin.google.com/ac/owl/domainwidedelegation) - Select **Add new** - In the **Client ID** field, enter the client ID of your service account. This can be found under the `client_id` field in the private key file you downloaded and is typically a long number. ![](https://downloads.intercomcdn.com/i/o/754295710/6024d853a50ff1d10bdfaa73/Screenshot+2023-06-01+at+13.39.35.png?expires=1781611200&signature=fb066b477b0cde3700e3473d39d3afbcad3d96a28b693910d30388240d2fca25&req=cyUjFMB7moBfFb4V1XW4geyj185t58HddZPHGZfWQF1a8KbD7JJKwT0HqSgr%0A5R6sv1X05eGpUCEZ2uFS2k1wFg%3D%3D%0A) - In the OAuth scopes (comma-delimited) field enter: ``` https://www.googleapis.com/auth/admin.directory.group https://www.googleapis.com/auth/admin.directory.user ``` - Select **Authorize** > Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/google-service-account). > > For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines). > You can find a selection of Google stories in the Tines [story library.](https://www.tines.com/story-library?s=google&page=1) ## GreyNoise Authentication Guide **[GreyNoise](https://www.greynoise.io/)** captures data on IPs that scan the internet and saturate security tools with internet noise, so SOC teams can focus on threats that matter and ignore those that don’t. ### First, get a GreyNoise API key 1. Go to [https://www.greynoise.io/](https://www.greynoise.io/) and login with an existing account or sign-up for a new account 2. Click on your profile and select "My API Key" ​ ![](https://downloads.intercomcdn.com/i/o/834575186/33b0fe1ca7edf0739bee6711/image.png?expires=1781611200&signature=7b10c024ba53a3b2db8fd53f6d6fdb036a369a1a3243a28a96eedac6ec33cc59&req=fCMjE857nIlZFb4V1XW4gUp5AfDeMXQEBXdplLIlNoCR9k62EgkACZG6q1jv%0AwF4S0JUoR5N%2BS8JGWYYd49x%2BeA%3D%3D%0A) 3. Click "View API Key" to show the API key and copy it ​ ![](https://downloads.intercomcdn.com/i/o/834578496/2d7446b3deda225dd6b884fa/image.png?expires=1781611200&signature=88d728174927f33ce3fbd566bf31e8dc4807b465b232f48312f71d775e6d10e6&req=fCMjE852mYhZFb4V1XW4gU27CvgIIYCEqOKvnGxACayVdaMXBErGzLqs3cVj%0A5LiKo1ZB9KXISwuDVceHfJ43xA%3D%3D%0A) ​ ### Then, create a GreyNoise credential in Tines **GreyNoise connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "GreyNoise" and follow the prompts to connect. **Manual credential creation** This method is not recommended as the GreyNoise connect flow creates this credential with much less complexity. However, if you need to create this credential set manually, see the following steps below: 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credential" 3. Click "+ New Credential" and select "Text" 4. Input the values for the GreyNoise credential 1. **Name:** Required 2. **Description:** Optional 3. **Value:** API Key 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API 6. Click "Save" > **Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/greynoise).** > > **For more on creating credentials in Tines click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of GreyNoise stories in the [story library](https://www.tines.com/library?s=greynoise&view=all)** ​ ## Halo PSA/ITSM Authentication Guide HaloITSM is a flexible, all-inclusive ITSM (IT Service Management) solution. HaloITSM gives you the power to manage all IT support with powerful ITIL-aligned out-of-the-box functionality. You can streamline and report on specific processes such as change and problem management. Tailored to your exact requirements, you can align IT to your business needs in an all-inclusive, unlimited IT Service Desk solution. ### First, create a Halo PSA/ITSM application 1. Login to your Halo PSA tenant 2. Click on "Configuration" 3. Under "Advanced", click "Integrations" ​ ![](https://downloads.intercomcdn.com/i/o/832741761/5204b12e48aa6d1b904b59ab/image.png?expires=1781611200&signature=3eaba3f6b545a63b9988b0ebb4804d22fa32609d7f6ff095a9d1d8bd8a9dd1e4&req=fCMlEc1%2FmodeFb4V1XW4gV1VAMrNDkehdDqTafmIYCDeM10gj%2FYPfijxpOSj%0AiRFhjeYPObzRJJQBDeFDflTWXA%3D%3D%0A) ​ 4. Next, click "HaloPSA API" ​ ![](https://downloads.intercomcdn.com/i/o/832742514/aaa667655fdf074f02b3bf11/image.png?expires=1781611200&signature=d7923ffcde8361fd5da82b9a69d44abebc53c1ab7fb327a05a9c791576043b34&req=fCMlEc18mIBbFb4V1XW4gTBLtTF8DHVDBH%2FJ%2F8aEtid3Jue4ayG7ZhUBpE6g%0AJelKrOxVyFDtOXXi21wiQOZQ3g%3D%3D%0A) ​ 5. Copy the values for "Resource Server", "Authorisation Server" and "Tenant", and then click "View Applications" ​ ![](https://downloads.intercomcdn.com/i/o/833628702/8cbe59b8ac2cd5a3c94065fe/image.png?expires=1781611200&signature=b0a90279f129eba9836f1eb739ee6c7697eb0f5480ffa08c011d371edc749e3b&req=fCMkEMt2moFdFb4V1XW4gVmyHM55VC9yo2d4M35MhFoRedIza32P4rZp6Umq%0Anc3NJhQQoJV9p8q2ViwaMQ7g8A%3D%3D%0A) ​ 6. Click "New" to create a new application ​ ![](https://downloads.intercomcdn.com/i/o/833629368/5d59ed101c53c1e372801da6/image.png?expires=1781611200&signature=c1e400a1b0cefb762e2e14636c559d660e7fbcb85b0818d496a1949f77e06c22&req=fCMkEMt3nodXFb4V1XW4gT0QKqds8w%2Fi%2Bzvn8GTIhNzc8xnXEUfGPZzxB1cD%0Asj5v28tIvV%2Fzyg%2FJ2LnVUCgrlw%3D%3D%0A) ​ 7. Give the application a name, select "Username & Password" for the "Authentication Method" and then copy the "Client ID" ​ ![](https://downloads.intercomcdn.com/i/o/833630902/b7835f4bce8ad9652c02caa8/image.png?expires=1781611200&signature=6a1ab1ef53a5429ff0de28b0db366e7cf1739f9917d001ede79d8d8babd547de&req=fCMkEMp%2BlIFdFb4V1XW4gcpaVC1dwwircfn%2BCY0%2BMicGTZWx4NsItabhgYCL%0ADBzVLzk7FdoiLTIVzhji%2Bezn7g%3D%3D%0A) ​ 8. Next, click on the "Permissions" tab and choose the required privileges ​ ![](https://downloads.intercomcdn.com/i/o/833636645/22a5407a13788017f9006de4/image.png?expires=1781611200&signature=1a2c4064b055523825cc7dae51125c1e952bedd2c780b3587c03d40f6bdf4947&req=fCMkEMp4m4VaFb4V1XW4gYf0NQpxAzAsMh%2ByerxmpF4cKY2rPXNi9JFHYHav%0Ah6V%2F06yV8MOjZNyZ4vOBBmZYGQ%3D%3D%0A) ### Next, obtain a Refresh Token in Tines 1. Login to your Tines tenant 2. Create a new story 3. Copy the below action to your storyboard, replace the values and run the action 1. You will need to replace the following values: 1. `<>` with your "Authorisation Server" 2. `<>` with the your "Tenant" 3. `<>` with your "Client ID" 4. `<>` with your "Username" 5. `<>` with your "Password" ``` {"standardLibVersion":"35","actionRuntimeVersion":"4","agents":[{"disabled":false,"name":"Request to HALOPSA to Get Auth Token","description":null,"options":"{\"url\":\"https://\\\\<>/token?tenant=\\\\<>\",\"method\":\"post\",\"content_type\":\"form\",\"headers\":{\"accept\":\"application/json\"},\"payload\":{\"grant_type\":\"password\",\"client_id\":\"\\\\<>\",\"username\":\"\\\\<>\",\"password\":\"\\\\<>\",\"scope\":\"all\"}}","position":{"x":90,"y":735},"type":"httpRequest","timeSavedUnit":"minutes","timeSavedValue":0,"monitorAllEvents":false,"monitorFailures":false,"monitorNoEventsEmitted":null,"recordType":null,"recordWriters":[],"form":null,"cardIconName":null,"createdFromTemplateGuid":null,"createdFromTemplateVersion":null,"originStoryIdentifier":"cloud:536b51f8b592b6b269124bde91592b8d:bb39f16bb96afe7fca6079734f25f6e6"}],"links":[],"diagramNotes":[]} ``` 4. Copy the `refresh_token` value ![](https://downloads.intercomcdn.com/i/o/833649508/e2dd6cefb8b4030508a4abf2/image.png?expires=1781611200&signature=c094cacd809cfb0a86bf67cfe1f53e6a3ff533e698ff49a6ce944081a8d4e830&req=fCMkEM13mIFXFb4V1XW4gYohP9CL3Mf5bfmfaBn%2FbW7nGnQPApJXso1biM4%2F%0Ap%2FDapVSDMyA7h0mcL8S0Hx5q%2BQ%3D%3D%0A) ### Lastly, create a Halo PSA/ITSM credential in Tines 1. Navigate to the team that will be using the API and click "Credential" 2. Click "+ New Credential" and select "HTTP Request" 3. Input the values for the Halo PSA/ITSM credential - **Name:** halo - **Description:** Optional - **URL:** `https://<>/token?tenant=<>` - **Content Type:** Form - **Method:** post - **Payload:** Copy the below object and paste into the "Plain code" section, replacing: 1. `<>` with your "Client ID" 2. `<>` with your "Refresh Token" ​ ``` { "grant_type":"refresh_token", "client_id":"<>", "refresh_token":"<>" } ``` ​ - **Headers:** Click "+" and add the header `"accept":"application/json"` - Click "Run options" and make sure you get a successful response. - **Location of token from response:** Double-click the `access_token` key in the response and paste into the pill. It should read `halo.body.access_token` ​ ![](https://downloads.intercomcdn.com/i/o/833697028/c5a069e726d3bc49f9a2106f/image.png?expires=1781611200&signature=c326bcd0d70da405239eed4f8ecd3ef153690b1457852506edd8f499e3166707&req=fCMkEMB5nYNXFb4V1XW4gbFaylfoJgl6p06AuMHTUA9spHC8GzlVm%2FIqcC%2F9%0AME55sCRq8fJljnZtiPnfNpPglA%3D%3D%0A) ![](https://downloads.intercomcdn.com/i/o/833697367/5f7ddfa3fe9abe848eabbeb0/image.png?expires=1781611200&signature=e8121f3274b469fc516a0d4c06248232975d48f884582a00080b61a5b3742223&req=fCMkEMB5nodYFb4V1XW4gQlKnJhNdT8WdTMiVWPEoKWTXPyffH5%2BRgbUfJ6y%0ALX9xzF04CM96CIDzxgVrv3iq9A%3D%3D%0A) ​ 4. **Optional** - **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains - **Access:** What other teams can also use the API 5. Click "Save" Your credential should look like the following: ![](https://downloads.intercomcdn.com/i/o/833702357/8a5b86c9347f40383b4b7824/image.png?expires=1781611200&signature=7c9e6e80c8d8a6627bb6204ba1ae75673c01949f109a333eef27bdee97742125&req=fCMkEcl8noRYFb4V1XW4gfJA5v4w4JxtVfEUx0L0Z7OlPi9uYkHU87JimJ4B%0As7TZNgz9Z54HAjbkXw7%2Ban8iJA%3D%3D%0A) ![](https://downloads.intercomcdn.com/i/o/833702730/eb63ef1025d307229649570f/image.png?expires=1781611200&signature=63edc2399c8d95c24c9986ef5911fb8675fae32bc99b1d8d09483184662bd84e&req=fCMkEcl8moJfFb4V1XW4gRXIVsD0NSnofQ27yQ2JXrg3mRvW3dhqn7V3%2FEa2%0AmTWp1tGoWFrYUU7st8HLIZflKw%3D%3D%0A) ![](https://downloads.intercomcdn.com/i/o/833703338/3f83a7de246d30107c7c9d1c/image.png?expires=1781611200&signature=7eb2db7a3a144dec9e93d1c87737186b4c992ab9e116d0e5190f82dc35a4f6f8&req=fCMkEcl9noJXFb4V1XW4gWDLF7Sa01Cfm%2Bv1gaTKBHkU2lzmhGJaplQUwM7R%0A3NuuhJENjb1fWwMi7Wn3NlWpEA%3D%3D%0A) > **More on creating credentials in Tines [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can also find a selection of Halo PSA/ITSM stories in the [story library](https://www.tines.com/library?s=halo&view=all).** ### Using the credential in an action Below is an example Halo PSA/ITSM action you can copy and paste onto your storyboard in Tines. You will need to replace `YourResourceServer` with your "Resource Server" ``` {"standardLibVersion":"35","actionRuntimeVersion":"4","agents":[{"disabled":false,"name":"Get a list of Tickets","description":null,"options":"{\"url\":\"https//YourResourceServer/api/Tickets\",\"method\":\"get\",\"content_type\":\"json\",\"headers\":{\"Authorization\":\"Bearer <>\"}}","position":{"x":1980,"y":1305},"type":"httpRequest","timeSavedUnit":"minutes","timeSavedValue":0,"monitorAllEvents":false,"monitorFailures":false,"monitorNoEventsEmitted":null,"recordType":null,"recordWriters":[],"form":null,"cardIconName":null,"createdFromTemplateGuid":null,"createdFromTemplateVersion":null,"originStoryIdentifier":"cloud:536b51f8b592b6b269124bde91592b8d:bb39f16bb96afe7fca6079734f25f6e6"}],"links":[],"diagramNotes":[]} ``` ## Have I Been Pwned Authentication Guide HaveIBeenPwnd is free resource for anyone wanting to quickly assess if they may have been put at risk due to an online account of theirs being compromised or "pwned" in a data breach. ### First, get a HaveIBeenPwned API key 1. Login to/Signup to HaveIBeenPwned and purchase a key at [https://haveibeenpwned.com/API/Key](https://haveibeenpwned.com/API/Key). - Once you've purchased a key, it will be emailed to you ### Lastly, create a HaveIBeenPwnd credential in Tines 1. **Have I Been Pwned connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Have I Been Pwned" and follow the prompts to connect. > **Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/have-i-been-pwned).** > > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of HaveIBeenPwnd** **stories in the [story library](https://www.tines.com/library?s=haveibeenpwnd&view=all)** ## HiBob Authentication Guide HiBob built its HR management solution to help fast-growing companies attract, retain, and engage the modern workforce. ## First, get a HiBob access token 1. Login to your HiBob account at [https://app.hibob.com/login/](https://app.hibob.com/login/) 2. Click the username menu and select "API access" ​ ​ ![](https://downloads.intercomcdn.com/i/o/877828410/fcc955c9641479881409f7da/image.png?expires=1781611200&signature=23423116c2b617276526f58970ba4f5a28a3f3bd5ee0e509be00d2f6140c24b3&req=fCcgHst2mYBfFb4V1XW4gcvHeoL6Y9fQNfZRbZXw2PaEZyYub%2By%2F%2FPqbzGIb%0AoqUmo7gjWW%2FOCNp9QqiY5FsdXw%3D%3D%0A) ​ 3. Click "Generate token" ​ ​ ![](https://downloads.intercomcdn.com/i/o/877829935/3abfc81f58563dc83c7bb7a2/image.png?expires=1781611200&signature=9d1de9cc156bef6cc0360597e736326c55536f84a5fd391596592be9fffae6a1&req=fCcgHst3lIJaFb4V1XW4gZOo%2BH%2B9Z2xVbVu8ChhT1KhCPYZWx%2FS8RpKAqsFF%0AKpjQM1cMjEWAStrUL4y%2FR7IF9w%3D%3D%0A) ​ 4. Copy the token to a text editor, choose the required scopes, and click "Save" ​ ​ ![](https://downloads.intercomcdn.com/i/o/877830765/641c3bc419d2ded950c1cccf/image.png?expires=1781611200&signature=450779894f32000a0a652a08077a284271f578396b68839f5aa22494cd1941a3&req=fCcgHsp%2BmodaFb4V1XW4gdjY82DjpfyfEIEId3N2z19yT75RKQDI8Pn3%2FR8V%0Am3jTg2gAJTBUNr04NRsFHZSdCg%3D%3D%0A) ## Lastly, create a HiBob credential in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Text" 4. Input the values for the HiBob credential 1. **Name:** HiBob 2. **Description:** Optional 3. **Value:** Your access token 5. **Optional** 1. **URLs and Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. Example: https://api.hibob.com/v1/\* - This is not a clickable link but can be used in this section of the credential if applicable. 2. **User ID:** This can be saved in the credential under metadata 3. **Access:** What other teams can also use the API 6. Click "Save" > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of HiBob** **stories in the [story library](https://www.tines.com/library?s=hibob&view=all)** ## Hints and Tips from the Tines Support Team We recently asked our support team to share their tips and tricks for working in Tines, and here are their top ten hints! Not sure where to find these features? Here's a quick visual guide to the four key sections of the storyboard: ![](https://downloads.intercomcdn.com/i/o/am0g137l/2332310252/8749b7b04874c3832ad2b4b6d2ae/Storyboard+UI.png?expires=1781611200&signature=359f714d02cd57341f25d34d3c8cbd9f35e04ad11e9ef4cea5181d4b420fefca&req=diMkFMp%2FnYNaW%2FMW3nq%2BgWcOs9h2Amt63znAfOZaCBkuS0sCqh4FN%2Brv3PPN%0ALd6j7Dhh0fVJg7UyDcSEADISfVs%3D%0A) 1. Use CMD/Ctrl K to search for stories, actions, resources, credentials, users, or notes. You can also search for Webhooks on your story using the Webhook secret, name, or path. 2. You can copy curl commands and paste them into your storyboard by clicking into the blank space. 3. Use CMD/Ctrl C to copy an action and CMD/Ctrl V to paste the action on your storyboard or chat window. You can also use CMD/CTRL to highlight multiple actions for copy/paste. 4. Use CMD/Ctrl + e to open the event viewer. 5. Use CMD/Ctrl + / to quickly close and reopen all the panels (left, right, and event viewer). 6. Use Shift + click the Event pill to fully expand Event data (helpful when you have many Actions preceding so you don't need to expand all preceding Events in addition). ![](https://downloads.intercomcdn.com/i/o/936410199/4066f5a046643a2099b2cb39/Screenshot+2024-01-17+at+2.11.09+PM.png?expires=1781611200&signature=305ea287ea12ce6cf627e6193bdc1867aa070073e89e3c3a48b09c7b67881ab9&req=fSMhEsh%2BnIhWFb4V1XW4gXTNF6ME8XsjxTTrlMSWT%2F7%2B9jsHacfa%2FTa50tpv%0AadL0Ltvh4eqbTTKazdc1CUFM9A%3D%3D%0A) 7. Click into a blank space on your Storyboard and type ‘n’. This will add a [note](https://explained.tines.com/en/articles/7228541-how-to-create-a-note-in-tines). Once inside a note, type `/` to add toggle headings (H1, H2, or H3) — great for collapsing and expanding sections to keep your notes organized. 8. The names of your actions are important. Use meaningful names so the events they create are easy to find and use further downstream in your story. 9. Remember to configure [event retention](https://explained.tines.com/en/articles/7860183-how-long-does-tines-retain-event-and-log-data) in your story. 10. To access data in an event in an event, open the event and double-click the key to copy the path that leads to that value. You can then paste this into a pill in the action you need that value in 11. And finally...use templates! If you have an action you’re unsure how to create, go to the left of your Storyboard and click Templates. This will bring up all of our Action Templates. You can search for the tool or the API call you’re using, and we might have a template that you can then drag onto your Storyboard. Just add your credentials and information, then use it instead of building it yourself. (This can also be helpful if you’re having trouble formatting a call.) ## How are case IDs generated? Case IDs are sequential integers; unique within each team. When a new case is created, the next available number in the sequence for that team is assigned. For example, Team A has cases `1`, `2`, `3`. A user creates a new case in Team B, it gets `case_id: 4`. The same case ID cannot exist across multiple teams in the same tenant. > **Tines Tip**: Learn more about Tines cases [here](https://www.tines.com/docs/records-cases/cases/). ## How can I access audit logs in Tines? To access the audit logs, select settings from your menu and choose 'Audit logs' in the 'Monitoring' section. You may have to scroll through the settings options on the left. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1716961216/23aa73c15858861852e11e43a5cf/Audit+logs.png?expires=1781611200&signature=4b728c13eb633b5d84431cbe15932f5acdc1140556357a41dc01ec73441a6a7b&req=dScmEMB4nINeX%2FMW3nq%2BgRsJByciQr2CW%2BgWxpZF7Xkuv7CR7JOWKx2Rdudi%0AhsVb3s7j1ErU9cY2Nen2m2E0rg4%3D%0A) > **Important Note:** To access audit logs, you must be a tenant admin. Audit logs is part of the [Security Essentials](https://explained.tines.com/en/articles/9620399-understanding-tines-pricing-and-packaging) Tines package. ## How can I check my self-hosted Tines version? To check your version of self-hosted Tines, use https://yourtenanturl/version > **👉 For more details on self-hosted Tines including how to update [see here](https://www.tines.com/docs/self-hosting/before-you-begin).** ## How can I check my Tines self-hosted tenant's health? You can use the following to check the health of your tenant. This applies to both self-hosted and cloud Tines: [https://yourtenant.tines.com/health](https://yourtenant.tines.com/health) For self-hosted tenants, you can also check what data is being shared with TInes hourly by using the following: [https://yourtenant.tines.com/admin/telemetry](https://yourtenant.tines.com/admin/telemetry) > **To learn more about self-hosted Tines telemetry, [see here](https://www.tines.com/docs/self-hosting/telemetry)**. ## How can I edit or delete private templates in Tines? To access your private templates, click on your user menu → **Templates**: ![](https://downloads.intercomcdn.com/i/o/961081860/9434ca9c23cd5eb2a68421a2/Screenshot+2024-02-12+at+11.39.53+AM.png?expires=1781611200&signature=0d4440a877c39f58cb24b158d8cdbc166b90cc7734170ac4b207ae1dca4dc894&req=fSYmFsF%2FlYdfFb4V1XW4gbjg6eF%2FJ5pXqaTcZUWmXwtfhVlsUQWOJYyTLds%2F%0AJEeG9FEcTp39meIuD%2FfFI0vZAQ%3D%3D%0A) ## Edit Private Templates To edit a private template: Within the **Templates** menu, click on the template you wish to edit to open the **Edit Template** window: ![](https://downloads.intercomcdn.com/i/o/961086616/94ff53913d05436f19e4c3df/Screenshot+2024-02-12+at+11.44.35+AM.png?expires=1781611200&signature=951ec417c4d631869a8c2dc8ec787ed557bb6b6430febedc472da4d02c1aa365&req=fSYmFsF4m4BZFb4V1XW4gZAIjwNPtdWbkw4TW8wfENOXa3evROwfj%2Baoeoil%0AJ%2BGZyxBqA5TytJGskYRVPDNrTA%3D%3D%0A) ## Delete Private Templates To delete a private template: Within the **Templates menu**, click on the three-dot menu next to the template you wish to delete → **Delete**: ![](https://downloads.intercomcdn.com/i/o/961092189/873fa2affa88d0226cb8169c/Screenshot+2024-02-12+at+11.45.52+AM.png?expires=1781611200&signature=7894f5dc0415982a7f8393cee1ac3e870bdf447fe9971185cf9dfef5a003aaa3&req=fSYmFsB8nIlWFb4V1XW4geG67KgHbbr2uYcwBmLMPBU7%2FR8LlaLD9myv4bKI%0AXP1gDuphwP6C8mdyk2fIrBCSqg%3D%3D%0A) > **For more information on private templates, see [here](https://www.tines.com/docs/actions/templates/private-templates).** ## How can I get notified of new Tines features? There are two RSS feeds you can subscribe to, depending on your preference. 1. Important updates: 1. [https://www.tines.com/rss/tines-product-updates.xml](https://www.tines.com/rss/tines-product-updates.xml) 2. All product updates 1. [https://www.tines.com/rss/tines-product-updates-full.xml](https://www.tines.com/rss/tines-product-updates-full.xml) > **To view all the Tines feature updates, [see here](https://www.tines.com/whats-new).** ## How can I remove team members from a team? You can remove team members from a team by navigating to your Dashboard, clicking the three dots adjacent to your team name and then selecting "Members". Find the team member you want to remove, click on the member's team role adjacent to their name and then click the "Remove from team" button. ![](https://downloads.intercomcdn.com/i/o/953228700/f0ce18ebf521a5e9a963304c/image.png?expires=1781611200&signature=c5604f32f4b09dac044164eaf65820bd73d0933123a0fb06c9ea22162c491eef&req=fSUkFMt2moFfFb4V1XW4gRP8B%2BGlETU0UTyJS8Jve9A3wFpHNBsAhWbnSoUs%0A6gKGJqGmzbXshh8AQVWyyxVTig%3D%3D%0A) ![](https://downloads.intercomcdn.com/i/o/953230644/c8455d800c0bc7f6cb75caee/image.png?expires=1781611200&signature=6d91def73f843c03f9a6ad1dc8e4ee3ccfe728a5be208faffa463e013d8fe83a&req=fSUkFMp%2Bm4VbFb4V1XW4gV8nNgiPABcoh4K2x%2BRlRYGaGUPYAOR3Uh3Ds8zR%0AyYx2GJ20Ys9MmuM9MV3yyW4Jxg%3D%3D%0A) ## How can I schedule an action in Tines? You can schedule the following actions in Tines. - HTTP Request - Send Email - Event Transform - Send to Story **Important Note:** To use them to schedule your story, ensure the scheduled action is the first action in the story flow. To schedule an action, click the action and then "Status" and add the schedule as shown below. ![](https://downloads.intercomcdn.com/i/o/838118929/c599db81adf3d8777f1a839d/Screenshot+2023-09-25+at+10.47.46.png?expires=1781611200&signature=ad4caa09540c3dfd4b8ec452038012483ae57589b15f36473b2e9821cc9f89ca&req=fCMvF8h2lINWFb4V1XW4gdJVzlWp9oHfrYG1EhIH9nY%2BqKHRrTdanjo8HfIW%0AD6MzIsSgFa3jHcH4gvwNFIDn9w%3D%3D%0A) You can schedule the action by the minute, hour, day, week, month, or a cron expression. ![](https://downloads.intercomcdn.com/i/o/838120094/58ca07e829ce02eaec6e5dab/Screenshot+2023-09-25+at+10.52.51.png?expires=1781611200&signature=becbbbbed1f458c8d4e75f67f9289c6b245dd591562e750166f19054dbb72f98&req=fCMvF8t%2BnYhbFb4V1XW4gdJH8RdIwA6s1fTw4zaMr%2B6N6rU3Km0lmGvldRYU%0Awx%2F2m5g2%2BOZlIbk4YHvNabKEJw%3D%3D%0A) > **To learn more about using actions in stories, [see here](https://www.tines.com/docs/actions).** ## How can I switch between tenants in Tines? If you have multiple tenants, you can switch between them using the tenant switcher in your tenant admin menu in the top left. ![](https://downloads.intercomcdn.com/i/o/800345826/d05ff48efb49e0b425718357/9e8b1f2f-9499-4c12-8e45-822113b4b9c9.gif?expires=1781611200&signature=b2cc544468183ee9ea717712277c70a5b5c4c4009fc7f01ac83f5f4142913f5f&req=fCAnFc17lYNZFb4V1XW4gd%2FxGvwuVxgLMu3%2B2Y2jSaGMppbhU7f8t2OUQ4m3%0A7OvMAmnn2h8eUXtU504QdCmWqQ%3D%3D%0A) ## How can I track my published and unpublished stories? Stories that are stored in "Your drafts" are not published. All stories that are published to a team are published. You can also [Tag](https://www.tines.com/whats-new/story-tags) your published stories. ![](https://downloads.intercomcdn.com/i/o/783884166/9cf052eb2b6e27c3ba861f43/Screenshot+2023-07-12+at+20.39.51.png?expires=1740915000&signature=ac73f435100ab729bdea4221908a8e7445604c50ba5b6a6a36353b6dafd0bbc1&req=cygkHsF6nIdZFb4f3HP0gNmraMqdOj6MGA7GW%2BxYGtT2m6hSkd4CHSV5tQ5X%0Aux0%3D%0A) ## How can I troubleshoot my credential metadata in Tines? ### **Overview** When using a template or HTTP request action in Tines, you may encounter errors or null values if the credential is not properly configured. This occurs when actions attempt to reference credential data (such as INPUT.credential\_name.info.metadata or CREDENTIAL.service) but cannot access it because the credential is either missing, incorrectly linked, or inaccessible in your current workspace. This guide will help you identify the cause and configure your credentials correctly. ### **Cause and solution** ### **Cause one: Credential not linked to the action** When you import a template from the Tines story library or add a template action to your story, the credential may not be automatically linked. This results in null values when the action tries to reference credential metadata using the INPUT key (e.g., INPUT.jira\_software\_credential.info.metadata.username) or when referencing the credential by CREDENTIAL.jira. **Common error responses:** - **Null values returned for INPUT.credential\_name.info.metadata references** - **"Credential not found" errors** - **Authentication failures (401/403 HTTP errors)** - **Actions failing to execute due to missing authentication** 🟢 **Solution**: 1. **Open the action in the Tines action editor** 2. **Look for the credential field in the action configuration** 3. **Click New connection or use the credential selector dropdown** 4. **For templates with built-in connect flows: Follow the guided connection process to authenticate** 5. **For HTTP request actions: Select an existing credential or create a new one** Once properly linked, the credential metadata will populate correctly and the action will authenticate successfully. ### **Cause two: Credential exists in a different workspace** Credentials in Tines are workspace-specific. If you created a credential in a Team space, it will not be available when working in your Personal space (and vice versa). This is a common issue when users switch between workspaces or collaborate across teams. **How to identify this issue:** - **You can see the credential listed in one workspace but not in another** - **The credential dropdown appears empty when configuring an action** - **You receive "credential not found" errors despite knowing the credential exists** 🟢 **Solution**: 1. **Verify which workspace you're currently in (check the team dropdown in the top left corner)** 2. **Navigate to the Credentials page for your current workspace** 3. **Check if the credential exists in this workspace** 4. **If the credential is in a different workspace, you have two options:** - **Option A: Switch to the workspace where the credential exists and work on your story there** - **Option B: Create or share the credential in your current workspace:** - **If you have access to the original credential, you can share it across teams (requires Team Admin permissions)** - **Otherwise, recreate the credential in your current workspace** 1. **Link the credential to your action following the steps in Cause One** ### **Troubleshooting checklist** ☑️ **Check credential linkage**: Open each action and verify a credential is selected in the credential field ☑️ **Verify workspace**: Confirm you're working in the correct Team or Personal space where your credentials exist ☑️ **Test credential access**: Navigate to the Credentials page and confirm you can see and access the credential ☑️ **Review credential metadata**: For templates, ensure any required metadata fields (like domain, username, etc.) are properly configured in the credential ☑️ **Check credential sharing settings**: If working across teams, verify the credential's Access settings allow sharing with your current team ☑️ **Replace credentials story-wide**: If multiple actions need the same credential update, use the story-wide credential replacement feature: - **For templates: Click on the credential field, select the current credential, then choose "Replace in story" to update all instances at once** - **For HTTP request actions: You can replace credentials at the story level, but you may need to manually update any CREDENTIAL formula references in headers, parameters, or body fields** ### **Need further assistance?** If you continue to experience issues after following this guide, please open a support case with the following information: - **Story name and action name(s) experiencing the issue** - **Credential type (e.g., OAuth, HTTP Request, Text, JWT)** - **Workspace context: Which Team or Personal space you're working in** - **Error messages: Screenshots or exact text of any error messages received** - **Action configuration: Screenshots of the action's credential field and any relevant configuration** - **Expected behavior: What you're trying to accomplish with the credential** - **Steps taken: Which troubleshooting steps you've already attempted** ## How do I add a tenant owner in Tines? **Important Note:** A Tenant owner is required to create another tenant owner. If the existing tenant owner is unavailable, [contact](https://www.tines.com/getting-answers-to-your-tines-questions) us—we’re here to help. Select the menu at the top left. ![](https://downloads.intercomcdn.com/i/o/1159498558/bcf4be62134f779c51e00b6d/Screenshot+2024-08-27+at+09_42_04.png?expires=1781611200&signature=77ae56dfa07c4e08e6792b80b97d7a08e3acdae204e8a2f29be54ed2a50252b9&req=dSEiH813lYRaUfMW3nq%2BgU%2FCQmxPc3cXSn8ka9%2FUOQU2DLX0TDxlG%2FOG%2Byof%0Aet37s4rf%2Fj%2FGg0JgBGDnIl8ijb4%3D%0A) Select "Users" and double-click on the user you wish to make an owner. Toggle the "Tenant Owner" button as needed. ![](https://downloads.intercomcdn.com/i/o/1159501580/d74c0e1dfaa0159b981b0a09/Screenshot+2024-08-27+at+09_44_52.png?expires=1781611200&signature=bbc618a97f559bb15a6e76c3c6b21c3b8a353e058727a43eab73c670e7e759e2&req=dSEiH8x%2BnIRXWfMW3nq%2BgZrqA0Ihv6SMRO2Uz4vWhdc8QQkvOAbfmXmbCbYm%0A%2BhD%2B9eDwAhg%2BzT6BVc2yOCcQeVI%3D%0A) ## How do I back up my Tines stories? You can export your stories from Tines, which will be stored in a JSON format. For more information on exporting stories, [see here](https://explained.tines.com/en/articles/7228646-how-to-export-stories-and-actions-in-tines). You can also use the Tines API to export stories. For more information on exporting stories using the TInes API, [see here](https://www.tines.com/api/stories/export). Here are some stories that can be used to back up, export, and import Tines stories. - [Backup Tines stories to Github](https://www.tines.com/story-library/87728/backup-tines-stories-to-github) - [Save Tines story in AWS S3](https://www.tines.com/story-library/87683/save-tines-story-in-aws-s3) - [Import Tines story from AWS S3](https://www.tines.com/story-library/87682/import-tines-story-from-aws-s3) ## How do I disable SSO on my self-hosted deployment of Tines? If you are encountering an issue with your SSO on your self-hosted deployment of Tines and cannot access your tenant, please contact [support](https://www.tines.com/contact#support) to raise a priority request. > **👉 To learn more about SSO, see [here](https://www.tines.com/docs/admin/single-sign-on).** ## How do I make a user an admin in Tines? To make a user an admin, select the three dots next to your team name on your Tines homepage. Next, select the user and their current role, and you will be presented with the option to make the user either an admin, editor, or viewer. ![](https://downloads.intercomcdn.com/i/o/730837296/aea764f5758032bb8723dcf7/Screenshot+2023-04-28+at+16.19.27.png?expires=1781611200&signature=a9d28c6537355e7e9e995490a4e9f0fd412404959ed91ab10320fa4b185d5129&req=cyMnHsp5n4hZFb4V1XW4gbeUpM7Z13y464TGR6LPlMJDUA5%2BCbu2MR6deH6f%0A7u5oajc7TfnwfpO%2FGkBd5o9f0A%3D%3D%0A) > **👉 For a more detailed description of teams and roles [see here](https://explained.tines.com/en/articles/6883947-using-teams-in-tines).** ## How do I report a vulnerability to Tines? We do not have a bug bounty program with compensation in place. However, we do have a vulnerability disclosure program via BugCrowd. Vulnerabilities can be submitted to the program directly here: [https://www.tines.com/security#reporting-security-vulnerabilities](https://www.tines.com/security#reporting-security-vulnerabilities). Please let us know if you have any issues with the report, please email security@tines.com ## How do I report possible security vulnerabilities to Tines? Please follow the link provided below and follow the instructions in the submission form. This will be routed directly to our security and compliance teams. [https://www.tines.com/security#reporting-security-vulnerabilities](https://www.tines.com/security#reporting-security-vulnerabilities) ## How do I request the deletion of my Tines tenant and data? To request deletion of your Tines held data, just complete [this form](https://www.tines.com/gdpr-request). Please provide the tenant URL. > **Note:** Only the tenant owner can request a tenant to be deleted. ## How do I schedule my story? Only stories published to a team can be scheduled. To publish a story, move the story from your drafts to one of your teams. To schedule a story, click on the first action and click "Status". The schedule option will be available as shown below. ![](https://downloads.intercomcdn.com/i/o/730608536/793d3b4717d6f4bbdecc22e5/Screenshot+2023-04-28+at+11.59.17.png?expires=1781611200&signature=247325abd660f059e5f94f725cb64f7a915def10296c80504e3bbfdd284a5546&req=cyMnEMl2mIJZFb4V1XW4gQd8jr6GfJ00%2BjF%2B7qLT0hwKvtS4x09Ry0nGgTCj%0AUNivS1QOC4cuwuia2dakbGvZlA%3D%3D%0A) **Important Note:** Actions inside a [group](https://www.tines.com/docs/stories/groups) cannot be scheduled. Groups can be scheduled to run. ## How do I switch between Light and Dark modes? To switch display modes in Tines, click on your name on the top left of the screen, and select "Light Mode" or "Night Mode". ![](https://downloads.intercomcdn.com/i/o/729758612/5842a06eb2596f40571f317d/Screenshot+2023-04-27+at+11.33.16.png?expires=1781611200&signature=2b50efce3a86786c67a8709c3290937c23833abff5f6c1b7660a24b85e34c077&req=cyIuEcx2m4BdFb4V1XW4gan6t4OewFtzZ5bTo42LJzp3vyceWFjLQfO7nO8N%0AgeX9ssBOAwSyRzEr0F2kl3nusA%3D%3D%0A) ## How do I turn on or off the AI-powered features? We believe the AI-powered features are extremely powerful in improving your overall efficiency as builders and problem solvers. While we hold firm on that belief, we also understand that your company might have policies or processes for opting into AI features. To allow for this, the tenant owner can turn off or on the AI-powered features tenant-wide. They can also allocate AI Agent action credits to different teams in their tenant to manage their usage. ### Turn on or off Follow these steps to turn on all AI-powered features: 1. Go to the **Settings** drop-down in the top left of your screen. 2. Choose AI Settings. 3. Check the box to turn AI on; uncheck it to turn AI off. [Watch video](https://www.youtube.com/embed/GaS_bvNI7QQ?rel=0) #### Automatic mode in the Event Transform action Automatic mode in the Event Transform action is available to all plans and does not require credits or team allocation. After turning it on, it's available to all teams in your tenant. ### Distributing credits for the AI Agent action The AI Agent action requires you to distribute credits in addition to turning the feature on. To allocate credits to one or multiple teams, follow these steps: 1. Go to the AI settings screen 2. Check the box next to the team(s) who should have credits 3. Specify the credit volume for each team 4. Click 'Save distributions' [Learn more about AI Agent action monthly credits here](https://explained.tines.com/en/articles/9369092-how-ai-usage-and-ai-credits-work-in-tines). ## How do I update my license key on my Tines self-hosted install? Important Note: Only a tenant [owner](https://explained.tines.com/en/articles/6885158-user-administration-in-tines) can set the license on your tenant. 1. Visit [https://your-tenant-url/admin/license](https://your-tenant-url/admin/license) ![](https://downloads.intercomcdn.com/i/o/744379861/86025d516fc22e112e9ed6d4/10d75402-aa5e-473e-b546-2cd6564f8444?expires=1781611200&signature=a8db663a6d1399773f991616839119e4c1b527936723585d7258200441c2e362&req=cyQjFc53lYdeFb4V1XW4gXs5OXI4DnzvXHZ5A7cRBYKhB5veTjvNkaS46rvB%0Aq6e7iGQWmsJgrsNi2tXKLn33Ug%3D%3D%0A) 2. Paste in your license key provided by TInes and click “Validate License” ![](https://downloads.intercomcdn.com/i/o/744380051/526403cd9dac34ba7fa9bf4d/96152aaf-1860-48aa-9cce-56ed6c259708?expires=1781611200&signature=b4c73b20478bd092ab3808461cd27c610b8b541095120be6aeb104d3a59e6516&req=cyQjFcF%2BnYReFb4V1XW4gQNZ9BUVZpwpuPk6V9qcuE3vmg12Lp6NRVoMEKjd%0A45Qi%2FEJoc9CfoOu2IBti8OnLLw%3D%3D%0A) 3\. Ensure that all details on the validation page are correct. Correct values match the features and limits you purchased. Please ensure that the license is being applied to the right Tines environment. ​ 4\. Click “Save New License” to save the license and apply your tenant features. ![](https://downloads.intercomcdn.com/i/o/744380316/fe1e0c2452601f0e87411684/16b23677-34dc-4b93-9806-b074b56d198e?expires=1781611200&signature=49a38433ea7d5b7eaa793b38b0b29e4cd77acf2cf87a799aa3db3aa1db03ad26&req=cyQjFcF%2BnoBZFb4V1XW4gZ1pGCVaLSudGd1XA1%2BwIAgy2M3YXVP%2FrJQUQqFh%0AKHZUyaD1teYvQHQkYjYjr4eK5A%3D%3D%0A) ## How do I use time saved reporting? Time saved can be configured at both the [action](https://www.tines.com/docs/actions/reporting) and the [story](https://www.tines.com/docs/stories/time-saved) level. **Important Note:** Time saved can only be used for stories published to a team. ## How long does Tines retain event and log data? By default, Tines retains event and log data for seven days. **Depending on your Tines subscription**, you can configure how long event and log data are stored in Tines. Open your story, and on the right panel, select the desired option from "Keep events and logs." ![](https://downloads.intercomcdn.com/i/o/733849449/d0ed06e0cb53f8bbbf596df6/Screenshot+2023-05-03+at+15.22.50.png?expires=1781611200&signature=51d1c5df8ce6344e384da71f422159f9fedefe99d24c8b2cf2af6df3ce6d840a&req=cyMkHs13mYVWFb4V1XW4gf%2BnS59TvZLcKXkUK%2FVKmBrdcgikaeS1KQBaZGaL%0ARnmeTvpJC0c7OOM57t%2FB%2FmO0%2Fg%3D%3D%0A) Then select how long you would like to store the data for: ![](https://downloads.intercomcdn.com/i/o/733850060/764c351716299d0c52555b09/Screenshot+2023-05-03+at+15.23.13.png?expires=1781611200&signature=17ca8f34825e1d485ec78544f84809bcd4f7aa8581b431855a2cab72ef0303de&req=cyMkHsx%2BnYdfFb4V1XW4gUoARRtH0yGZWgvxh6aWAH7gKIHoNcgXV9ydfvDl%0A1TB7H%2BAFGLEUWExWab76CyxvZQ%3D%3D%0A) ## How to access Workbench Workbench is a Tines-powered AI chat interface that empowers builders like you to take action and interact with your proprietary data in real-time. Use this breakdown to understand which version of Workbench is right for your team. To learn more about Workbench, [check out this article](https://explained.tines.com/en/articles/9822635-introduction-to-workbench). Workbench availability is tied to your AI-powered features. If you’ve [opted into these features](https://explained.tines.com/en/articles/9396326-how-do-i-turn-on-or-off-the-ai-powered-features), there are two ways for you to access Workbench: - Free: 20 daily messages; available to tenant admins only - Paid: up to 100 Workbench users, unlimited messaging, and fully featured version - Paid includes a full-access trial opportunity as described below ### Workbench for all All tenant admins can see Workbench on their tenant, even community edition tenants. They can freely interact with Workbench for up to 20 daily messages tenant-wide. ##### **Chat history** Chat history is stored for different periods between the community and paid editions. See details below: | Community edition | 1 day | | --- | --- | | Paid editions | 7 days | ### Workbench add-on To get the most value out of Workbench, you can purchase the full version of Workbench. This add-on includes: - Access for **all users** in the tenant - Chat history retained for up to 2 years - Unlimited tenant-wide messages per day #### Workbench full access trial We offer a 21-day full-access trial to paid edition tenants. This is a great way to try it out in a full-access trial opportunity. ##### **How to get started** Any tenant admin can opt into the Workbench trial directly within their tenant or via [this form](https://hq.tines.io/pages/workbench_trial/). Once you complete it, your Tines account team will reach out to kick things off. Throughout the trial period, your dedicated Tines team will be available to support any questions directly or through the in-app messenger. Once the trial ends, all non-admin users will lose access to chat with Workbench unless you’ve purchased the add-on. ### Making the case for Workbench Not a tenant admin, but think Workbench is right for you? Reach out to your tenant admin to request the trial for your organization. If you need some quick points to make the case, consider these: - Increase operational efficiency - Improve the interoperability of your tech stack - Mitigate risk faster - Maintain compliance better We recommend sharing links to our [AI in Tines security and privacy article](https://explained.tines.com/en/articles/9369078-security-privacy-for-ai-in-tines) alongside those bullets to pre-empt related questions. ## How to add stories for Workbench In this video, we'll learn how we can add a story to be accessible by Workbench. [Watch video](https://www.youtube.com/embed/Kj-e3CLjngM?rel=0) ## How to build APIs You can create powerful workflows by connecting tools and processes together - all without any code at all. ## Build an API You can do this following the familiar process of building a workflow in Tines. 1. Enable send to story on your workflow. 2. Choose the option to “return data from the exit action as a HTTP response.” 3. That's it. **Here are some examples to help you get started:** - **[Create an IP enrichment API](https://www.tines.com/library/stories/1173034/?name=create-an-ip-enrichment-api)** - **[Create and manage todos](https://www.tines.com/story-library/1158535/create-a-todo-list-api)** - **[Manage credits for ChatGPT](https://www.tines.com/library/stories/1170948/?name=manage-user-access-to-chatgpt)** - **[Redirect requests based on browser platform](https://www.tines.com/story-library/1168201/redirect-requests-based-on-browser-platform)** ### **We made our own free APIs for you to use** We often get feature requests for easy access to utilities like WHOIS inside Tines. Now, rather than needing to find homes in the product for requests like this, we can build APIs that Tines tenants can easily connect to – without any manual authentication. Here are four examples" 1. Fetch WHOIS information 2. Generate a screenshot for a URL or HTML 3. Find domains for an IP (a.k.a., reverse IP) 4. Find IP Addresses for a domain > Learn more the Tines API toolkit [right here](https://www.tines.com/blog/introducing-the-tines-toolkit) 👈 Lastly, let us know what APIs you'd like us to build next. We'd love to hear from you. ## How does Tines handle API retries? With the HTTP request action, you can use the "Retry on status" or the "Retries" options available for the action. Select the HTTP request action and click "+ Option" to set these. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2306192310/0980a60471cbff8931fb695f65ac/retries.gif?expires=1781611200&signature=ceb303dd15bd5ce219a14b4cb7233b8009066a833c8952ea62843375842cf80e&req=diMnEMh3n4JeWfMW3nq%2Bged7Pl3Lces%2FAWppJrPh6JaYmnC%2F%2FBNLyRuV3nzA%0AZQjppp5yf%2BANGv5mEfI0zl%2B%2BmmI%3D%0A) This lets you choose how many times to perform a retry on the HTTP request action if it fails the first time. Leverage the "retry on status" to determine what status codes it should attempt a retry - like 429. 429 is the status code for a service being busy. When "retry on status" is enabled, Tines will silently attempt a retry up to 25 times, but this figure of 25 can be reduced using the "retries" field. ## API keys automatic expiration Tines API keys do not have an auto expiration. > **To learn more about creating a Tines API key, [see here](http://tines%20api%20keys%20do%20not%20have%20an%20auto%20expiration./).** ## How to chat with Workbench In the below video, we'll take a look at how we can interact with Workbench. [Watch video](https://www.youtube.com/embed/lx2XeedEcCk?rel=0) ## How to configure an HTTP request in Tines This article will guide you through configuring an HTTP request action, detailing the three main components and walking through an example of retrieving cat pictures using an API. ## Key components of an HTTP request There are three main components to be aware of when configuring an http request: - **URL endpoint**: This is the service you are reaching out to, essentially asking that service to perform some kind of task. - **Method**: This determines the specific action you want the service to perform. - `POST` is used to ask the service to do something on your behalf, such as asking slack to send a message. - `GET` is used for retrieving information, such as getting all of the slack channels in an environment. - `PATCH`: Is used to send data to perform a partial update on existing data, such as updating only a user's phone number in a directory. - `PUT`: Is used to send data to replace an entire existing data record, such as replacing all the details of a contact record in a service. - `DELETE`: Is used to remove data, such as permanently deleting a specific message from a chat service or a user account. - **Payload**: This includes any additional criteria on how you make the request, such as specifying that you want the first 10 users in a slack channel, or all the users. ## Example: Retrieving cat pictures To demonstrate a simple configuration, we will reach out to a service to get random cat pictures. Here is a video of this example with the steps involved below: [Watch video](https://www.youtube.com/embed/L-cvjnzpFII?rel=0) ### Steps involved - **Rename the action**: Rename the http request action to "get cat picks". - **Configure the URL endpoint**: - Go to [developers.thecatapi.com](http://developers.thecatapi.com) - Under the quick start section, copy the text for getting a random image: [`https://api/thecatapi/v1/images/search`](https://api/thecatapi/v1/images/search) - Paste this text into the URL field. - **Set the method**: Since the request is trying to get information, switch the method to `GET`. - **Remove the payload**: Delete the payload since it is not needed for this request. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2244528680/701042c0f5be576c81490715600b/4cd52b75-e9aa-4cea-ba52-719b7cbea8ae?expires=1781611200&signature=f8b68d24d822c064258aa05bb2bf23bd18c134eb6741ece3b4e6e596d774918b&req=diIjEsx8lYdXWfMW3nq%2BgZtQLsgsw1clX%2FYlaKdyJc5v8KVHkqhxQBgCxD00%0APR0sXyY4iFXcuF0MPJZexEAY5xU%3D%0A) - **Run the request**: Hit run to execute the configuration. - **View the result**: - Once the run is successful, locate the "get cat picks" action in the events section. - Expand the three dots, then expand the three dots for "body," and then expand the three dots once more. - The result will provide an id, a URL, a width, and a height. - Copy the URL and open it to view the cat picture. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2244531307/6dc8091063f61e39fd9598fa8f01/cat+pics+example.gif?expires=1781611200&signature=2af4d290564ec133cd2066fbe9d9a3fcd22b7b3ea25fd1a1009b0279b1be3704&req=diIjEsx9nIJfXvMW3nq%2BgQME5effTJdwo%2Fan2OizYRhnJCOc9xESk2NI587Q%0A9%2BbCBYRdMqIX2TJuvEdM8vKASu0%3D%0A) This example shows how simple it can be to configure your first http request. > Note that as requests become more complicated (e.g., requesting the service to delete. > **👉 For a more detailed description of HTTP requests** [see here](https://www.tines.com/docs/actions/types/http-request). ## How to connect SaaS Tines to your on-premise resources ## Overview Not every system your team needs to automate lives in the cloud. Whether it's an on-prem active directory server, an internal ticketing system, or a legacy API behind a firewall, the reality for most organizations is a hybrid landscape. The good news: you don't need to self-host Tines to reach those resources. A handful of lightweight containers, deployed in your network, bridge the gap. ## The building blocks These three container types cover every on-prem connectivity scenario: - Tines Tunnel - Tines Command Runner (TCR) - Command-over-HTTP (CoHTTP) ### Tines Tunnel This enables HTTP Request actions to reach private services. No inbound firewall rules required. You only need to deploy a single container inside your network. #### Best used for Tines tunnel is best used for connecting to on-prem HTTP APIs such as Jira Server, GitLab or internal REST services. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2230422292/85c4d0e52f39db049e08df121dcc/image.png?expires=1781611200&signature=1cad590bc6cd0a8ffeb45923390333685c2cb7a1aad98b0b740c120d249052f6&req=diIkFs18n4NWW%2FMW3nq%2Bgf6KUCPx65%2BYcWcxO8jdWTo%2FxU1082NuOnOnpAb6%0Azq9DlmO2miu4dBy6bPl0skgCki0%3D%0A) #### Key benefits Tines Tunnel is a secure, outbound-only connection from your network to Tines via Cloudflare Tunnels. It is secure as there is no need for a VPN and there aren’t any exposed ports. #### Minimum requirements 1 vCPU, 1 GB RAM. For HA, run a second instance on a separate host with the same secret. > Read this article on [deploying and using the Tines Tunnel](https://explained.tines.com/en/articles/6883952-deploying-and-using-the-tines-tunnel). ### Tines Command Runner (TCR) TCR powers the Run Script action on your infrastructure. It runs Python with access to packages like \`requests\`, \`pandas\`, \`cryptography\`, and \`boto3\`. Adding libraries is straightforward, just point TCR at a public or local PyPI server and install what you need. #### Best used for Use TCR for complex transforms, custom enrichment, SDK integrations, or anything that goes beyond Tines formulas. You can also combine TCR with the Tines tunnel: the tunnel handles HTTP Request actions to internal services; TCR handles Run Script actions. #### Key benefits TCR executes Python in isolated, per-team sandboxes with 60+ pre-installed packages. It pairs with an optional local PyPI server for air-gapped environments. #### Minimum requirements 2 CPUs, 2 GB RAM recommended. Optional \`pypi-server\` for local package caching. ### Command-over-HTTP (CoHTTP) Executes Python, Bash, and PowerShell on your private network. Built for systems without HTTP interfaces, with native Kerberos authentication for Active Directory and Exchange. #### Best used for Automating active directory user management, Exchange mailbox provisioning, or domain controller queries. In your workflow, target \`[https://command-over-http/run](https://command-over-http/run)\` with a JSON payload specifying the executor and script, and select a tunnel on the action to route the request into your network. > **Note**: CoHTTP's library set is fixed — if you need custom Python dependencies, TCR is the better fit. #### Key benefit CoHTTP is purpose-built for systems without HTTP APIs. CoHTTP accepts script payloads and executes them using Python, Bash, or PowerShell — with Kerberos authentication out of the box. #### Minimum requirements 1 vCPU, 1 GB RAM. ### The deployment matrix The following matrix summarizes each of the 3 building blocks listed above. | Pattern | Containers | Best for | Key benefit | | --- | --- | --- | --- | | Tunnel | Tines tunnel | On-prem HTTP APIs (Jira Server, GitLab, internal REST services) | Secure, zero-inbound connectivity | | TCR | \`tines-command-runner\` + \`pypi-server\` | Python scripting (data transforms, enrichment, custom logic) | 60+ packages; isolated per-team execution | | CoHTTP | command-over-http | Active Directory, Exchange, PowerShell/Bash | Native Kerberos auth; no HTTP interface needed | Use these links to learn more about the optimal way to connect Tines to your on-premise resources: - [Tines Tunnel](https://www.tines.com/docs/admin/tunnel/) - [Command-over-HTTP](https://www.tines.com/docs/admin/command-over-http/) - [Run Script / TCR](https://www.tines.com/docs/self-hosting/additional-applications/run-script-for-self-hosted/) - [Deployment options overview](https://www.tines.com/blog/understanding-your-tines-deployment-options/) ## How to connect ServiceNow to Tines Webhooks Integrating ServiceNow with Tines allows you to automate workflows by sending real-time event data from your ServiceNow instance directly into your Tines stories. This article will guide you through the process of setting up ServiceNow webhooks using outbound requests. For more information on creating webhooks, read our docs [here](https://www.tines.com/docs/actions/types/webhook/). ## Create a webhook in Tines Within a Tines story, drag a webhook action onto the canvas. Name and copy the webhook URL for later. Read this article for best practice on [configuring your webhook names and paths](https://explained.tines.com/en/articles/14048386-webhook-best-practice-configuring-names-and-paths). ## Create a REST message in ServiceNow Open your ServiceNow instance <>. Open the “All” tab and navigate to “System Web Services” > “Outbound” > “REST Message” ![](https://downloads.intercomcdn.com/i/o/am0g137l/2192606929/9f1eed53545e80d05ea91aa549e3/d69c937f-4b2c-484a-b29c-39765f190e29?expires=1781611200&signature=8890872d154e6724b6f76edbce9707b122f10461e9d9ab1dbd65803b1fcca180&req=diEuFM9%2Bm4hdUPMW3nq%2BgSdKrvAnhtH9W4OZMwU0WuOfuV7JFE0LNiV1wgah%0AbMWWOLiaVjRZZ08MKt8OgmWin%2BM%3D%0A) Select “New” to create a new REST Message. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2192608149/3342f038f635f7178f8c10256304/036b940a-0fbe-45e1-8c33-b7d941de5e98?expires=1781611200&signature=7a66424d9054807a7dc5dc4923338152ba4d18e933cf3f2c33942f003d8d8f39&req=diEuFM9%2BlYBbUPMW3nq%2BgdfUZNFu83fJohdSEXAytOnx9cMUxMZecavmqxtO%0AZ3yUCqS3q4oVprfPlGbQoTbT%2BFw%3D%0A) Name the REST message and paste in the Tines webhook URL from earlier. When finished, select “Submit”. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2192608148/1fe5c545156b352046584eec2ccd/8c83b79f-ef04-4f2c-be98-17f02989c930?expires=1781611200&signature=74a29bdf3f80796b02ce8de8537b2da4e71d6f62cd36f1d418e26556e2a7e68d&req=diEuFM9%2BlYBbUfMW3nq%2BgabSZXruzB9KVxpnLgCsdHGYFdKFLRmyzXmjHChY%0ASo0Lhl3g%2BnpjhovS8QAN266le7Q%3D%0A) ## Create a HTTP method From the list of REST message names, select the one you just created. Scroll to the bottom and navigate to the HTTP methods section. There will be one default method already created called “Default GET”. > Note: Delete this HTTP method Create a new method for PUSH requests. Select “New”. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2192612685/b238ffcfab37647085bae52ffa34/265315b7-b9d7-465b-bdd6-b6c12503927a?expires=1781611200&signature=1da724f589fc39c6754743e4eebb1d220b4d605cf8a60ffef7ee7848b43c80b4&req=diEuFM9%2Fn4dXXPMW3nq%2BgQNlJKzDNHBZi%2Be0PohefUhn5FepuI3YuUb8NATY%0AYx9SJFTxeZovw73e9LdPXmiamrw%3D%0A) Name the new HTTP method something like “Post to Tines Webhook” and set the HTTP method to POST. Set the endpoint to the URL from your Tines webhook and click “Submit”. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2192612686/8b0d56e4d5c13fbbb0874f3c375f/e9c0eb0c-f837-4bc3-b4d8-4d051780e168?expires=1781611200&signature=9b862ac17adc50ac2a6c3152bac1be2e28299ee40294321d4c4acd8fbb25407b&req=diEuFM9%2Fn4dXX%2FMW3nq%2BgRSTzXO%2BpjVE7rA%2F5LwILAdOeUWH%2BfRb%2FsmO%2BYoV%0AsoAp3xgGxAXSm3fOoLzypQfl5fE%3D%0A) On the HTTP Request tab, note the Content of the HTTP Query Parameters section. This is where you can specify the fields that you want to be sent over to the webhook. The following would be used for the incident table in ServiceNow, but you can customize based on your needs. Select “Submit” when finished. ``` { "parent": "${current.parent}", "made_sla": "${current.made_sla}", "caused_by": "${current.caused_by}", "watch_list": "${current.watch_list}", "upon_reject": "${current.upon_reject}", "sys_updated_on": "${current.sys_updated_on}", "child_incidents": "${current.child_incidents}", "hold_reason": "${current.hold_reason}", "origin_table": "${current.origin_table}", "task_effective_number": "${current.task_effective_number}", "approval_history": "${current.approval_history}", "number": "${current.number}", "resolved_by": "${current.resolved_by}", "sys_updated_by": "${current.sys_updated_by}", "opened_by": "${current.opened_by}", "user_input": "${current.user_input}", "sys_created_on": "${current.sys_created_on}", "sys_domain": "${current.sys_domain}", "state": "${current.state}", "route_reason": "${current.route_reason}", "sys_created_by": "${current.sys_created_by}", "knowledge": "${current.knowledge}", "order": "${current.order}", "calendar_stc": "${current.calendar_stc}", "closed_at": "${current.closed_at}", "cmdb_ci": "${current.cmdb_ci}", "delivery_plan": "${current.delivery_plan}", "contract": "${current.contract}", "impact": "${current.impact}", "active": "${current.active}", "work_notes_list": "${current.work_notes_list}", "business_service": "${current.business_service}", "business_impact": "${current.business_impact}", "priority": "${current.priority}", "sys_domain_path": "${current.sys_domain_path}", "rfc": "${current.rfc}", "time_worked": "${current.time_worked}", "expected_start": "${current.expected_start}", "opened_at": "${current.opened_at}", "business_duration": "${current.business_duration}", "group_list": "${current.group_list}", "work_end": "${current.work_end}", "caller_id": "${current.caller_id}", "reopened_time": "${current.reopened_time}", "resolved_at": "${current.resolved_at}", "approval_set": "${current.approval_set}", "subcategory": "${current.subcategory}", "work_notes": "${current.work_notes}", "universal_request": "${current.universal_request}", "short_description": "${current.short_description}", "close_code": "${current.close_code}", "correlation_display": "${current.correlation_display}", "delivery_task": "${current.delivery_task}", "work_start": "${current.work_start}", "assignment_group": "${current.assignment_group}", "additional_assignee_list": "${current.additional_assignee_list}", "business_stc": "${current.business_stc}", "cause": "${current.cause}", "description": "${current.description}", "origin_id": "${current.origin_id}", "calendar_duration": "${current.calendar_duration}", "close_notes": "${current.close_notes}", "notify": "${current.notify}", "service_offering": "${current.service_offering}", "sys_class_name": "${current.sys_class_name}", "closed_by": "${current.closed_by}", "follow_up": "${current.follow_up}", "parent_incident": "${current.parent_incident}", "sys_id": "${current.sys_id}", "contact_type": "${current.contact_type}", "reopened_by": "${current.reopened_by}", "incident_state": "${current.incident_state}", "urgency": "${current.urgency}", "problem_id": "${current.problem_id}", "company": "${current.company}", "reassignment_count": "${current.reassignment_count}", "activity_due": "${current.activity_due}", "assigned_to": "${current.assigned_to}", "severity": "${current.severity}", "comments": "${current.comments}", "approval": "${current.approval}", "sla_due": "${current.sla_due}", "comments_and_work_notes": "${current.comments_and_work_notes}", "due_date": "${current.due_date}", "sys_mod_count": "${current.sys_mod_count}", "reopen_count": "${current.reopen_count}", "sys_tags": "${current.sys_tags}", "escalation": "${current.escalation}", "upon_approval": "${current.upon_approval}", "correlation_id": "${current.correlation_id}", "location": "${current.location}", "category": "${current.category}" } ``` ## Create a business rule in ServiceNow. A business rule gives the REST message the context you want sent over to Tines. In your ServiceNow instance, open the “All” tab and navigate to “System Web Services” > “System Definition” > “Business Rules”. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2192621664/ee1734a9f6b499ef118bff2364fe/28188dae-e5df-4d22-8a05-561fc0928cd3?expires=1781611200&signature=43b48352bef24695daa7b6eecac0dd49c588945fdd5aaca4bc39fe06ea763b22&req=diEuFM98nIdZXfMW3nq%2BgW28UdfaPZI6adshTXO5LDUjS9GVNqgR%2BpsYU%2FY%2B%0AdgrCHHqQgbL12kUPSGNLK0EF51M%3D%0A) Select “New”. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2192622958/f0648496819439d2fd367b5a17cb/afa7143d-c86f-40e5-b501-c3c6e38df682?expires=1781611200&signature=405298052ef9aa5e5f253b8825b85c8b447931654192b400e3f21c89e0584693&req=diEuFM98n4haUfMW3nq%2BgbxuezQNKlZ%2FqtxHHorkMw8IE8ic7Qr58qhYAubi%0Aby2RotUnDSSjdJkT4pVSbI1%2BW6g%3D%0A) Name the business rule something relevant to the data you will be sending to Tines and select the table from within ServiceNow that your data will be coming from. In this example, we have “Tines Webhook” and “Incident \[incident\]” respectively. Toggle on the “Advanced” check-box. ​ ![](https://downloads.intercomcdn.com/i/o/am0g137l/2192623285/f4a42842090f1a9f2bef0896f0c7/d5e24e85-3813-4345-b9e2-949a9a5737d6?expires=1781611200&signature=b38b9ab4a12ee29e48b2caebbdd96fe40584b579b4afc4c3cc064010ba191c91&req=diEuFM98noNXXPMW3nq%2BgQzYpPj8h6OU%2BGMESslJxhxjTanxrzDIJW4Owje4%0AUH1JTj%2BKjz0RA4tk%2Bi%2BrO1j%2FIVg%3D%0A) The next steps depend on when you want the Tines webhook to receive data. Depending on your use case you may wish for the business rule to run when there is an ‘Insert’ or ‘Update’ to the underlying data. You may also want to specify filter conditions under which the business rule should run. In this example, we specified ‘Insert’ only. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2192627129/391268f6f250ec6e58e68a93cab9/604bb522-5a2a-41c9-b1e0-505f8140c356?expires=1781611200&signature=fa038ff6139fcbe2a91eee18e28a9b12d93c32aacdfc149e701cfe6b9207ecfe&req=diEuFM98moBdUPMW3nq%2BgZISm7FO%2Bu%2FS8puEsoIVQ5G2ejrpY5v4jnJvMCdB%0A5mHSXi06IiBR458DSLrftPVWtpU%3D%0A) In the Advanced tab, you can also include a script. Paste in the following or something similar to use the fields that you’ve specified in your REST message. > Note: If using this script, make sure to modify the Tines webhook URL with the URL from the one you created earlier. Select “Submit”. ``` (function executeRule(current, previous /*null when async*/) { try { // Create the payload to send to Tines var payload = { }; // Add relevant record fields to the payload payload.number = current.number.toString(); payload.sys_id = current.sys_id.toString(); payload.short_description = current.short_description.toString(); payload.description = current.description.toString(); payload.priority = current.priority.toString(); payload.state = current.state.toString(); payload.assigned_to = current.assigned_to.toString(); // Convert the payload to JSON var jsonString = JSON.stringify(payload); // Set up the REST message to Tines webhook var restMessage = new sn_ws.RESTMessageV2(); // Replace with your actual Tines webhook URL restMessage.setEndpoint(""); restMessage.setHttpMethod("POST"); // Set headers restMessage.setRequestHeader("Content-Type", "application/json"); // Optional: Add authentication if required by your Tines webhook // restMessage.setBasicAuth("username", "password"); // OR // restMessage.setRequestHeader("Authorization", "Bearer your-token-here"); // Set the request body restMessage.setRequestBody(jsonString); // Execute the request var response = restMessage.execute(); // Log the response var responseBody = response.getBody(); var statusCode = response.getStatusCode(); gs.log("Tines webhook response status: " + statusCode, "Tines Integration"); gs.log("Tines webhook response body: " + responseBody, "Tines Integration"); } catch (ex) { gs.log("Error sending data to Tines webhook: " + ex.message, "Tines Integration"); } })(current, previous); ``` ## Verify the connection works. In this case, I used the Incident table in ServiceNow and to test I created a new record and after submitting, viewed the data populated in the Tines webhook. From there, continue building out the rest of your story! ![](https://downloads.intercomcdn.com/i/o/am0g137l/2192633330/b6b6d627697d436c1aa66b3ff77e/edce3e88-83c1-426e-a512-ecd67a09ffe0?expires=1781611200&signature=d320161cc86472a28251ebeaa3b50bb9e16b2dfec222f904a45df4d148540b31&req=diEuFM99noJcWfMW3nq%2BgWuzrD6yWKOm%2F5MVu6i8X3v327iUIr9xFdCvYmuK%0AQjv%2BDQIq8zV62b6piouGywBmSYY%3D%0A) ## How to create a case in Tines [Watch video](https://www.youtube.com/embed/i_Idcr_x79A?rel=0) For more, [read our introduction to cases doc here](https://explained.tines.com/en/articles/7971194-introduction-to-cases). ## How to edit a record template in Tines The below video demonstrates how to edit a record template in Tines. [Watch video](https://www.youtube.com/embed/3U6uUsMffFs?rel=0) ## How to enable Tines single sign-on (SSO) via SAML with Okta ## Overview Tines supports SSO so that your users can sign into your Tines tenant with their existing account via your external identity provider. In this article, we cover how to specifically set up non-JIT SSO between Tines and the popular identity provider, Okta. > **Note:** SSO only enables users to sign in, not sign up. Users must have existing accounts in the Tines tenant beforehand to gain access or [just-in-time provisioning](https://www.tines.com/docs/admin/user-administration/jit/) must be enabled. ## Tines references Before getting started, we recommend familiarizing yourself with the surrounding functionality this article covers: - [Tines - Single sign-on](https://www.tines.com/docs/admin/single-sign-on/) - [Okta - Create SAML app integrations](https://help.okta.com/en-us/content/topics/apps/apps_app_integration_wizard_saml.htm) > **Tip:** We recommend performing this configuration in one browser window and testing it in a separate private window or a different browser. With this, if there's any issue in configuration, an active session to Tines will still be available to fix errors or rollback changes. ## Make it happen ### Create an Okta application for Tines > **Tip:** Do not use the Tines app within Okta's **App Catalog**. You will need to create a custom app in Okta following the steps below. 1. Sign into your Okta environment as an administrator. 2. Navigate to the **Applications** menu → **Applications** → **Create App Integration**: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1384178608/59f4567f4eb11124216777d0ba00/image.png?expires=1781611200&signature=0dd0b9b017a245ba6463511d1922f4e9eb9d7f75e86e4595d3b8efd1ed6deec2&req=dSMvEsh5lYdfUfMW3nq%2Bgfdwjd5T8Vc67B1cuRMoNLE1AcNIym1Tb0y6xtoV%0AzpLdoLZ66PB5zjuy%2FPLodmWft4s%3D%0A) 3. In the **Create a new app integration** pop-up window that appears, select **SAML 2.0**, then **Next**: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1384182980/992217c2609f92140baddacdd189/image.png?expires=1781611200&signature=cb28176d0f28c537e9394a4a61b07435da331efa732f015e0d8fced3badc2184&req=dSMvEsh2n4hXWfMW3nq%2BgQ%2FNn1f4DOKc4wtmG%2Brc1uGnKqpZDSfjqytXG3Kl%0ACUeu4beUqFsv9KMIjWWX4s4XirM%3D%0A) 4. In the **General Settings** step, enter "Tines" (or something else meaningful) as the **App name**. Optionally, you can also add the [Tines icon](https://explained.tines.com/en/articles/10570669-where-can-i-download-tines-logo) as the **App logo.** Then, click **Next**: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1384190230/fc5b7f119add562b56ef5003fad5/image.png?expires=1781611200&signature=909a8546cf74da91909caa76fba615ea0276628cc261c5e331ad07609037060f&req=dSMvEsh3nYNcWfMW3nq%2BgbuLf2ZK%2B5WMchN%2FxCUpkNapOhSnOTbMva3oSXzq%0A%2FL8Qg9os%2FjFh%2FXUkpZqTE6QwyoU%3D%0A) 5. In the **Configure SAML** step, set the following parameters; the remaining fields can be left blank or default (see screenshot below for an example): 1. **Single sign-on URL**: `https:///users/saml/auth` (leave the **Use this for Recipient URL and Destination URL** option checked) 2. **Audience URI (SP Entity ID)**: `https:///users/saml/metadata` 3. **Name ID format**: `EmailAddress` 4. **Application username**: `Email` ![](https://downloads.intercomcdn.com/i/o/am0g137l/1384216577/a36037593e8e2361d8748114b896/image.png?expires=1781611200&signature=f6461ecee4563a9cbb728b37055b7d28e9b25ab4d8f82d53a6325500dfcf5d4c&req=dSMvEst%2Fm4RYXvMW3nq%2Bgad7KMq01UoJNK9Gnrg0nswliMgTEpWvhINcPICW%0Ak%2FUgLlsIBvWrfhedhqLc1PaF74o%3D%0A) 6. Optionally, you can click the **Preview the SAML Assertion** option to confirm the information you've entered is correct. Otherwise, scroll down and click **Next**. 7. In the **Feedback** step, you can skip this as it is optional; click on **Finish**. This finalizes the creation of your new Tines app in Okta. 8. Within the **Assignments** tab, add the **People** and/or **Groups** that you want to have access to Tines. **Note:** If you do not have [JIT enabled in Tines](https://www.tines.com/docs/admin/user-administration/jit/), make sure that these users have *an existing account in both Tines and Okta with matching email addresses*: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1384230811/26f5fc2bedae8a6de912e21d75ef/image.png?expires=1781611200&signature=854fcbbcf280f9d0b6b373ec045cb623406f574979dde20fa34fdceb224a9fd1&req=dSMvEst9nYleWPMW3nq%2BgRIr6MSd0KyKPsbAKU6ct5FVpzElvByETzxvWohA%0AyZwYEyIt8Y3NVLDOALZfq7yrwsY%3D%0A) 9. Navigate to the **Sign On** tab → in the right-panel via **SAML Setup**, click **View SAML setup instructions**. 10. Copy and save the following values locally; they are used in the Tines configuration: 1. **Identity Provider Single Sign-On URL** 2. **X.509 Certificate** (including the `BEGIN CERTIFICATE` and `END CERTIFICATE` liners) ![](https://downloads.intercomcdn.com/i/o/am0g137l/1384257012/10f22eaaddb255e136a477030318/image.png?expires=1781611200&signature=7a36e88a28bd3233677d9eae39cfa55f31cb4da996f93b9c2fd185ef004bbbf5&req=dSMvEst7moFeW%2FMW3nq%2BgU%2FmdNIKFaWlWg1%2FTcJ8ZYjWXqwcyQYZup2aPe%2Bi%0AYZLiS%2FBovTOEcf5uaUUb%2Fpmy0kM%3D%0A) ### Configure the authentication settings in Tines 1. Sign into your Tines tenant as a tenant owner. 2. Navigate to the tenant owner menu → **Settings** → **Access & security** → **Authentication**. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1384262558/9a7843864672ad9f90d67c2c006b/image.png?expires=1781611200&signature=781a77c175657e83a3de69443c6df91ca285a6eee61612dbcb8caa9c835c3503&req=dSMvEst4n4RaUfMW3nq%2BgVxjs3FserAh8rHq%2BeYq5h%2FPy7QvenxDgT75amLr%0AlzMFcM%2FL673hOAiYLHt%2Fa%2FHjies%3D%0A) 3. In the **Authentication settings** pop-up window, set the following parameters: 1. **Authentication type**: `Single sign on (SSO) via SAML` 2. **SAML identity provider URL**: Your Okta app's **Identity Provider Single Sign-On URL** 3. **SAML identity provider public certificate**: Your Okta app's **X.509 Certificate** (including the `BEGIN CERTIFICATE` and `END CERTIFICATE` liners) ![](https://downloads.intercomcdn.com/i/o/am0g137l/1384266385/c3b9f7204940a30cafee9706d31d/image.png?expires=1781611200&signature=6b9c08115d530ba9f9c7fd0990bb982c955603b349755333163a6df5dfa358d7&req=dSMvEst4m4JXXPMW3nq%2BgWbG%2BjjmreNY94qg2iUJLiicLTE2IcIrgVUFKEbt%0AHRElezHotpqh%2F%2FoN0z5HuIi2mqE%3D%0A) 4. Review that the information is correct, then click **Save**. ## Review the results Now, when your end-users access their Okta dashboards, they can click on the Tines app, utilizing SSO to log into your Tines tenant: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1384286410/d56ad4501115adb94d627baf55eb/image.png?expires=1781611200&signature=346bd08e9f8b203fe04e66b60621732579da37cf79214b38c6b55aa012b33aa9&req=dSMvEst2m4VeWfMW3nq%2Bgd9gtyV0T%2Fj91BViUCHyskHHetiL3ZRhpU0OCvbh%0ANsmrq%2FVzPO8MtyLMUASUwGHRW7U%3D%0A) ## How to enable webhook API responses in Tines ## Overview This article covers how to enable webhook API responses in Tines for use cases like sending a custom response to an incoming API call. ## Tines manual reference Before getting started, we recommend familiarizing yourself with the surrounding functionality this article covers: - Tines: [Webhook Action](https://www.tines.com/docs/actions/types/webhook) - Tines: [Event Transformation Action](https://www.tines.com/docs/actions/types/event-transformation) - Tines: [HTTP Request Action](https://www.tines.com/docs/actions/types/http-request) - Tines: [Workflows as APIs](https://www.tines.com/docs/stories/apis) ## Make it happen Within your storyboard: 1. Drag-and-drop the following actions: 1. Webhook 2. HTTP Request 3. Event Transform ​ ![](https://downloads.intercomcdn.com/i/o/1003114471/df6f54dd3c8cc0d61326661c/image.png?expires=1781611200&signature=5ec218e7d3785f27298de4f94670c11bf4e5fbee72227e949b82c491d77039ea&req=dSAnFch%2FmYVYWPMW3nq%2BgZo9ELbtF3n1u6FonP08aoTzQrICJWm4RtgdofFq%0AiwXs9UWUm8hylmZSPKdRw8sDP38%3D%0A) 2. Navigate to your story configuration panel. You can do this by clicking in an empty space within your storyboard. 3. Within the story configuration panel, toggle on the "Enable webhook API responses" setting: ​ ![](https://downloads.intercomcdn.com/i/o/1003105509/ae2423b0272ba56951bc02ba/image.png?expires=1781611200&signature=46b47163669e3928a041e0e6dc9bda70ce6f1b11909b0629b8cbe24025f578a9&req=dSAnFch%2BmIRfUPMW3nq%2BgQC8ungcS%2FF6gWR%2BAgLMtyMUQ%2BCePR3RYT7e4ycy%0ATn4u4xUVN%2FZ%2BEC9jJx%2FzLL7eFSk%3D%0A) 4. In the pop-up that appears, select your Entry action(s) and Exit action(s). ​ ![](https://downloads.intercomcdn.com/i/o/1003116577/23b7ea6ff366b4af3011ff09/image.png?expires=1781611200&signature=7f8b62e331f54b9f7a65eb02dd4a70831688d3bc5c56c339c7574afcb406fa2e&req=dSAnFch%2Fm4RYXvMW3nq%2BgSIcw%2BtNHs4uyn5Mip5%2Bv2AXZ0TXa5bJNVVuTT42%0A7Vd%2BRwR8OYy5g5IHW66W11sap%2Bw%3D%0A) ## Review the results Looking at your storyboard, you will now see arrows on the relative Entry and Exit actions: ![](https://downloads.intercomcdn.com/i/o/1003124567/6b268c6381effb98a30c1197/image.png?expires=1781611200&signature=996cb7b6a40a306dffc82d1b8bfb900f38b6fda815c7ddc14090b56cb8a6d210&req=dSAnFch8mYRZXvMW3nq%2BgXIWg2iLgdyOWjU8isky5bAcKwP4OfH11Dq2EXj2%0AKA8nax6HUIm90Mhk8M9k%2FWdnDPM%3D%0A) Configure your HTTP request URL to point to the Webhook URL and run it to see the event output: ![](https://downloads.intercomcdn.com/i/o/1003128399/395893de5000f118accd0ecb/image.png?expires=1781611200&signature=d641f147e9fe910a51185262f34417bc66411f3e0498c117fefd6f7858e3dc88&req=dSAnFch8lYJWUPMW3nq%2BgdWWverdMxcOjs3y9vRH4BhCcZSIKwPrX62Xyjo9%0AfL9HyjoNFjrkZ2VKYAu1hgXt5K4%3D%0A) ## How to find commonly used assets #### Tines' logo and other branding essentials As an example, when creating an app in your 3rd party platform to connect to Tines, attaching our logo helps to visually identify Tines in your toolkit. You can access our brand assets by following these steps: 1. Navigate to the [Tines website](https://www.tines.com/). 2. Right-click on the Tines logo in the top-left corner. 3. Select **Access all Tines brand assets**: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1384083691/be9e1d1c3da4569aa145e803bc85/image.png?expires=1781611200&signature=a669a0782fed3af0e9737b1ea168cecb9d57e527841217bc239f5fdc61c72d84&req=dSMvEsl2nodWWPMW3nq%2BgXXxAAlTqe4atU4BTUX87kZ6jXayhGwuupPSW0Ez%0A%2B5qMbhET0554sS8SLEuJGC2KnNQ%3D%0A) 4. Click **Download brand essentials**: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1384086668/9c5a828ad5d368c12c33b2637ffa/image.png?expires=1781611200&signature=3c010c2c7251f0487055e5fde3d47465b434f9144a32edcb294ef4f221657a92&req=dSMvEsl2m4dZUfMW3nq%2BgUapisaqB%2BYIVQ5AQtp1LMN7kgYZGJOmFstm108c%0AHq0dGarGGhFPt2IXhZuH2p5bMPM%3D%0A) This will locally download a ZIP file named **Tines Brand Essentials** that contains AI, PNG, and SVG files of our full logo and icon. #### **Tines' customer Data Processing Agreement (DPA)** Tines' Data Processing Agreement (DPA) can be found on our website here: [Customer data processing agreement](https://www.tines.com/dpa). ## How to leverage templates and stories in Workbench In this video, we'll take a look at how we can activate available templates and stories to our Workbench instance. [Watch video](https://www.youtube.com/embed/9txpybCFWNo?rel=0) ## How to leverage the AI Agent action in Chat mode [Watch video](https://www.youtube.com/embed/MKjuB2LSCG0?rel=0) ### Video transcript Hi, Angie here from Tines. In this video, we'll focus on the chat mode of our AI agent action. Chat mode creates a dedicated URL where end users can have back and forth conversations with your agent. Unlike task mode, which runs autonomously, chat mode is designed for interactive experiences where human input guides the conversation. To configure an AI agent action in chat mode, add a new AI agent action to your story. Then select chat mode from the mode options. In the configuration panel, you'll see the same system instructions field as in task mode. While the system instructions work the same way, you'll want to tailor your instructions for interactive conversations when using chat mode, such as define the agents persona with a conversational tone, include guidance on how the agent should respond to different types of questions, set boundaries for what topics the agent should or should not discuss, as well as consider including example dialogues to guide the agents conversation style. Just like in task mode, you can add tools, custom tools, and send a story for your chat interface. To do so, navigate to the tools section in the configuration panel and add tool. Here you can add relevant tools including send to story and custom tools that end users might need during conversations. The agent will suggest using these tools when appropriate during the chat. Once configured, you can share your agent chat interface via copying the generated URL manually from the copy link option in the toolbar. Or if you need to reference the URL in a connected upstream action, utilize our page function to share the URL more autonomously. Depending on your access control settings of your AI agent action, end users can access the chat interface directly through their browser via this URL. You can review chat interactions to improve your AI agent actions performance. In this example, we'll take a look at an AI agent action that is set up to chat with users on how they can improve the write-ups of their existing Jira issues. Once the chat is complete, you can view the conversation history in the AI agent actions events panel. Here, analyze which tools were used during the conversations and use these insights to refine your system instructions and available tools. Now, some general best practices. Keep system instructions clear and conversational for chat mode. Only add tools that are relevant to the types of conversations end users will have. Consider the end user experience when designing your agents persona and responses. Regularly review conversations to improve your agents effectiveness. Finally, a few key takeaways from today's video. Chat mode enables interactive conversations through a dedicated URL. System instructions should be tailored for conversational interactions. Tools can enhance the chat experience by allowing the agent to perform actions. Monitoring conversations helps improve your agents performance over time. See you in the next video and happy building. ## How to leverage the AI Agent action in Task mode In today’s fast-paced environment, manual processes can be a bottleneck. The AI agent action in Tines is designed to break those barriers by integrating intelligent decision-making directly into your automation workflows. Read [this article](https://explained.tines.com/en/articles/11541238-get-started-with-agents) to help you get started with AI agents in Tines. While the AI agent offers two modes, chat and task, this guide focuses on task mode, which enables the agent to independently make decisions and execute actions without human intervention. This is the ideal solution for fully autonomous workflows. [Watch video](https://www.youtube.com/embed/o0vYUqSfrqA?rel=0) ### Getting started with task mode Configuring an AI agent action for task mode is straightforward. Follow these steps to get your agent up and running: 1. **Add the action:** Navigate to your Tines story. Select the AI agent action from the story toolbar and drag it onto your canvas. 2. **Select task mode:** With the action selected, open the properties panel on the right. Under the mode settings, choose task mode. 3. **Configure instructions:** Once in task mode, you can begin defining your agent’s behavior through system instructions. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2352468452/c36f8f9dd14bacd4b36830d4064e/task+mode+ai+agent+st.gif?expires=1781611200&signature=650e7e6a528209fd4259462fdecfe6eccff08d96a197673a33c5fc9ec69ded6d&req=diMiFM14lYVaW%2FMW3nq%2Bga5Cx%2FOju0fgHcec1xF%2FzUfm8lrRHRw9KeCBXWL6%0A3h1IAIujt%2BL9YyGUJbqVL2P%2FMtQ%3D%0A) ### Crafting effective system instructions Your system instructions are the "brain" of your agent. They define the tone, domain, and specific persona the agent will adopt. A well-defined prompt leads to more precise and reliable outcomes. ### Best practices for your prompts - **Define a persona:** Give your agent a clear identity. For example, if you are creating a cybersecurity assistant, define the persona as a cybersecurity analyst responsible for reviewing alerts, and provide context like: "You work on a security team tasked with investigating potential threats." - **Stay organized:** As your system instructions grow in complexity, use clear, distinct sections. This improves maintenance and helps the AI understand its role and boundaries more effectively. > This [article](https://explained.tines.com/en/articles/11644147-best-practices-for-the-ai-agent-action) goes through more best practices for the AI agent. ### Integrating dynamic data The power of the AI agent lies in its ability to process real-time information. You can inject dynamic data into your prompts by using data pills. - **How to add data:** Within the prompt input field, simply click the + button. - **Referencing values:** This allows you to select values from upstream actions or resources. Once selected, you can develop your JSON path to ensure the agent receives the exact data it needs to perform its task. **Example:** You might prompt the agent to "summarize the data," followed by a data pill referencing upstream data. This ensures the AI always has the most current information to work with. ## How to manage folder structure in Tines This article explains how to leverage folder structure and hierarchy to better organize assets within your tines tenant. Even if you are limited to a single team, you have the flexibility to create an effective organizational system. ## Creating folders You can create folders within the stories, credentials, and resources sections to categorize your assets. ### Stories - Navigate to the section you wish to organize, for example, stories. - Click the dropdown beside the +New button in the top right corner of the screen. - Select Create new folder. - Give your folder a name and click Done. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2272747936/01ca5ab666c96b9a46c16a736cc3/create+folder+for+stories.gif?expires=1781611200&signature=ac27cbcaab9f029216d4797cdf74ffb4863f2f41310e25648f752216e6018eaf&req=diIgFM56mohcX%2FMW3nq%2BgX3QwzBa9J3OFOOIhBjDbj2HLgdF1UuDvaXBYl3y%0AMWqhXFsKmkUF%2BDPpIZm8I6OO0kc%3D%0A) ### Credentials and resources - Navigate to the credentials or resources screen. - Click the folder icon beside the +New button. - Give your folder a name and click Done. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2272749037/9b96966f3d62431215dd9a751873/create+credential+or+resource+folder.gif?expires=1781611200&signature=9fa903557d4af0306b93afc98287d8fe9334d5a98b9c571e21a424279fb4c868&req=diIgFM56lIFcXvMW3nq%2BgVWQqcaSnpDGQ97u8DMY03rHwar699%2Bh3NbcjWAD%0AwYjK%2B2Cs07Gedz5xnZHsdfuBH24%3D%0A) ## Moving a story into a folder - Locate the story you want to move. - Click the three dots next to the story name. - Select Move. - Choose the specific folder you want the story to go into and click Move. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2272749712/ae986f1cb332a7e699db6d8eadc9/move+story+to+folder.gif?expires=1781611200&signature=bb480e7d51b4d6318e13d6730b56a1193ea0a9de0bf8de12e1a3469bdf0111a1&req=diIgFM56lIZeW%2FMW3nq%2BgQlzE6PcuWNg2Ie5L6eLbs3ln2CTzI2gf2Au17BV%0AuH21ldrP8Zyb04mK8VMPNV%2BSrvM%3D%0A) ## Example folder structures ### Stories - Create folders like "testing" and "in production" to separate development and live stories. ### Resources - Create folders like "URLs" to store and reference common urls used when building stories. ## How to pitch AI in Tines to your GRC team Bringing an LLM into your environment, especially one that interacts with your most important workflows, is a conversation that should not be taken lightly. Whether your company is looking to use Tines default AI or your preferred AI provider, it will most likely need to be approved by internal teams. We’ve created this guide to help you pitch using AI features in Tines to your GRC teams. Follow along to get set up for success and know what questions to expect. ### **Getting started** Before you kick off the conversation, here are some steps you should ask yourself: - **Who within my organization should I approach to pitch AI in Tines and get approval?** - It depends on the organization, but typically customers will go to their IT, Security, Legal, GRC, and/or Finance teams. - **What information should I have on hand to start the conversation?** - What LLMs/services are available - What type of data will be processed - Use cases planned for AI in Tines If your company has an existing LLM in place that is compatible with Tines ([see available AI providers here](https://explained.tines.com/en/articles/10371885-use-a-custom-ai-provider-in-tines)), this can be an advantage. However, we also have a great security implementation for our in-product AI. ### **Tines resources to have on hand** Take a look through the available Tines resources on AI. They include various best practices and our policy on maintaining secure and private AI features. - Blog: [How to evaluate AI features in workflow automation platforms](https://www.tines.com/blog/evaluating-ai-features-workflow-automation/) - Blog: [Implementing AI within your security strategy: 7 best practices](https://www.tines.com/blog/implementing-ai-within-your-security-strategy-best-practices/) - Blog: [AI in Tines: secure and private by design](https://www.tines.com/blog/ai-in-tines-secure-private-by-design/) - Blog: [Securely bringing your own AI to Tines](https://tines.com/blog/securely-bringing-your-own-ai-to-tines/) - Explained: [Security & privacy for AI in Tines](https://explained.tines.com/en/articles/9369078-security-privacy-for-ai-in-tines) - Explained: [Use a preferred AI provider in Tines](https://explained.tines.com/en/articles/10371885-use-a-custom-ai-provider-in-tines) - Explained: [AI in Tines articles](https://explained.tines.com/en/collections/9473753-ai-in-tines) - FAQ: [Tines Trust Center | Topics and common questions](https://trust.tines.com/) - See questions on how Tines’ AI features are powered and how data is handled - FAQ: [Preferred AI providers](https://explained.tines.com/en/articles/10389743-frequently-asked-questions-custom-ai-providers) - Docs: [Admin-AI](https://tines.com/docs/admin/ai/) - Docs: [AI Agent action](https://www.tines.com/docs/actions/types/ai-action/) - Docs: [Automatic mode in Event Transform](https://www.tines.com/docs/actions/types/event-transformation/automatic/) - Docs: [Workbench](https://www.tines.com/docs/workbench/) ### **Questions to expect** Now that you’ve gotten an audience, what types of questions can you expect them to ask? We asked our own Legal, GRC, and IT/Security teams, and these were their answers: - **What top question(s) will the Legal team ask?** - How will the AI model be used with our workflows? - How is our data protected? - Is our data used to train any AI models? - What policies will be shared with the rest of the organization? - **What top question(s) will the Security team ask?** - What data is involved? - Where will it be stored/processed? - How long will it be stored? If you opt to use the AI already available in Tines, you can find answers to these questions in the [Tines Trust Center | Topics and common questions](https://trust.tines.com/). If you choose to use a different model, you can find those answers with that vendor. As always, the Tines team is here to help you navigate this discussion. If you have any questions, please don’t hesitate to reach out. ## How to set up an MCP server in Tines ## Overview **[Model Context Protocol (MCP)](https://modelcontextprotocol.io/docs/getting-started/intro)** is an AI standard [introduced by Anthropic](https://www.anthropic.com/news/model-context-protocol) that defines how large language models (LLMs) can interface with external systems in a structured, predictable way. MCP enables LLMs to invoke remote procedures, query external data sources, and perform context-aware operations through a unified protocol. In Tines, you can build and deploy custom [MCP servers](https://www.tines.com/docs/actions/templates/mcp-server/) (via a templated action) directly from your storyboard, allowing your LLMs to interact with your integrations in real time. ## Tines references Before getting started, we recommend familiarizing yourself with the surrounding functionality this article covers: - **MCP**: [Example Clients](https://modelcontextprotocol.io/clients) - **Tines Blog**: [Building MCP servers on Tines](https://www.tines.com/blog/introducing-mcp-servers/) - **Tines Explained**: [MCP server FAQs](https://explained.tines.com/en/articles/11932675-mcp-server-faqs) > **Tip**: Need some inspiration? Check out [this story](https://www.tines.com/library/stories/1324549/) in our Library for MCP server ideas! ## Make it happen ### Video Guide [Watch video](https://www.youtube.com/embed/Rh3KUvW6Mew?rel=0) ### Step One: Verify your MCP client supports MCP integrations Make sure your MCP client meets our [MCP-supported features](https://www.tines.com/docs/actions/templates/mcp-server/#protocol-details) and that you understand the [limitations](https://www.tines.com/docs/actions/templates/mcp-server/#limits). > **Note:** Our MCP server does not consume AI run-time credits. ### Step Two: Configure the MCP server in Tines Within your Tines storyboard: 1. Navigate to **Templates** in the left-hand panel. 2. Search for "**MCP**": ![](https://downloads.intercomcdn.com/i/o/am0g137l/1653322568/0944813a7590f997230ce438b068/image.png?expires=1781611200&signature=1a3328491b55b4c3d0c787eae27f5378b898fa0503fc44bb010b54ef6529c037&req=dSYiFcp8n4RZUfMW3nq%2BgWjmYpIz0ZM1Qnd5K5jouP6Xt06rAD05u86L65oI%0AMQ37ypdEZMplAJSaokhJRuLmLco%3D%0A) 3. Drag and drop the template onto your storyboard. 4. Select "**MCP Server**." 5. Configure the action as needed, including adding **Tools** (similar to our [AI agent action](https://www.tines.com/docs/actions/types/ai-action/#tools)). 1. Ensure your connected Tools are properly authenticated with [Credentials](https://www.tines.com/docs/credentials/). 2. Make sure to check the **\+ Option** button to add additional settings, such as **[Access Control](https://www.tines.com/docs/actions/templates/mcp-server/#access-control)**. 6. Within the **Summary** tab of the action, note the configuration options relevant to your MCP client's environment (**Remote Server** or **Claude Desktop**). ![](https://downloads.intercomcdn.com/i/o/am0g137l/1653372386/4974e992132a5d44ee7206602c34/image.png?expires=1781611200&signature=4b2b417ed8b4a4aeaf941dfeb925377aa6121ac25797e6ad83732d00b0a5dafb&req=dSYiFcp5n4JXX%2FMW3nq%2BgW8k8qltOLbFNN%2FNusz4QczZ9waXcQHqXkIE83oi%0ACtMFeNDCtsOEVkpPZHin9XRFwU8%3D%0A) ### Step Three: Link the MCP server via your MCP client's connectors Depending on your MCP client, apply the **Remote Server** or **Claude Desktop** configuration in the MCP client's settings. The pre-work and location of this setup will also depend on your MCP client, so we recommend researching your MCP client's documentation for how to configure a connector. ## How to set up reporting in Tines In Tines, tracking your progress is more manageable with Reporting. You'll see tenant-level metrics like - Most activity by: - Story - Action - Credential - Resource - AI credit usage - and more! Tenant-level reporting is available via you main menu. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1516016411/485adeebbe9f179b53c0e76b84d6/CleanShot+2025-05-09+at+13_22_03%402x.png?expires=1781611200&signature=1256c9a2c6ea9b81ba0d1d65fd4376975a770c5f85cfff632d97679d61b668cf&req=dSUmEMl%2Fm4VeWPMW3nq%2BgZRlarahsc57YyDKXOwIDe3lQFRFHonUmUi%2BQta1%0Ad4qjtMJSGAXzo22HbyOA3%2FrYrPo%3D%0A) You can set action-level reporting, too, to see time-saved. You can configure it in the action status tab of the Storyboard. Time-saved reports do not work on draft Stories. Your Story must be published first. ## Add reporting to an action 1. Open the Storyboard and choose the action you want to monitor 2. Choose the status tab in the properties pane 3. Click the + sign next to reporting to add your benchmark 4. Choose the unit (minutes or seconds) and input the value (i.e., 1, 2, 30) ![](https://downloads.intercomcdn.com/i/o/am0g137l/1516022147/9b3b5cee78afbfb3e9e8a35ea0b3/CleanShot+2025-05-09+at+13_27_50.gif?expires=1781611200&signature=5830b8872dd17d0b3aaeb43384bb357fd9a3addc9111a75b579aa5e30981dada&req=dSUmEMl8n4BbXvMW3nq%2BgTC3%2BZdHWPaodKVL99U%2Bs%2BmRgSPSgq4oSOx1Xo1D%0AjVyGYo6gNIzhIr0Db2CkVqhx%2FgM%3D%0A) And that's it! As your actions with reporting enabled run, the accumulated data will display on the reporting overview chart (available via the main menu in the top left). ## How to set up Zoom webhooks to Tines ## Overview While building throughout Tines, you may need to send event-based notifications from Zoom into your story. This article goes over how to set this connection up using a Tines webhook action. ## Tines references Before getting started, we recommend familiarizing yourself with the surrounding functionality this article covers: - [Tines - Webhook action](https://www.tines.com/docs/actions/types/webhook/) - [Zoom - Webhooks](https://developers.zoom.us/docs/api/rest/webhook-reference/) > **Tines Tips:** > > - Zoom uses a **challenge-response check (CRC)** for webhook validation. When a CRC occurs, Zoom makes a POST request to your endpoint with a challenge request body. After your endpoint receives the request, your app needs to respond with the challenge response within 3 seconds. > > - Zoom requires that you manually trigger webhook validation when you add a new webhook or make changes to an existing one. Subsequently, Zoom automatically re-validates webhooks every 72 hours. ## Make it happen ### Step One: Zoom app configuration 1. Within Zoom, navigate to the [Zoom Marketplace](https://marketplace.zoom.us/) → **Develop** → **Build App**. 2. Zoom's API License and Terms of Use pop-up may appear. Read through this and click on **Agree** to continue. 3. For "What kind of app are you creating", select **Webhook Only App**: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1223336299/c71d32660943af4800825efb0072/image.png?expires=1781611200&signature=61254699429b9cacd707eca948ab55a28be8c3d77ab6eb516b688b42f5115b1e&req=dSIlFcp9m4NWUPMW3nq%2BgTmW96Q7LiEIp%2BGCOnSL54Zxt%2FDRcik6I4mWlI%2BT%0A5HgkKzsqjKqlf0IkW0t%2Bk7JiL8E%3D%0A) 4. Click **Create**. 5. Name your app via **App Name**. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1223338525/f29beea96265787cbfdfbf04e936/image.png?expires=1781611200&signature=abf3864b8a5ae94155947f507ec268a5ea1d0e11d1fc0cef0aa83b1dbbae68a3&req=dSIlFcp9lYRdXPMW3nq%2BgW5m832XdGvf8OrbYBjtpIPxrLhqB8f6KIABYaEO%0AvUU2TmFIEq5x7T7rLdMagkGBAT0%3D%0A) 6. Click **Create** again. This will bring you to the **Information** page of your app. 7. Make sure to fill out the rest of your details in the **Information** page (you won't be able to activate the app without this). 8. Navigate to **Feature** and copy your **Secret Token** value. You'll be using this later on. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1223335118/eb6e20f926df121bf84fb73e074f/image.png?expires=1781611200&signature=09612e03825f536d66de17afbe7483b7e6b149c01127221ef70b239d5bf75c1a&req=dSIlFcp9mIBeUfMW3nq%2BgaF6a7%2FW1BOmS1%2BRnuCHqalazs2TUHzh5kr3gyWR%0AQZTc9HupkYbkw6TxRGOFbEyND%2Fo%3D%0A) 9. Still on the **Feature** page, toggle on **Event Subscriptions**. 10. Click **\+ Add Event Subscription**. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1223341573/87b22fc51320d94699a6f173f646/image.png?expires=1781611200&signature=e309ca353ff340a4a5162d5657566c5ae7bac0ec17dfa14cdab473a70573f50b&req=dSIlFcp6nIRYWvMW3nq%2Bge0KEf%2FtfmLDqebw3C8vM1n4CyY5c%2FX%2BQrFNV%2Fi9%0AI2baBdoGFTkT%2BDuxpCrf16TSBWs%3D%0A) ### Step Two: Create your Zoom secret token credential in Tines 1. In a new browser tab, navigate to your Tines tenant -> team → **Credentials**. 2. Click **\+ New** → **Text** to create a text credential. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1223353703/2a4b4d6e664a727fdb01a4131049/image.png?expires=1781611200&signature=41ef734d0a23148aef722d66eed560a8ea158224e275a0a51be25289bba90e6e&req=dSIlFcp7noZfWvMW3nq%2BgfKvNzIlOENCDdTRkKc8dvfp6BLpbENrN3VInCVx%0A247vWo1gKobp9YW5NWxHjJznI9U%3D%0A) 3. Name the credential "Zoom Secret Token". 4. Paste your Zoom secret token you copied from earlier into the **Value** of your credential. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1223360549/2649168d9553bea881ae980a99c6/image.png?expires=1781611200&signature=bd7312f0c558de2a32ef8f303b16b26fd6d8b3c4b679aac410e47b78a1fa5bf6&req=dSIlFcp4nYRbUPMW3nq%2BgY4lZIeKKZvl1bp6LTrOhC5eM4vmaEX7RAA5zEvB%0A2DvwqfirtYYmwttdOzV6wTQ4hxw%3D%0A) 5. Click **Save** to save your credential. ### Step Three: Grab your Tines webhook 1. In your Tines storyboard, drag in a webhook action. 2. Rename the webhook action: "Zoom Receive Events". 3. Copy the **Webhook URL** value. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1223369853/f9db918c9d381f01c961089b0956/image.png?expires=1781611200&signature=c4e0825c10d3f6833a3d822046185fbc551fb1e34a262c20fded52e3c587503e&req=dSIlFcp4lIlaWvMW3nq%2BgRpCnULMfKUrJlBR%2BV%2BtjR1yp9edS%2FsMoekaHnmq%0AIyHS%2FtxfCPC3oCY899wNBQ0xZvg%3D%0A) 4. Back in your Zoom app -> event subscription you created earlier, paste the Webhook URL into the **Event notification endpoint URL**. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1223375635/167fe0a3243493eddc09fd2fd1f0/image.png?expires=1781611200&signature=f2d6b678f35c949d502d15898ff3f6345e1fc2615803ea01ae92f31fb5eb72ec&req=dSIlFcp5mIdcXPMW3nq%2BgdTgagVRWPrfM5ZhfAdnw8nACDKouVYBYcLKjiDF%0ATZbrRx%2BP5QLoc%2FHmp0p7psdNh5Q%3D%0A) ### Step Four: Validation setup 1. Back in your Tines storyboard, drag in an event transform action. 2. Name the event transform action "Challenge Response". 3. Connect the event transform action *after* your webhook action. 4. Set up the **Payload Builder** of the event transform action like so (you can copy +paste the following into the "Plain Code" of your payload): ``` { "plainToken": "<>", "encryptedToken": "<>" } ``` 5. In your story settings, turn on "**Enable webhook API responses**" with the following setup: 1. **Entry action**s: Zoom Receive Events action 2. **Exit actions**: Challenge Response action ![](https://downloads.intercomcdn.com/i/o/am0g137l/1223391849/67203dd72ed629da20c648200146/image.png?expires=1781611200&signature=7b65a36090aca4c936cea5a0b30f62c1eebc46027dd29609be9642d370f5b22a&req=dSIlFcp3nIlbUPMW3nq%2BgStQ7oJbcvgqbvk80tTAOcOcybuEWPbe%2BlD%2B1hzE%0A2Y9ME3SHls9kQbhkRk6YFwK8sRE%3D%0A) 6. Back in your Zoom app, click **Validate** under **Validate the URL**. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1223403335/8e14a8accababe64441690a8183e/image.png?expires=1781611200&signature=b88520f70607778b3e60bd310c9c7f1db607df1ad9508709da719983f2c1b574&req=dSIlFc1%2BnoJcXPMW3nq%2Bgdf9UtaMwI5HXdbcsHbSNqu2MFJrvkm14o5iiLn6%0AIgbu8rgNqiRuPy%2BeXidUweKhXxM%3D%0A) ## Review the results After running the validation from Zoom, you will see an `endpoint.url_validation` event come through your webhook action in Tines: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1223411040/dad667d2396c985e53d3fb292da1/image.png?expires=1781611200&signature=48309c8e76cd57b680b67b7b7d4b4ece43fc01a84a0ec26a537aa8c5b5fa51e6&req=dSIlFc1%2FnIFbWfMW3nq%2BgU74Q4wrXg%2Bb4Nf7qfYlMCMa4y5UyP%2FU0bziCHHu%0AFk4UJ0U38%2FsFP2QWlyDuJmIGKw0%3D%0A) A successful "Validated" message will appear on your Zoom app: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1223405080/89b38b2f44fdb1b7709951af3aa1/image.png?expires=1781611200&signature=6ad8c751ff9ff8f6dbd07939d231ab68ea98bbf5d4bea9ea75ddca776744463f&req=dSIlFc1%2BmIFXWfMW3nq%2BgVcNG9NZFts87EzWbdW10n8rynb15%2Fld02lzrRw2%0AsW%2BqGLHJag1woLY7RWTBv1ixeBo%3D%0A) > **Note:** Since Zoom re-validates webhooks every 72 hours, make sure to keep your "Challenge Response" event transform action. Once you've successfully validated the URL, you can add the Zoom events you want to pull into your story via your Zoom app's **Add Events** and **Save** your changes: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1223415277/bd3779044bd67ad4d79bd89c5b27/image.png?expires=1781611200&signature=6087e5a20ab9c757844524212ca00ba6078fb31b62c94da0c5bde498e5ab39eb&req=dSIlFc1%2FmINYXvMW3nq%2BgSiDRdbHbNsmnje%2BGyXuejH%2BLMKrSDO6gOoU3yZN%0AKctn6cTbWbek1PFseU%2FfT0MVjiI%3D%0A) ## How to use cURL to Tines Many services provide example cURL commands in order to interact with their API. Tines can utilize these cURL commands to create new actions on the storyboard. Instead of manually copying each field into a Tines HTTP request action, you can simply paste the entire command directly onto your storyboard. This article shows you how to turn any standard `curl` command into a fully functional Tines action in seconds. ## Tines references Before getting started, we recommend familiarizing yourself with the surrounding functionality this article covers: - [Tines - HTTP request action](https://www.tines.com/docs/actions/types/http-request/) - [Tines - Shortcuts: Import from cURL](https://www.tines.com/docs/actions/shortcuts/#import-from-curl) ## How it works [Watch video](https://www.youtube.com/embed/AvyDCFWuG-I?rel=0) 1. **Find your API example**: Navigate to the documentation for the tool you want to integrate. Locate a `curl` example for the specific endpoint you need. 2. **Copy the command:** Highlight the entire `curl` string and copy it to your clipboard. 3. **Paste into Tines**: Open your Tines Story and simply use the keyboard shortcut (Cmd + V on Mac or Ctrl + V on Windows). ![](https://downloads.intercomcdn.com/i/o/am0g137l/2302852365/3f1475a031da6145af0c66abaa80/paste+curl.gif?expires=1781611200&signature=ce4cd4d7cd4a8742c4043020990f34e0fda73321185f95ce65850be9108ed0a7&req=diMnFMF7n4JZXPMW3nq%2BgS8mlhrcXk30if59NLll5HKPiETXLienPS3m4v94%0ANlnWHfrNY39%2FilAE7QcS%2F2a%2BfXM%3D%0A) When you paste a curl command, Tines instantly generates an HTTP request action. > **Note:** While the structure is created for you, remember to replace any placeholder API keys or secrets from the documentation example with your actual **Tines credentials**. Now that your request is ready, you can start making modifications, adding credentials, and connecting it to the rest of your automated workflow! ## Why to use cURL - **Speed**: Go from documentation to a working action in under five seconds. - **Accuracy**: Eliminate typos in long URLs or complex header keys. - **Ease of use**: Perfect for quickly prototyping new integrations without getting bogged down in manual setup. > **👉 For a more detailed description of cURL** [see here.](https://www.tines.com/docs/actions/shortcuts#import-from-curl) ## How to use webhooks Webhooks are a way for external systems and applications to send data directly into your Tines workflows. This article covers how to create, test, and access data from a webhook in Tines. Read the [Introduction to Webhooks](https://explained.tines.com/en/articles/14007076-introduction-to-webhooks?q=formula) article for more information. ## Creating your first webhook ### Step 1: Add a webhook action In your Tines story, add a new webhook action. This action will be the entry point for external data. ### Step 2: Configure the webhook Key configuration options include: - HTTP Methods: Choose which HTTP verbs to accept (GET, POST, PUT, DELETE, etc.) - Authentication: Optionally require secrets, tokens, or basic auth to secure your webhook - CORS Settings: Configure cross-origin resource sharing if needed for browser-based requests - Rate Limiting: Protect your webhook from excessive requests - Response Configuration: Customize what the webhook returns to the caller Read our best practice on configuring your webhook names and paths [here](https://explained.tines.com/en/articles/14048386-webhook-best-practice-configuring-names-and-paths). ### Step 3: Get your webhook URL Once created, Tines generates a unique URL for your webhook. You'll find this in the action details. The URL looks like: <<[https://your-tenant.tines.com/webhook/abc123def456/your\_webhook\_name>](https://your-tenant.tines.com/webhook/abc123def456/your_webhook_name\>)\> > Important: Never guess or manually construct webhook URLs—always copy the exact URL from the action details. ### Step 4: Share the URL Provide this URL to the external system that needs to send data to Tines. Configure that system to send HTTP requests to your webhook URL when events occur. ## Testing your webhook The best way to test a webhook is to simulate an external call from within Tines: 1. Create an HTTP Request action in the same story (or a test story) 2. Set the URL to your webhook's URL (copied from the webhook action details) 3. Configure the payload to match what you expect from the real external system 4. Run the HTTP Request action to simulate the external call 5. Inspect the webhook's events to verify it received and processed the data correctly 6. Trace downstream actions to ensure your workflow behaves as expected This approach keeps your testing entirely within Tines and gives you full control over test data. ## Additional webhook configurations and uses ### Using multiple webhooks in one published story You can utilize multiple webhooks within a single published story to facilitate your workflows. You can have two webhooks leading into the beginning of a story if your use case requires it. When doing so, ensure that the data format and the tools involved remain consistent across these inputs. > Note that a send to story action's entry point must be a webhook action itself and is restricted to only one entry point. ### Copying a webhook action To copy a webhook action, ensure that the secret and path are identical to the original version, and then delete the old webhook action. You can also recreate a deleted webhook by setting up a new webhook with the original secret and path. ### Adding CORS to a webhook action Add CORS (Cross Origin Resource Sharing) to a webhook action by selecting ‘+ Option’ in the properties panel and choosing "Enable CORS". ![](https://downloads.intercomcdn.com/i/o/am0g137l/2302427354/10a9fa0e9bab0e901c6a1c02de10/CleanShot%2B2026-03-11%2Bat%2B11_22_47.gif?expires=1781611200&signature=62a0161d797dc619061666c781e28b31c88e5e9751f3c8d4c99729959770c7f4&req=diMnFM18moJaXfMW3nq%2BgZzFjIx3Rhz%2BuC%2FKDX0BCDKIE%2FSQdvAdiIA%2FADSx%0AW2onhiHpacqMGnc4KymBk2RRyLM%3D%0A) ## Accessing webhook data When a webhook receives a request, the data is available in the event it creates: - Body: `webhook_action.body` contains the request payload (JSON, form data, etc.) - Headers: `webhook_action.headers` contains HTTP headers - Query Parameters: `webhook_action.query_parameters` contains URL parameters - Method: `webhook_action.method` shows the HTTP verb used - Path: `webhook_action.path` shows the request path Use Tines formulas to extract and transform this data in downstream actions: <> <> <> ## Sending the webhook request body as a response When a request is made to a webhook action, the default response is "Ok". To change the response to send the request body instead, follow these steps: First, add the response option to the webhook action. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2302415190/955623657d32ce71b8325320b1d3/webhook+response.gif?expires=1781611200&signature=c5367a6853beb4c13b416fa07ea62890dd438fd792f609675f1e11c87e721d6e&req=diMnFM1%2FmIBWWfMW3nq%2BgXRWO9A0g%2F9s%2FeKL0%2BR7jO7AqeUfv01GEc1gKsOq%0A2uFwUZknpwflT%2FO91R%2FKTZ8dVrg%3D%0A) Then, add a value pill referencing the body of the webhook action using the syntax: ![](https://downloads.intercomcdn.com/i/o/am0g137l/2302416121/9efa5348a231765a12ee92aba54d/image.png?expires=1781611200&signature=61394feec8b4130059c51b2510a472878506aa73f31cf3bb0c05c35faa092131&req=diMnFM1%2Fm4BdWPMW3nq%2BgYvr5SDa4lLhAh86B%2BlWymamOuJ%2B743GjT7aSfvv%0AqW3RQDt1tOPZlgDodD4jR7sdgvI%3D%0A) ## Rate limits for webhooks Individual webhook paths are restricted to 1,000 requests per minute. The overall webhook rate limit per tenant is 2,500 requests per minute. If a tenant reaches this limit, webhooks will stop receiving events tenant-wide. > Read more on webhooks in our docs [here](https://www.tines.com/docs/actions/types/webhook/). ## How usage in Tines is calculated > **👉 For a full overview of our pricing and packaging, please [visit this article](https://explained.tines.com/en/articles/9620399-understanding-tines-pricing-and-packaging).** ### **Flows** A connected set of one or more elements (actions or tools) that run autonomously. Running autonomously means the story kicks off on a schedule, via another system or story, via a case, or from a page submission. If you have more than one story on a storyboard, ***each flow*** is counted independently towards your limit. #### What doesn’t count towards a flow? Any workflow or set of elements that requires you to run them manually from within Tines. This includes deactivated elements. #### **Where can I monitor my flow usage?** You can see how many flows are on your storyboard in the build pane. It also exists on your tenant-level reporting. ### Users Users in tines are any unique email address that logs in to your Tines tenant, regardless of access level. #### **What doesn’t count toward your user limit?** Anyone interacting with Tines from outside the tenant, i.e. from a prompt or page. ### Teams Learn about Teams [here](https://www.tines.com/docs/admin/teams/). ### Event Limits #### **What are event limits?** This is the monthly or daily limit for how many story runs can happen. The number resets at the end of each limit period (monthly or daily). [Learn more here in our docs](https://www.tines.com/docs/events/#daily-event-limits). #### **What happens when I reach them?** We’ll notify you when you’re 80% of your event limit via email. If you reach 100%, we’ll email you and stop the story that reached that limit. When a story reaches its event limit, it will wait to run any other events until the next day. If it’s a runaway story, you can always contact our support team for assistance. ### AI run-time credits [AI run-time credits](https://explained.tines.com/en/articles/12801399-ai-usage-and-credits) are used to run Al-powered features in Tines like the Al Agent action and Workbench. Community tenants are allocated 50 monthly AI run-time credits, which do not roll over to the next month. Users will not be able to top up Community edition tenants with more credits. ## HTTP Request Action 4xx Status Codes ## Overview When working with APIs, 4xx status codes are common throughout all platforms. While the messaging may slightly differ between integrations, these typically indicate an issue with authentication. The most common 4xx status codes you'll run into are: - `401 Unauthorized`: The server you are making the API call to doesn't recognize you. - Real-life example: You're at the airport, but you haven't shown your boarding pass or ID at security. The officer says, "You can't go through until you show your documents." - `403 Forbidden`: The server you are making the API call to knows who you are, but you don't have the proper permissions execute it. - Real life example: You’ve shown your boarding pass and ID at the airport, passed through security, but when you try to enter a restricted area like the cockpit of the plane, you're denied access since you are only a passenger. > **Tines Tip**: For help with setting up integration credentials in Tines, take a look at our [authentication guides](https://explained.tines.com/en/collections/3801629-authentication-guides) or our built-in [connect flows](https://www.tines.com/docs/credentials/connect-flows). ## 4xx Status Codes: Cause and solution ### Cause One: The credential does not have the proper permissions One of the most common reasons as to why an API call might return a 4xx status code is due to the credential that is in-use does not have the permissions necessary to execute the call. > 🟢 **Solution:** Check your integration's documentation to ensure that your credential is set up correctly and is active. ### Cause Two: The credential is not formatted correctly While the permissions of your credential may be correct, if it is incorrectly referenced within your HTTP Request action, a 4xx status code can still occur. > 🟢 **Solution:** Check your integration's documentation to ensure that you are correctly referencing the credential within your API request. Two common examples are: > > 1. Authorization Bearer Header: > > ![](https://downloads.intercomcdn.com/i/o/1056595200/73644eca1f249fa8bbabe69d/image.png?expires=1781611200&signature=5f61bdc297b6d40cc21ec5eed3999f47fdbc60cdf146de7c2ceca7f6c7455c13&req=dSAiEMx3mINfWfMW3nq%2BgXELypYhtV34esKQ3QfCeWimkHlGnlELRRAxgRjp%0AvuCeNNXD0UQKgm9ErMqberSvOFA%3D%0A) > > 2. Basic Auth: > > ![](https://downloads.intercomcdn.com/i/o/1056593693/6af9751f4bf1c40ca82a54a0/image.png?expires=1781611200&signature=39f3818d6a3a780eef076b0211b9e06a5bb93f8443a18d1f23ca14f7945c39f1&req=dSAiEMx3nodWWvMW3nq%2Bga%2FD4s2fTLSvIpFNnMsEdOCZIFf7cqbnKyCt%2FdjP%0AYySL1Zm6oebHhPv5DPCPrbjDQD8%3D%0A) ### Cause Three: The API method used is incorrect Some credential permissions only allow for certain API methods. > 🟢 **Solution:** Check your integration's documentation that the credential in-use can execute the API method you are attempting to call. Tines supports the following API methods: `DELETE`, `GET`, `PATCH`, `POST`, `PUT`. ## 4xx Status Codes: Troubleshooting checklist ☑️ Confirm the credential used has the proper permissions and is not expired. ☑️ Confirm the credential used is formatted as needed for the API call in-use. ☑️ Confirm you are using a credential appropriate for the API method you are calling. ☑️ Confirm you are able to run the API successfully outside of Tines (for example, in an API platform like Postman or through a cURL command). ## Need further assistance? Have questions or still seeing the error after working through the sections above? We are happy to help! ⬇️ [Contact Tines Support](https://www.tines.com/contact#support) **with the information below**, when available: > ℹ️ **General Information:** > > - Describe the behavior in detail, including steps to replicate (*we recommend providing this information via a screen prerecording*). > > - A documentation link to the API call you are attempting to make. > > > ℹ️ **Story Details:** > > - The action configuration(s): You can copy + paste actions into a code block; this will provide the configuration of the action(s) in a JSON format so that Tines Support can use it into our test environments. ## HTTP request action example - Bulk request ## Overview Some platforms offer API endpoints that handle **bulk requests**. A **bulk request** allows you to send multiple requests at once, rather than one by one. This is useful when you need to make many updates in a short period of time. ## Tines references Before getting started, we recommend familiarizing yourself with the surrounding functionality this article covers: - [Tines - HTTP request action](https://www.tines.com/docs/actions/types/http-request/) ## Make it happen ### **Scenario** ![](https://downloads.intercomcdn.com/i/o/am0g137l/1451060542/b261188efb9d62adf3df820deb4e/image.png?expires=1781611200&signature=44b104f6e8a9b4e28cd0a130c696cc70271dbcf3fc3c0c6bd9ff221ae8eff964&req=dSQiF8l4nYRbW%2FMW3nq%2BgT4bozQ%2B7ug0Z4ENQU8RoCYVDRswMYQqfzgDUUTc%0ALDfgRhP9GhNuWyRG5q4NNrUjmr4%3D%0A) Invite multiple users at once to a message channel. 1. In the storyboard, pull in an **HTTP Request** Action. 2. **Name** the action something relevant, like “Get US Addresses.” 3. Delete the **Payload** section of the action. 4. For the **URL** of the action, type `https://tinestutor.com/webhook/1fff5794f8357ed4af7769e4af1d4272/0d31417ab3a249f9ed1a6e470cb64564?channel_id=C01MYA737L0&users=angie@tines.io,yanni@tines.io`. 5. Change the **Method** of the action to `POST`. 6. Click **Run** to run the action. 7. See the results in the action’s **Events** panel. ## HTTP request action example - Filtered request ## Overview A **filtered request** allows you to narrow down the data you’re asking for. This is useful when you're dealing with a database or service with a lot of data. ## Tines references Before getting started, we recommend familiarizing yourself with the surrounding functionality this article covers: - [Tines - HTTP request action](https://www.tines.com/docs/actions/types/http-request/) ## Make it happen ### Scenario ![](https://downloads.intercomcdn.com/i/o/am0g137l/1451064632/067e13a846518374f9555f132d21/image.png?expires=1781611200&signature=5b559750ba9073247ba98b35f659ace836f19e0b5ea736ebe5bb27864ae68125&req=dSQiF8l4mYdcW%2FMW3nq%2BgYKS5WhuB3DZUU%2BLPiMDX%2BPRa5gf%2BxefeCtvonDs%0AY0j8lt0MFIA6ImdM9QT3H5I%2B%2BT0%3D%0A) Instead of pulling a full list of addresses, only ask for US-based addresses. 1. In the storyboard, pull in an **HTTP Request** Action. 2. **Name** the action something relevant, like “Get US Addresses.” 3. Delete the **Payload** section of the action. 4. For the **URL** of the action, type `https://fakerapi.it/api/v2/addresses?_country_code=US`. Notice how we are filtering the request to only pull US addresses. 5. Change the **Method** of the action to `GET`. 6. Click **Run** to run the action. 7. See the results in the action’s **Events** panel! ## HTTP request action example - Request with authorization ## Overview **Authentication (also sometimes referred to as just Auth)** is required when the service you’re calling via an HTTP request action needs to know that you are allowed to access its data. ## Tines references Before getting started, we recommend familiarizing yourself with the surrounding functionality this article covers: - [Tines - Credentials](https://www.tines.com/docs/credentials/) - [Tines - HTTP request action](https://www.tines.com/docs/actions/types/http-request/) ## Make it happen ### Scenario ![](https://downloads.intercomcdn.com/i/o/am0g137l/1451066553/0652976dabda1e88ffd5617206b7/image.png?expires=1781611200&signature=4ba7c3f716b1aa7aaa79ea283cff643f19e995f03cffd84d9ddc14c0f68c8418&req=dSQiF8l4m4RaWvMW3nq%2BgafXr%2BhgopkPgFZzsyG9KaTdmdFaKlr9nfUZyLzA%0AKXQ2VN5X2iETyxzRdrItmdJREfo%3D%0A) Using the [Simple Weather API](https://www.weatherapi.com/api-explorer.aspx) (which requires an **API token**), ask for weather data for a specific city by providing the city's name or postal code. 1. Navigate to your **Credentials** page. 2. Click **\+ New** > **Simple Weather API**. 3. Once the credential is created, navigate to your storyboard. 4. In the storyboard, pull in an **HTTP Request** Action. 5. **Name** the action something relevant, like “Get Dublin Weather.” 6. Delete the **Payload** section of the action. 7. For the **URL** of the action, type `https://v1.simple-weather-api.com/api/public/weather?location=Dublin&key=`. After the `key=` value, add a value pill via the **+** icon > **Value** option. Insert the following into the pill: `CREDENTIAL.simple_weather_api`. 8. Change the **Method** of the action to `GET`. 9. Click **Run** to run the action. 10. See the results in the action’s **Events** panel! ## HTTP request action example - Request with parameters ## Overview Sometimes, you need to add **parameters** (extra information) to your HTTP request to be more specific about what data you want returned. ## Tines references Before getting started, we recommend familiarizing yourself with the surrounding functionality this article covers: - [Tines - HTTP request action](https://www.tines.com/docs/actions/types/http-request/) ## Make it happen ### **Scenario** [Watch video](https://www.youtube.com/embed/cvgCmtOqg7Y?rel=0) Ask for the current price of Bitcoin in US dollars (USD). 1. In the storyboard, pull in an **HTTP Request** Action. 2. **Name** the action something relevant, like “Get USD Price of Bitcoin.” 3. Delete the **Payload** section of the action. 4. For the **URL** of the action, type `https://api.coingecko.com/api/v3/simple/price?ids=bitcoin&vs_currencies=usd`. Notice the parameters being passed in the URL after the question mark (`?`). 5. Change the **Method** of the action to `GET`. 6. Click **Run** to run the action. 7. See the results in the action’s **Events** panel! ## HTTP request action example - Simple GET request ## Overview Making a simple request can be something like asking another system for some basic information, for example, pulling a list of users or getting data from a database. ## Tines references Before getting started, we recommend familiarizing yourself with the surrounding functionality this article covers: - [Tines - HTTP request action](https://www.tines.com/docs/actions/types/http-request/) ## Make it happen ### **Scenario** [Watch video](https://www.youtube.com/embed/kFKBEsIdlmE?rel=0) Ask for a random cat fact. 1. In the storyboard, pull in an **HTTP Request** Action. 2. **Name** the action something relevant, like “Get a random cat fact.” 3. Delete the **Payload** section of the action. 4. For the **URL** of the action, type `https://catfact.ninja/fact`. 5. Change the **Method** of the action to `GET`. 6. Click **Run** to run the action. 7. See the results in the action’s **Events** panel! ## HTTP request action example - Templatize request ## Overview **Templatizing** a request means creating a reusable request template. Instead of writing the same request multiple times, you can create a generic template and fill in the details as needed. ## Tines references Before getting started, we recommend familiarizing yourself with the surrounding functionality this article covers: - [Tines - Action templates](https://www.tines.com/docs/actions/templates/templates/) - [Tines - HTTP request action](https://www.tines.com/docs/actions/types/http-request/) ## Make it happen ### Scenario ![](https://downloads.intercomcdn.com/i/o/am0g137l/1451070293/a40966a9f6a6e13da14ea4f051e8/image.png?expires=1781611200&signature=515b71c23dbc45262d82c5391b0b010df034e3adf7b453ff7c0a03a57ed83b62&req=dSQiF8l5nYNWWvMW3nq%2BgVIhYnDb%2B8F2tZqsbe4J4U4tPxRL5GfTrEbHeowK%0Aiy1aKoPRZRpRMoeraauiqJbz5eI%3D%0A) You might have a request template for inviting a new user, but every time you use it, you'd only need to change the user’s name or email address. To [save an action as a template](https://www.tines.com/docs/actions/templates/private-templates/) to use in the future: 1. Click the action tile. 2. Click the three-dot menu. 3. Click **Create template**. ## HTTP request action example - Tines templates ## Overview Tines offers thousands of templates for a vast array of 3rd party platforms via **[Templates](https://www.tines.com/docs/actions/templates/templates/)**. ## Tines references Before getting started, we recommend familiarizing yourself with the surrounding functionality this article covers: - [Tines - Templates](https://www.tines.com/docs/actions/templates/templates/) ## Make it happen ### Scenario [Watch video](https://www.youtube.com/embed/AxcHydexa_s?rel=0) Need to list all users in your Slack workspace, but don't know where to start? Check **Templates** to see if Tines has already built the HTTP request to get this done! 1. On the storyboard, navigate to **Templates**. 2. Search for Slack. 3. Drag the Slack tile onto the storyboard. 4. In the right-hand search, type in “List all users”. 5. Select the “List all users” template. 6. Now, you can set up the action as needed to successfully run this API. ## HTTP request FAQs ## Are HTTP request actions sent using HTTPS? Yes, HTTP request actions are sent using HTTPS. ## How can I see the whole URL used in an HTTP request? You can check the details of an HTTP request using the test function in Tines. Select the action, click "Test", then click "Log". ![](https://downloads.intercomcdn.com/i/o/am0g137l/2207744361/e895d3d4ec0caf20e708f15af123/test+http+request+logs.gif?expires=1781611200&signature=cee1127d6b7b005c1ea9681131279d415d015071dc306dd00a7015a161be5dc2&req=diInEc56mYJZWPMW3nq%2BgbNqEcKIvHkiRoGGN3tWulOLLp3hHB5z8o7PAhew%0A%2Fs0RqKIqSo4pbgM%2BalWqw34kcoQ%3D%0A) The credentials will be redacted, and there is also an option to "Copy request as a cURL command" for debugging and troubleshooting. ## What is the max HTTP request size? There is a 30 MB limit on HTTP requests. ## How does Tines handle API retries? With the HTTP request action, you can use the "Retry on status" or the "Retries" options available for the action. Select the HTTP request action and click "+ Option" to set these. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2209016661/a057667ff96fec1ac9cfc129ee6a/retries.gif?expires=1781611200&signature=e5090ef2a75953a75b3e7338204a70cdb0f707a3b301eb1e458420f5447db7b0&req=diInH8l%2Fm4dZWPMW3nq%2BgYPIux8aemAFGhPq8rT9sTLxK%2FN0QrZ01mLjt5N%2B%0ATCjZm%2BWMwCkidadzucD%2F4O1md5c%3D%0A) This lets you choose how many times to perform a retry on the HTTP request action if it fails the first time. Leverage the "retry on status" to determine what status codes it should attempt a retry - like 429. 429 is the status code for a service being busy. When "retry on status" is enabled, Tines will silently attempt a retry up to 25 times, but this figure of 25 can be reduced using the "retries" field. ## Will an HTTP request emit an event if it returns an error or no response? An HTTP request will emit an event if there is an error returned or a timeout. You can configure the option to "Retry on Status" which is available by pressing "+ Option" on the properties panel. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2209021354/c2b60db43eca9d090cdb47e42867/retry-2Bon-2Bstatus.gif?expires=1781611200&signature=c05fa16357a861aa984d496b1cd1ff628ec0798eeb62c8996c3aa1c4fd2ef93c&req=diInH8l8nIJaXfMW3nq%2Bgdk5qrAU7ev3pCC8LUnMl5as6RBFlVRAN1dF%2BRGr%0ADP39lFfxpAfvE3AKcaKC3v4v7QA%3D%0A) An HTTP request will emit an event if it successfully completes the call. If there is an error in the URL or the pill the HTTP request will not emit an event. ## How can I change the default timeout for an HTTP request action? You can alter the time out for an HTTP request action in Tines by selecting the action, then on the properties panel, selecting "+ Option" and selecting "Timeout". ![](https://downloads.intercomcdn.com/i/o/am0g137l/2207745771/818260d7c0991754d8d1280f915a/Timeout.gif?expires=1781611200&signature=af8d824503fb626e5a5d5592867ab5c83e7bb95dce363a2de7b35fa3258f2f31&req=diInEc56mIZYWPMW3nq%2BgaA2qLP0UEMHTFpMlaTknfprcwqWIfPOyAtYImms%0Ak%2F4UdiV1BJI9nwnyQUSBYu5pM9M%3D%0A) The default setting is 30 seconds. > For more information on HTTP requests, read our docs [here](https://www.tines.com/docs/actions/types/http-request/). ## Hybrid Analysis Authentication Guide Submit malware for free analysis with Falcon Sandbox and Hybrid Analysis technology. Hybrid Analysis develops and licenses analysis tools to fight malware. ## First, get a Hybrid Analysis API key 1. Login to your Hybrid Analysis account ​ ​ ![](https://downloads.intercomcdn.com/i/o/910236612/5c3c5471e792f24ab3f49df8/image.png?expires=1781611200&signature=9ee361d385eebbf4ad5586f68d99e506c5254cd897cdad7dc789daea4c138297&req=fSEnFMp4m4BdFb4V1XW4gRLs%2BzD3Bjtop5XmHbZgEjCSvE2zgWlh8FC7fVmh%0ASYgSic0CRCHLISFjxWU8wmU7Rg%3D%3D%0A) ​ 2. Click on your user account and then click "Profile" ​ ​ ![](https://downloads.intercomcdn.com/i/o/910237054/052830e65af4c367afa591f8/image.png?expires=1781611200&signature=62f4a0b83051a3a33f4c44bc696167899b76e8c182d92b4193923603fe74ded8&req=fSEnFMp5nYRbFb4V1XW4gZfxp55fOlqNqD2%2FE%2B9LDkmumfXO%2BDvQbvr9Hrv%2F%0AL5nlGrwV0FI5FpqI2Ma%2BJKpFdA%3D%3D%0A) ​ 3. Click "API key" and "Generate an API key" 4. Copy your API key ![](https://downloads.intercomcdn.com/i/o/910237948/791258e95d8c649c9fcdccf0/image.png?expires=1781611200&signature=09dc81b20f4dd9a3e4d224776c69dc87bde70760084a3b845e3be5a9da6180f4&req=fSEnFMp5lIVXFb4V1XW4gYHBGtBpbojeJGvKuUeh165YFbs%2B%2BhfHTUAvxRRy%0AZ8rB2PvuR9y8ZuQk%2FIXiatIheg%3D%3D%0A) ## Then, create a Hybrid Analysis credential in Tines **Hybrid Analysis connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Hybrid Analysis" and follow the prompts to connect. **Manual credential creation** This method is not recommended as the Hybrid Analysis connect flow creates this credential with much less complexity. However, if you need to create this credential set manually, see the following steps below: 1. Click "+ New Credential" and select "Text" 2. Input the values for the Hybrid Analysis credential 1. **Name:** Required 2. **Description:** Optional 3. **Value:** Your copied API key value 1. **Domains:** \*hybrid-analysis.com 2. **Access:** What other teams can also use the API > **Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/hybrid-analysis).** > > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Hybrid Analysis** **stories in the [story library](https://www.tines.com/library?s=hybrid%20analysis&view=all)** ## If I use a Trigger with multiple rules, do all rules have to be matched or just one? A trigger with multiple rules acts in an AND fashion. All rules must be satisfied for the action to work. You can use “must match” in an individual trigger action to specify “OR” For example, using must match 1 acts as an OR. ## If JIT is enabled and SSO page restrictions are used, does assigning a user to the Tines SSO app also grant tenant access when viewing a page? When JIT is enabled in a tenant and **SSO-group-based page access** for pages is enabled, Tines will not add a user to the tenant when they open a page as long as that user does not exist in an SSO group mapped with JIT. This is true for all page **Access control** options. For example, if a user is assigned to the Tines app in Okta, but this user is *not* in any SSO groups, JIT will not add them to the tenant when they access a page, as there's no SSO group to associate them to. > For more information on SSO in Tines, read here: > > - [Pages - Controlling end-user access](https://www.tines.com/docs/pages/distribution-and-access-control/#controlling-end-user-access) > > - [Single sign-on](https://www.tines.com/docs/admin/single-sign-on/) > > - [JIT](https://www.tines.com/docs/admin/user-administration/jit/) ## Imperva WAF Authentication Guide Imperva's Web Application Firewall (WAF) provides out-of-the-box security for your web applications. It detects and prevents cyber threats, ensuring seamless operations and peace of mind. Protect your digital assets with Imperva's robust, industry-leading solution. You will need the following to create an Imperva WAF credential - Imperva WAF username - Imperva WAF password ## Create an Imperva WAF credential in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "HTTP Request" 4. Input the values for the Imperva credential 1. **Name:** Imperva 2. **Description:** Optional 3. **URL:** `https://{host:port}/SecureSphere/api/v1/auth/session` 4. **Content Type:** JSON 5. **Method:** post 6. **Payload:** NA 7. Click "+ Add Option" and select "Basic Auth" 1. Replace `username` with your Imperva WAF username 2. Replace `password` with the value pill `<>` 8. **Secret:** Your Imperva WAF password 5. Click "Save" 6. Click "Run request" and double-click on the `session-id` key to copy the path. 7. **Location of token from response:** Paste the path to the token in the value pill, `imperva.body.session-id` 8. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains 2. **Access:** What other teams can also use the API 9. Click "Save" Your credential should look like the following: ![](https://downloads.intercomcdn.com/i/o/956916681/ac7973be42c27c5a5055744c/image.png?expires=1781611200&signature=b4c9daf525919ccbb539463935399c105db477240a1219031c7286668a25fe26&req=fSUhH8h4m4leFb4V1XW4gYW91dc%2BOK6uHSmUi7kGEPhu3wOn7zxarvBmyhpz%0AFd752jvRWcSwQ6hKMBjU%2FoPpTA%3D%3D%0A) ![](https://downloads.intercomcdn.com/i/o/956917005/4ddec08131ab31205f6c182d/image.png?expires=1781611200&signature=c0d6df8f2557a7473c80eb4c9564c73cbe891a2be1fd042bd2fb69fb45b3d1ee&req=fSUhH8h5nYFaFb4V1XW4gcQkRZGbOOfkmRowNMOUPAvZw21FV6Pa1FyXulN2%0AbwUDOlpyhCywNtfMYdGbuEA7qw%3D%3D%0A) ![](https://downloads.intercomcdn.com/i/o/956917317/caa2da5f59c8e898c3eb1947/image.png?expires=1781611200&signature=d60b63df058078703cabaaaa85b55b0e36ca25e6bd5313a89f85cee67f8a8a2f&req=fSUhH8h5noBYFb4V1XW4geap17QHBfnavNeKhF2MoL8IkOWA0nlNKunNTpwm%0AQgE1A1q%2FahBHuFsbWbmchSug8w%3D%3D%0A) > **More on creating credentials in Tines [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can also find a selection of Imperva WAF stories in the [story library](https://www.tines.com/library?view=all&s=imperva+waf).** ## Important change in connecting with Microsoft Teams Recently, Microsoft announced it will be [retiring its Office 365 connectors within Microsoft Teams](https://devblogs.microsoft.com/microsoft365dev/retirement-of-office-365-connectors-within-microsoft-teams/). Starting August 15, 2024, all new creations must be built using the Workflows app in Microsoft Teams. Existing connectors within all clouds will continue to work until December 2025; however, using connectors beyond December 31, 2024 will require additional action by the user. Connectors, or webhooks, are essential to everyday workflows because they direct content and updates into a Teams channel, preventing users from needing to go to a third-party service for updates on alerts or notifications. We understand that many Tines customers have such webhooks set up in their stories that allow them to send messages from Tines to Teams. ## What can Tines builders do? For builders that are currently sending messages from Tines to Teams via a webhook, you will need to [set up a Microsoft Teams credential](https://explained.tines.com/en/articles/8677501-microsoft-teams-authentication-guide) that communicates with the channel directly. From there, builders must update the action within their Tines story accordingly. Follow our [Microsoft Teams Authentication Guide](https://explained.tines.com/en/articles/8677501-microsoft-teams-authentication-guide) for step-by-step instructions on creating a Microsoft Teams application with delegated permissions tied to a user or service account. If your organization requires a more custom Microsoft Teams credential, follow our [Microsoft Graph Authentication Guide](https://explained.tines.com/en/articles/8210263-microsoft-graph-authentication-guide) for steps to enable your preferred custom scopes. Alternatively, Tines has many Teams templates available to pull into a story. As a starting template, our recommendation is to use “Send an adaptive cards message in a chat.” You can find this template by either searching through the Microsoft Teams templates or searching for the template within the storyboard command palette via `Cmd+K`. A chat ID is required, which will point to the individual or channel you wish to receive updates. ``` NOTE: if you are sending communications to Tines from Microsoft Teams today, no action is required. ``` ## Importing and exporting stories Along with creating stories from scratch, Tines also allows you to import and export stories. Need a refresher on stories? Read [this article](https://explained.tines.com/en/articles/12688464-stories-in-tines) on stories in Tines. ## Importing a story To import a story in Tines: 1. In the top right-hand corner of the stories page, click the drop-down menu located next to the **New** button, and select **Import Story**. 2. Upload your JSON file. You can either click to upload the file or drag and drop the JSON file into the upload area. 3. (Optional) Rename your story during the import process. 4. Click **Import**. The imported story will open immediately, allowing you to continue building it. This short video will walk you through the above steps: [Watch video](https://www.youtube.com/embed/qYHJ3Ursd-U?rel=0) ### Version limits for importing story exports There are no version limits. Tines maintains backward compatibility for story imports. > Tines Tip: In Tines, the story export JSON file captures a snapshot of a story's configuration, enabling it to be re-imported into another team or tenant. This file's schema includes the necessary configurations for the story to run, excluding resources, credentials, and data generated by the story (i.e. action events). ## Exporting a story To export a story: 1. On your stories page, click the 3 dot icon on the story you want to export. 2. Select **Export**. 3. Check the boxes if you want to randomize page/webhook URLs and/or clear email addresses and monitoring recipients. 4. Click **Export**. 5. The file will download. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2222824821/3cfba763d16d09803428bd8095b3/Export+a+story.gif?expires=1781611200&signature=dc43750643f690c1cd2eb8774b10ea15e484357adfb017aa5df4c7eda2c3809d&req=diIlFMF8mYldWPMW3nq%2BgTtUJnKNSGMB68WWW%2F7DvJjB694Ts2wdy2bx3jjJ%0AWMta2c6YblRk24JidDR7TFQ3VCg%3D%0A) ### Export a story as an image 1. Export your story as an image via the three-dot menu within your story. 2. Select the "Save as image" option. 3. Your file will download as a PNG file. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2222826446/bdd21907136089cd13bc9699a3f3/Export+story+as+image.gif?expires=1781611200&signature=0992d4f9f434f843d984613273cd50738c83579150698ee922f85223a8ace5d0&req=diIlFMF8m4VbX%2FMW3nq%2BgSpsTspKXAgzX6YC3K53pTlFHLXJWAYry3ZNGD%2F8%0APWSmBspjCf4TVMSUabDv5t33Lec%3D%0A) ## Can't select your tenant when importing a story from the story library? If you are using a self-hosted tenant or single sign-on for a cloud tenant, you may encounter a situation where you cannot select your tenant when importing a story from the story library. To resolve this, either: 1. Go to https://login.tines.com/saml\_idp/choose\_tenant 2. Select switch tenant from the menu as below. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2302093998/46f74989b2dc83733c46653eed57/switch+tenant.gif?expires=1781611200&signature=e33be55a7dd8529b3493cd15a3d4b8575a5f269e8518a57fbe47e45a8dc787e5&req=diMnFMl3nohWUfMW3nq%2BgdMLEGddcquFTgbOX9SNUql4W56SxC%2Baf7cTXsPH%0AWgqGtL0LEkDqdazoJbc9XaTZ%2BXs%3D%0A) - Select "Add a self-hosted tenant" from the options available and enter your tenant ID. This will work for both self-hosted and cloud tenants if needed. > Read more about stories in Tines in our docs [here](https://www.tines.com/docs/stories/). ## Infoblox BloxOne Authentication Guide Infoblox delivers essential technology to enable customers to manage, control, and optimize DNS, DHCP, IPAM (DDI). Infoblox’s patented Grid™ technology helps businesses automate complex network control functions to reduce costs and increase security and uptime – building bulletproof, scalable, and efficient networks. ## First, get an Infoblox API key 1. Login to your Infoblox account 2. Click on the user menu and then click "User Profile" ​ ​ ![](https://downloads.intercomcdn.com/i/o/934370757/5315f69e6602c670666a40bf/image.png?expires=1781611200&signature=3c0a803063c1390818ca0a1378cb2eff0954962638b06fbb53c2ebe88e8ad7dd&req=fSMjFc5%2BmoRYFb4V1XW4gcqGgHHojksZi7mxMZP7In9hC0UTT%2FRu23BLibKV%0Ab9ZYnO7dLCe%2BwOlK%2F5Um7Hfhrw%3D%3D%0A) ​ 3. Click "User API Keys" and then click "Create" ​ ​ ![](https://downloads.intercomcdn.com/i/o/934371121/135fb266f61678021180b791/image.png?expires=1781611200&signature=45eeaafb7c0469bd38341249e2df6682ed4caf177823731a95970b3ff83544c1&req=fSMjFc5%2FnINeFb4V1XW4gcVDQBnSV358Ab5dBSwdQ9ZyZUEGYsHS7fqjidLn%0ArNfhzbfgqb3bxKQfw6%2BUeKMLDQ%3D%3D%0A) 4. Name the API key, choose an expiration date, and click "Save & Close" ​ ​ ![](https://downloads.intercomcdn.com/i/o/934371660/def0ec97326129c58d9f5fbf/image.png?expires=1781611200&signature=37727ee2cffdd5d7cddf3d9525672b8a64a25068c2d6feb54a218f24c60410be&req=fSMjFc5%2Fm4dfFb4V1XW4geZ4lW9nwO6jeMbUiZEGGHOa2g6X%2BwO5oCX9%2BQgu%0A%2BVE4sh%2Fwqrvw8%2Bbled1%2BtvI5wA%3D%3D%0A) ​ 5. Copy the API Key to a text editor and click "Close" ​ ![](https://downloads.intercomcdn.com/i/o/934372116/73aa58fbb0b89bbb1b525c57/image.png?expires=1781611200&signature=6029ee4f329a7461364cb0458b3aa3bca291200b02d5e5c71febb75d3e617083&req=fSMjFc58nIBZFb4V1XW4gRe5rIEIPd%2B2F3SvcotrIb04gr8F3tR2ekMMZ56C%0AVN5vUI36yey%2FpkfwM8u8FcTjzQ%3D%3D%0A) ## Lastly, create an Infoblox credential in Tines **InfoBlox BloxOne connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "InfoBlox BloxOne" and follow the prompts to connect. **Manual credential creation** This method is not recommended as the InfoBlox BloxOne connect flow creates this credential with much less complexity. However, if you need to create this credential set manually, see the following steps below: 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Text" 4. Input the values for the Infoblox credential 1. **Name:** Infoblox BloxOne 2. **Description:** Optional 3. **Value:** Your API key 4. **Domains:** csp.infoblox.com 5. **Access:** What other teams can also use the API 5. Click "Save" > **Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/infoblox-bloxone).** > > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Infoblox** **stories in the [story library](https://www.tines.com/library?s=infoblox&view=all)** ## Integrating Microsoft Teams with Tines App Studio had been used to create Apps in Microsoft Teams, but this has been deprecated by Microsoft. Users are now required to build apps via other means. This guide will walk you through how to create an app and bot using the Developer Portal app and the Azure Portal. Some steps require elevated privileges. These have been flagged to the best of our knowledge with the least-privileged access role required to complete the setup. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1726589534/038a7e21f0f903e59cb7a31849ed/Untitled.png?expires=1781611200&signature=7de1f0bb485fc42035b1ab2e1f9ab91bc057f1fdcf85351eba00f04938811db9&req=dSclEMx2lIRcXfMW3nq%2BgW00mXk209GLEzrcJ0KXDrLR5tC7zFfLZMBUGOGf%0AYuYx6u67DEKdSuS5L6c1dx9Qv6c%3D%0A) #### Checklist of items you will create in this guide: ##### Microsoft Teams: 1. Application ID/Client ID for your App 2. Bot ID for your Bot 3. Client Secret for your Bot ##### Tines 1. OAuth 2.0 Credential 2. MS Teams Channel ID Resource 3. Microsoft Service URL Resource The process for building an App and Bot can be divided into 6 parts. * * * ### Part 1 - Build your App In Microsoft Teams, ensure you have the [Developer Portal App](https://teams.microsoft.com/l/app/14072831-8a2a-4f76-9294-057bf0b42a68?source=app-details-dialog) installed. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1726627416/bf215194a75225e89fb3b301c34e/Untitled%2B-281-29.png?expires=1781611200&signature=ae9a1b3ab2b5bb8a68bb6219ace4391511ff1b385a1d626e644b542b79eb3d49&req=dSclEM98moVeX%2FMW3nq%2Bgb10dPlDujvbSUaorxVYiENptWLsl2J3K3UL9hvU%0AyBtrsBtOAuxX7EOulKDqRLRP0aM%3D%0A) 1a. Install the App, if necessary. On successful install, you will be presented with the option to open the application: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1726602492/58e0601ed20a56a2669731031e1a/Untitled+%282%29.png?expires=1781611200&signature=54a8aeffc9acf34d36b2ec0f7469ddb19d177f7216d313b323a95ef69ad208ed&req=dSclEM9%2Bn4VWW%2FMW3nq%2Bgd9zbcuQ5DZ0tAjELcWSTDlkNUPAzeryHoyxgBXV%0AO1p7o14pXD5HaU7MBr5ZjXhGTJ0%3D%0A) 2\. Open the [Developer Portal App](https://teams.microsoft.com/l/app/14072831-8a2a-4f76-9294-057bf0b42a68?source=app-details-dialog) then navigate to **Apps** tab. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1726627415/076b52de399169b255094b0ebbb4/Untitled%2B-283-29.png?expires=1781611200&signature=758b5d98b0a6b9ec11a2d4f08f4888eedc15289b0bcc2166f64396c0cabe35f2&req=dSclEM98moVeXPMW3nq%2BgViL%2F%2BhUBzdmja4GOp%2FhELLJQKr%2FTdPQgqJdCt00%0ARaPApe0yhau0ba6%2BF6VU8M26Ais%3D%0A) 3\. Create a new App by clicking on the `+ New app` option. Give the app a name and click `Add`. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1726627414/eb9838a42e1b0a55759a23acbe98/Untitled%2B-284-29.png?expires=1781611200&signature=66ef4a73f21c04e0be47d6d3e26b65420fef0e98f846c265f53b50e2ca08310c&req=dSclEM98moVeXfMW3nq%2BgQM6T5mvCd3gVbFORqfnezyvgb8sVNg1sHbJ1%2BE7%0AqVEjiYtFAVR8HHRgqdnsKhklUeQ%3D%0A) 4\. Fill out the following fields: a. Short Description, Long Description, Developer Name, Website, Privacy Policy, Terms of Use, Application Client ID (should be the same as your App ID) b. Examples: 1. Short Description: `App for Tines automation` 2. Long Description: `App which allows the Tines automation solution to send and receive Teams messages and adaptive cards.` 3. Developer Name: `Tines` 4. Website: `https://tines.com` 5. Privacy Policy: `https://tines.com/privacy` 6. Terms of Use: `https://tines.com/terms` 7. Application (client) ID: `c8xxxxx7-5xx9-4xxb-yxx1-gk7xxxxxxx67` c. Make a note of your `App ID`, then click on **Save**. Optional Step: Branding Upload your branding (logo, icons, etc), if desired. Note the mandatory requirements for pixel size and transparency. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1726608084/1f2accb50c788b033aeb1ec492e2/Untitled+%285%29.png?expires=1781611200&signature=ccc998d95ded81cb9a75af2aff39f6fa3447be1e130120035a870a7b7cbb80d5&req=dSclEM9%2BlYFXXfMW3nq%2BgQnI4X4cscmnR7SsxjxZ7GHgKeQ3ZM4ducgGvbEE%0AFld46jSq86Fs6wLqmETub0TBlYA%3D%0A) ### Part 2 - Create a Bot to add to your App > 💡 These steps require elevated privileges. To create a bot, you will need at least the [Application Developer](https://docs.microsoft.com/en-us/azure/active-directory/roles/permissions-reference#application-developer) permission. 1\. In the Developer Portal, navigate to **Tools** tab and select **Bot Management**. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1726630199/6e53c1485312fa62c5e9afe54d5e/Untitled%2B-286-29.png?expires=1781611200&signature=572bbd08d573bb93eefaaeb729843b13e529515f4366a75a76047088d2b2116f&req=dSclEM99nYBWUPMW3nq%2BgVFfDUIedrQDm93iUbS%2FLicvCnG2%2Bwu2x9N10UuM%0A2eVU1JyV5N2%2BBRy2klD6NbnloDg%3D%0A) 2\. Click `+ New Bot`. Give the bot a name and click `Add`. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1726630202/941f66cab25e42acf1381fd4ab4e/Untitled%2B-287-29.png?expires=1781611200&signature=ebd07bdd2b05fb3d7edff2e7b5d3e722bb4b7e4b79e185e6e218605b21f526f5&req=dSclEM99nYNfW%2FMW3nq%2BgbMyWb9ZEo5moYE%2BtdUEGStok%2BWVMy0L%2FEEdMGqh%0ALWceeFslyKZ7LOLAc7YcCr%2BT5TI%3D%0A) ![](https://downloads.intercomcdn.com/i/o/am0g137l/1726630197/97506b38ce92b19019d67024806e/Untitled%2B-288-29.png?expires=1781611200&signature=dc6ba55d8f09d76272b8a9b0ce8b4695ca1fdbac83587c72f340a00482edbf1a&req=dSclEM99nYBWXvMW3nq%2BgR3dRwT2WmWTfVjysiYtDpuKHDNZ9mxawEwvU3Zi%0AZi6aZ8Vl5I2h8HwKYnlSqVItOOM%3D%0A) 3\. On successful creation of the bot you should see a message displayed with your bot name. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1726630201/0ae29250e595b3f27a3f2dd1b4d0/Untitled%2B-289-29.png?expires=1781611200&signature=a532592fc0d6f271eca22e967e0de6dde5f91d5050c313efc2e707d283699584&req=dSclEM99nYNfWPMW3nq%2BgcJxbqYAGtyUEVavIa%2BKpyhGsUrz89Yj5UFklq71%0AGoFJJvdGy55RChaWpWXW5KOKTwI%3D%0A) 4\. Navigate to **`Client secrets`,** then click **Add a client secret for your bot.** ![](https://downloads.intercomcdn.com/i/o/am0g137l/1726630196/23995094050b2bd5a070ed0d8fff/Untitled%2B-2810-29.png?expires=1781611200&signature=c0ba97ad18a0796c18c44fcdc5d0a5b1ffcc0bb5cab4436addf418cf58c9352f&req=dSclEM99nYBWX%2FMW3nq%2BgUdXhLmZTnPGzUE%2FtDMUQbmSKmwlj8mGk5cTrah4%0A4vGKeP5i%2F7DbRrNcMNzw%2BtMi8ew%3D%0A) 5\. A new client secret will be generated. Make a note of this, as it is the **only time** the secret displays. This will be needed to configure the [OAuth2 credential in Tines](https://explained.tines.com/053303244f8b4653b05043da274e3b87#eae6f7418d4944b698b20847fd5fcb67). After you have noted it, click **OK**. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1726630207/37638b27eb31ecc670b64d4b9509/Untitled%2B-2811-29.png?expires=1781611200&signature=593608bfe5720a2eedfcae7063a5dfb20684457d6635d60ab068188a7297441e&req=dSclEM99nYNfXvMW3nq%2BgWIlff62a5Ow3Uk2Xv0AlxgFt8U%2F%2FXH5YeTDi4xI%0Ae6L8xNv3LxS6yVbwlaXTdzdAlUI%3D%0A) 6\. Navigate back to the `Bots` tab and make a note of your `Bot ID`. This will be needed to configure the [OAuth2 credential in Tines](https://explained.tines.com/053303244f8b4653b05043da274e3b87#eae6f7418d4944b698b20847fd5fcb67). ![](https://downloads.intercomcdn.com/i/o/am0g137l/1726630225/e0f1e922d32cce0c715f05fc8af2/Untitled%2B-2812-29.png?expires=1781611200&signature=0baae9cf996ca32fd92fb52042c4eb54373aa423305ea58c2c20fe89030420ce&req=dSclEM99nYNdXPMW3nq%2BgS7L61F%2FGIkEbuMyhCg8uOXFGfubg01yMW6V%2B1ZV%0AGV62QA1oYxDrGIspYbW5jU0x9Lk%3D%0A) 7\. Click into your Bot and navigate to **`Client Secrets`** and click on the [Azure link](https://portal.azure.com/#view/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/~/RegisteredApps) which will take you to an `Application Registration Page` in your Azure Portal. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1726630200/3766f42a70ce5714bd27a3794ea1/Untitled%2B-2813-29.png?expires=1781611200&signature=ff3fa92acf029c1d8c063d0c3f04697190738da72bcc8e99ced9bd52d20b99c7&req=dSclEM99nYNfWfMW3nq%2BgXhFx%2BhqyCvm8TaXf56JGmiSw5ppqfLPP5Y0wvpB%0Ae%2BIsTQjHIeJQgps3phjELSp049s%3D%0A) 8\. In the Azure Portal for App registrations, select your Bot with the corresponding `Bot ID` noted from [Step 6](https://explained.tines.com/053303244f8b4653b05043da274e3b87#c10a17ff333c4159b24f144061edf431). Click the Display name and it will take you to the app’s `Overview`. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1726630208/4d8c5700017c50cb5f69ebbeb56f/Untitled%2B-2814-29.png?expires=1781611200&signature=f41cd7c859b35532c7e941d8f910d2e30352f0f9ff1990ab3ce6b26212caf179&req=dSclEM99nYNfUfMW3nq%2BgV6CDa2dtjj38eFYuV8EcnaoDoQpYtqL9HOqsCp7%0A3T0iqPjO83G0vOXSZazEhpdsvhY%3D%0A) 9\. In the `Essentials` section, click on the `Add a Redirect URI` link. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1726630210/c0a6af9b848713f0dca34b64b24e/Untitled%2B-2815-29.png?expires=1781611200&signature=98d2533f30bc153bcec3f5d115678ae9b8b646c6671863be50ac34393117c96c&req=dSclEM99nYNeWfMW3nq%2BgbbtwToCewC%2BfSAUn%2F0VhSnYC%2BhFjj5AfH7NphXL%0AdEw5vffIRGxqK5ZSiv%2B1ZJ387gk%3D%0A) 10\. You will be brought to `Platform configurations`. Click `Add a platform`. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1726630215/c872a988d90e1a93ef1d8c073f8a/Untitled%2B-2816-29.png?expires=1781611200&signature=1410b6aca971d2c9c5f8dd0968c1d187caa5ebf2a3c4ebb3448ad74a9ef81ec8&req=dSclEM99nYNeXPMW3nq%2BgTX6LOCjfFYF7rFvzgFv%2FRhk6PH7%2FCCtSSza6RDb%0AGBM%2FzEkxm4dk%2FHDfxRCr2CnzjpM%3D%0A) 11\. Click `Web` under `Web applications`. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1726630211/376d6dded9532ea1a829a7fd1934/Untitled%2B-2817-29.png?expires=1781611200&signature=0e302dc2aa378e3eea1e564b92f2279da3e48f350688d9dfde7c756671765f82&req=dSclEM99nYNeWPMW3nq%2Bgagffkrw5aKo%2BcPmBEGN%2FqY0Qg2BbsqgMG3AyXih%0AlLgj19P4NKfzON%2BFWxWV5Ws2r5w%3D%0A) 12\. In the `Redirect URI` field, paste your OAuth2 callback URI. You can find this in the `Callback URL` section in a [Tines OAuth 2.0 credential](https://www.tines.com/docs/credentials/oauth/). You will be creating one for this bot [later on](https://explained.tines.com/053303244f8b4653b05043da274e3b87#eae6f7418d4944b698b20847fd5fcb67). Click **Configure.** The remaining fields can be left blank. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1726630203/35e8dd3a2a29b5a004a2b325aee8/Untitled%2B-2818-29.png?expires=1781611200&signature=8fb3bfc4128922bcf29f4ee03541370f63c032189339514e2a30f0b177590e89&req=dSclEM99nYNfWvMW3nq%2BgVBgtQDcuceM8p8XDRZzpmPbys4mtR8SIi29mka6%0A%2BHnXqSJvYWCUO7CNTiwLUywFsO0%3D%0A) ![](https://downloads.intercomcdn.com/i/o/am0g137l/1726630209/4a37b699b50abbe392e99c5a161e/Untitled%2B-2819-29.png?expires=1781611200&signature=a66705f126fa37f4191012ee534e9eb0a6dbbe18b9555edfe3287a919035c558&req=dSclEM99nYNfUPMW3nq%2BgUq4FTo%2FSGhyE83IPim3x%2BFj%2B%2BB%2B7GoB89YPDJsu%0A7TYnZNWcdcUYnKwxQ29oFjYA33o%3D%0A) 13\. You should now see the Web platform configuration for your Bot is redirecting to your Tines OAuth2 callback URI. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1726630216/18a408d52b001b3a694a4fe65100/Untitled%2B-2820-29.png?expires=1781611200&signature=7e5d55f670074c5a2b96d052a3625c09fec62984e620b6702733fe67bbbc480d&req=dSclEM99nYNeX%2FMW3nq%2BgQjjHnNAfSS5onibrbd8x6KSjt43FmkGzy3B6U%2B4%0ATYQmnPtpZSBFxhwlouduAn%2B8u7w%3D%0A) ### Part 3 - Associate your Bot and Publish your App > 💡 Some of these steps require elevated privileges. Minimum recommended role: [Teams Administrator](https://docs.microsoft.com/en-us/azure/active-directory/roles/permissions-reference#teams-administrator) 1\. Return to Teams, access the Developer Portal App, and navigate to the `Apps` tab. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1726639239/160eea0649924654e394007291e3/Untitled+%2821%29.png?expires=1781611200&signature=36b8577ca8e8f54dda20ae51b7ba79bd6f85070799c1fcd2916eb67d31191737&req=dSclEM99lINcUPMW3nq%2Bgfwjk%2BcY%2BNvLGNBLthPPwUM9CItG5GXqZiVQdMbw%0AurE61maFT0oMDftBwWVFQfpKUP4%3D%0A) 2\. Select your App, click `App Features`, then click `Bot`. 3\. Select your `Bot` based on your `Bot ID` that you have noted from Part 2, Step 6. You can choose from the drop-down menu or copy and paste the Bot ID. Add the following scopes to your bot and **Save** the settings: - Personal - Team - Group Chat ![](https://downloads.intercomcdn.com/i/o/am0g137l/1726644109/e52f1452066e79a0f9d5b5940fb1/Untitled+%2823%29.png?expires=1781611200&signature=b7a0cfed55392f6bbbe3eacacbdfb9ffba7c8f919dabc299ab346093e159e5fb&req=dSclEM96mYBfUPMW3nq%2BgfZAcKzXfVFAtlTJ5BlDfVYz%2F2HV4wEOQ7nkyk%2F0%0AnubBNkh5DUG%2FRGkeE5spgCE3jxQ%3D%0A) 4\. You will see a message displayed that your App has updated successfully. Click `Publish` to publish your App. 5\. Click the option for `Publish to your org`. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1726646286/5342bd9dc18502597620c4ebe41c/Untitled+%2825%29.png?expires=1781611200&signature=90dc5467b586d0b45c80edc9813e81faf54b1f7241f2e05efc058cebea4a12d3&req=dSclEM96m4NXX%2FMW3nq%2BgUmq6DFW7jooCLtu%2FSjtwvseBY2Fjk4ybuXBy%2Bor%0ARZOFdJpmp1hEpOBhi0vgNwCVTpk%3D%0A) 6\. Click `Publish your app`. Within a few moments, you will see a Version number and a `Submitted` status. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1726647791/546d0329d99762a801060b7329ef/Untitled+%2826%29.png?expires=1781611200&signature=3e3032e6fb33c936a7dfb1103655b0151772b936e32516b7692fa8e027f95427&req=dSclEM96moZWWPMW3nq%2BgcDr9KPMSch87iVjpWLA%2B7n0axPb0TDw2xIlwS%2Fa%0AqGql7Z8gVL1h56CrvO9gDOhpctk%3D%0A) 7\. Navigate directly or ask your Teams Admin to navigate to the [Manage Apps section of the Teams admin center](https://admin.teams.microsoft.com/policies/manage-apps). Search for your App by its name in the `Search by name` field. 8\. Click the name of your App to reach its About page. You will see a warning icon for `Pending Action` near the `Publish` button. 9\. Click `Publish` to publish the app to your org. You will see a confirmation message stating it may take a few hours for the app to appear. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1726652233/d7bf0ed30838657e457904cdba6a/Untitled+%2830%29.png?expires=1781611200&signature=143088c14af472dec6343ee5e444915a12c84b3c8233ef6a2fcbd88dd48e8b23&req=dSclEM97n4NcWvMW3nq%2BgaZComicsDdUV1rBZTNcn32LLZ2o2NvRZjQZV8P7%0A%2FwRE13qCK%2BzDKfNApQLpuzEouWc%3D%0A) ### Part 4 - Add your App to Teams 1\. Navigate to the `Built for your org section` of Apps in Teams. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1726655845/e42779bbae427923870d75511e4c/CleanShot+2025-09-15+at+14_03_34%402x.png?expires=1781611200&signature=6e7e0b6fc220b9e14d36b893e46b9654e325d4674199f955ebc1b0924f032e22&req=dSclEM97mIlbXPMW3nq%2BgQXbTA9UeqMjj2jk%2BwIsS8hTDQrBc6xvYEqlgjYs%0AqjpNjEi5gQipY1MHggLwX8Wu04g%3D%0A) 2\. Click on your App and choose `Add to a team` from the dropdown next to `Add` or `Open`. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1726658076/cba392784fe7a488a156cc692a2c/Untitled+%2833%29.png?expires=1781611200&signature=c10c3472300136d47c6f543a11a54b22520743dae060b2b35c1ce4ca55216855&req=dSclEM97lYFYX%2FMW3nq%2BgTpetJ2shMfeDUL8SlI01xFo24ql9vmbKbci4GSU%0A%2Fy3z3Mk%2FrlqrnRmn272IFTbMDHI%3D%0A) 3\. Type the name of the channel where the App should be added to and click `Set up a Bot` to confirm. The App is added to the `Apps` tab in the `Manage Team` section. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1726664364/0ae18286e319218633bfc884dcc4/Untitled%2B-2834-29.png?expires=1781611200&signature=1ed9946ac4d6ce2e88d259aa0e03d05ab2087396147a7b0edc24f5a6da6c5254&req=dSclEM94mYJZXfMW3nq%2BgahWyTjNIIm%2ByQ2fdrZzH%2FWQxp6k7tuADej3b2S%2B%0AtPGv24S9uWZMLlAQsFNhuPAK9GI%3D%0A) 4\. Navigate back to your channel to retrieve the Channel ID. Click the ellipsis `...` , then `Get Link to Channel`. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1726664367/f25b1bc89031ef4c21a86dad55d4/Untitled%2B-2835-29.png?expires=1781611200&signature=e3781cda8336feeb7b70e5bac0f002e6e02d79332bcd9c43033360bae593cd73&req=dSclEM94mYJZXvMW3nq%2BgVG9YADL75T3LD%2B0x84SLiHjEODYWTXBhch0SHGK%0AC0SdIbhsWYWJXYS62F1OPfnYl7Q%3D%0A) 5\. Click `Copy` to retrieve the link, and paste it in a text editor of your choosing. The link should look something like this: `https://teams.microsoft.com/l/channel/12%3Ld1zc48f07ae123b560ff3e67ab1234f7%40thread.skype/Event%2520Demo%2520Channel?groupId=e0123454-22ab-57j3-8yz0-dcbabcad8eb1&tenantId=63a1b2c3-123a-4567-ef89-7a5bc101867k` We are interested in the value between `/channel/` and `/Event` , so from this example, the channel ID would be `12%3Ld1zc48f07ae123b560ff3e67ab1234f7%40thread.skype`. Make note of your channel ID as it will be needed later on. ### Part 5 - Putting the pieces together in your Tines Tenant 1\. Create an OAuth 2.0 Credential in your Tines tenant with the following details: - **Name**: A name of your choosing, something like `MSTeamsBot` - **Type**: OAuth 2.0 - **Callback URL**: Pre-populated - Client ID: Your [Bot Application ID](https://www.notion.so/Microsoft-Teams-App-and-Bot-Creation-A-Guide-for-Tines-Users-053303244f8b4653b05043da274e3b87?pvs=21) - **Client Secret**: Your [Client Secret for the Bot](https://www.notion.so/Microsoft-Teams-App-and-Bot-Creation-A-Guide-for-Tines-Users-053303244f8b4653b05043da274e3b87?pvs=21) - **Scope**: `https://api.botframework.com/.default` - **Grant type**: Client credentials - **OAuth token URL**: `https://login.microsoftonline.com/<>/oauth2/v2.0/token` ![](https://downloads.intercomcdn.com/i/o/am0g137l/1800362657/d517746162835a686f19ae37d7f6/credentialForTeams.png?expires=1781611200&signature=4b89b201c8de8395d43d5e04ada853b0f08393303993cc2dfe1bb562daf0e1e6&req=dSgnFsp4n4daXvMW3nq%2BgbTkaSNQ3c%2Fnhn%2BI8R4u%2BYDTmZtmR57vqaulWseM%0AXTCs0DN6eAPMHPo8Ote2y0MyEso%3D%0A) 2\. Create the following resources in your Tines tenant: - [MS Teams Channel ID](https://www.notion.so/Microsoft-Teams-App-and-Bot-Creation-A-Guide-for-Tines-Users-053303244f8b4653b05043da274e3b87?pvs=21) - [Microsoft Service URL](https://docs.microsoft.com/en-us/azure/bot-service/rest-api/bot-framework-rest-connector-api-reference?view=azure-bot-service-4.0#base-uri) - This will vary depending on region and is [set by the channel](https://docs.microsoft.com/en-us/azure/bot-service/rest-api/bot-framework-rest-connector-api-reference?view=azure-bot-service-4.0#activity-object) or user location ![](https://downloads.intercomcdn.com/i/o/am0g137l/1726676275/59677a6280696a217f788ca2ca03/Untitled+%2838%29.png?expires=1781611200&signature=489d2d16e64da806e37a61bbdb1a18fa5d70ab2e0c06e7d30df342c662a88101&req=dSclEM95m4NYXPMW3nq%2BgdFo836giUn4gpPVcH7wZwFqaZtNNPSCmIBqgV9q%0ACk1WckXcl8riryzSqn3Rc2wyNz4%3D%0A) ### Part 6 - Testing in a Tines Story 1. Copy and Paste the following JSON for the `Fetch Team Roster` action to your story, replacing the following: - Resources - `microsoft_service_url` - `ms_teams_channel_id` - Credential - `MSTeamsBot` ``` {"agents":[{"disabled":false,"name":"Fetch Team Roster","options":"{\"url\":\"https://<>/v3/conversations/<>/members\",\"content_type\":\"json\",\"method\":\"get\",\"headers\":{\"Authorization\":\"Bearer <>\"}}","position":{"x":345,"y":-150},"type":"httpRequest","timeSavedUnit":"minutes","timeSavedValue":0,"monitorAllEvents":false,"monitorFailures":false,"monitorNoEventsEmitted":null}],"links":[],"diagramNotes":[]} ``` ![](https://downloads.intercomcdn.com/i/o/am0g137l/1726682305/40b05dd296b43bf80dbdd03b80f1/Untitled+%2840%29.png?expires=1781611200&signature=cbcdb3c46a017ee936af4600f3fc61593b523acd6192755b8923b2b2ae9d3634&req=dSclEM92n4JfXPMW3nq%2BgeuHvuU7zoTuyqz0wuNTHPVV6Yu92msu%2FnHd6AWg%0A58as9B24BlyMIlbBxKKcnLmNTJ0%3D%0A) 2\. Run the action to fetch all the members in the channel whose ID you provided. Congratulations, you’ve just set up your Bot successfully with Microsoft Teams and integrated with Tines! ![](https://downloads.intercomcdn.com/i/o/am0g137l/1726684390/b3addf5af1eb067e8e9154865443/Untitled+%2841%29.png?expires=1757942550&signature=4a408c087db741f26bd45555b9ddd9edc9b6927be2f11682eee64438fc38bc08&req=dSclEM92mYJWWfMU3HP0gPFrKFrO%2BPSrrnnfYRTRcZu5Y3P3bwQ%3D%0A) #### ## Integrating Slack with Tines ## Overview Using a Tines webhook, you can kick off your story by monitoring for relevant Slack events with Slack's **Event Subscriptions** app setting. ## Tines manual reference Before getting started, we recommend familiarizing yourself with the surrounding functionality this article covers: - Tines Action Types: [Webhook](https://www.tines.com/docs/actions/types/webhook) - Slack Event API: [Respond to the challenge](https://api.slack.com/apis/connections/events-api#challenge) ## Make it happen 1. Within your Slack app configuration, navigate to **Features** → **Event Subscriptions**: ![](https://downloads.intercomcdn.com/i/o/993006827/0103bee01eedc50f3246d243/Screenshot+2024-03-15+at+2_49_46+PM.png?expires=1781611200&signature=017ed8358205a73711d6aa433e40456d637fef9a2cf8dbd87caf0a3f51363f72&req=fSkkFsl4lYNYFb4V1XW4gRKyvjEmW7QALcaG3%2Bl%2F11GGFgtDMXdcxbWKtk%2Bi%0AoTBgXet4XN3mMOUgNkL9DAPeQg%3D%3D%0A) 2. Toggle on **Enable Events**: ![](https://downloads.intercomcdn.com/i/o/993013663/84b18eeec5c32169b8592ca6/Screenshot+2024-03-15+at+2_57_47+PM.png?expires=1781611200&signature=1ae0b8d912fb835ae93b8214f6615fd2b0af2d919e5075f63880b7088c74a2b0&req=fSkkFsh9m4dcFb4V1XW4gUhvWo1114N9NOS7F8mV9liS13RWcmvCFpjCF6kn%0ARZYSSS3K5%2FdJhIJePzXebnQxUA%3D%3D%0A) 3. Within Tines, drag a **Webhook** action onto your storyboard. 4. Within the Webhook action, click the **\+ Option** button. 5. Add **Response** and **Response Code**. ![](https://downloads.intercomcdn.com/i/o/993009377/d6fa428dcfa94720c4950497/Screenshot+2024-03-15+at+2_51_58+PM.png?expires=1781611200&signature=3430d2dc8023099f4964985d29c7a6c8b6a8970ba926700163f3cb04eb96ac52&req=fSkkFsl3noZYFb4V1XW4gYPwjyscpdc3NhQhqOE2Ed4IWLxjcJscdvHNcBRI%0ABMQVLyoxtpDTKvJZ%2Boke3zZtHA%3D%3D%0A) 6. For **Response**: Set this in a pill: `body.challenge` 7. For **Response Code**: Set to `200` ![](https://downloads.intercomcdn.com/i/o/993026599/73888768575eed82643665ee/Screenshot+2024-03-15+at+3_15_00+PM.png?expires=1781611200&signature=07e88351d621a85dd88c4b32373de6d65d18427dcad50bc1f682ed1bc322919b&req=fSkkFst4mIhWFb4V1XW4gWWIS5Kl2WuV4x4I%2F9awixxxFy3rI%2BlJxZVRM0NT%0A5c9SSQ8wJQ5t2xZkGN%2Bs1LtKOw%3D%3D%0A) 8. Within the Webhook action, copy the **Webhook URL**. 9. Back in the **Event Subscriptions** page of your Slack app, paste the **Webhook URL** into the **Request URL** box. ## Review the results Slack will send a `url_verification` call to the associated webhook within Tines: ![](https://downloads.intercomcdn.com/i/o/993022906/c4783003dd65f7884b7294a3/Screenshot+2024-03-15+at+3_08_23+PM.png?expires=1781611200&signature=c7c507672c69a84f4f9191f67b3161b10d8a0ffadc692ef105b0a04a9aae7dfa&req=fSkkFst8lIFZFb4V1XW4gbW4GXuO43ZY4oPrDHek73kb3LcKP7vSv9cYx7Kk%0AbXHRkgaxXsth56EMpg6ilOPsVA%3D%3D%0A) Tines will send the challenge value in the webhook's **response** back to your Slack app: ![](https://downloads.intercomcdn.com/i/o/993025529/9d90f566a37d2fc7531b73fc/Screenshot+2024-03-15+at+3_12_04+PM.png?expires=1781611200&signature=757a1c5725fcd29572487076dd391e917a92e78df622917eecaadaa80dc307b0&req=fSkkFst7mINWFb4V1XW4gYvM1MXZ2Mrh4Na%2Fw1EOS20SAZj98CE1OmReUsDh%0ATcR4kev6nk8Ry73455YdIhVzrw%3D%3D%0A) Thus, verifying the connection: ![](https://downloads.intercomcdn.com/i/o/993020456/8b78ffc22793ebd370e56fd6/Screenshot+2024-03-15+at+3_05_43+PM.png?expires=1781611200&signature=9cc2247ad5eb996326c5fce90852ccf8341087e76105416400663febd1822ab3&req=fSkkFst%2BmYRZFb4V1XW4gRg1IUAt1iSbUHe4THnWhefWckPAS%2Br%2FwEQXSyAw%0ArLr3ELPOGOxf7p7WqAxeG6yW0w%3D%3D%0A) ## Intercom Authentication Guide Intercom helps support teams streamline workflows, manage conversation volumes, and optimize resources. ## First, create an Intercom app 1. Navigate to your Intercom Developer Hub `https://app.intercom.com/a/apps/<>/developer-hub` 2. Click "New app" ​ ​ ![](https://downloads.intercomcdn.com/i/o/879857293/429ac7cd0ca96df19ccb3e97/image.png?expires=1781611200&signature=f864a69e0f46a155cb09308efa5a7d2f71427301c6d4fad64033019c3f1fe8eb&req=fCcuHsx5n4hcFb4V1XW4gZt0cktAMCyF%2FcEHuQcMLdtEoNLzUvw74cFOKDAb%0AY1C%2FiPDmzdizbeZrOXdrGe6GEQ%3D%3D%0A) ​ 3. Name your app, select your "Workspace" and click "Create app" ​ ​ ![](https://downloads.intercomcdn.com/i/o/879857492/4bd8ffef3bf9907e4ce19801/image.png?expires=1781611200&signature=71e487378578c1dffd6b83e6cbccf9c04817070a4ed73624a15dfe7167f25b59&req=fCcuHsx5mYhdFb4V1XW4gdpAGwYHIskupksu5fpOop6MEg4SHpgRS70OUdrI%0A0b1wXdJALDhydpPLIHIftQE2nA%3D%3D%0A) ​ 4. Copy your "Access token" to a text editor and select the required permissions ​ ![](https://downloads.intercomcdn.com/i/o/879857838/44cfda1becb9b5490f0f6afa/image.png?expires=1781611200&signature=418fd3f21bd93d28ac2532cd761aabcfd7c2de8c18d6a5fa3fb43391adbe817f&req=fCcuHsx5lYJXFb4V1XW4geyKa23WZef7AgK5mgLtQzZVZFNPW0zSVDfN4E0%2F%0AnO7JvaXOrv5IecjZS1ZcbZxfAw%3D%3D%0A) ​ ## Lastly, create an Intercom credential in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Text" 4. Input the values for the Intercom credential 1. **Name:** Intercom 2. **Description:** Optional 3. **Value:** Your Access token 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API 6. Click "Save" > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Intercom** **stories in the [story library](https://www.tines.com/library?s=intercom&view=all)** ## Introduction to AI Agents AI Agents can be customized to fit your specific business needs, helping streamline collaboration across departments, without adding to your team's workload. **Check out the demo from Stephen, our head of product 👇🏼** [Watch video](https://fast.wistia.net/embed/iframe/yen5oyj0qb) > **Note:** > > 1. As of February 10th, 2026, The AI Agent action is available on all Tines tenants. Existing customers please contact your account team to learn more about these features. > > 2. Using the AI Agent action will use AI run-time credits. You can see your credits used to date by each team in the AI settings modal. Learn more about AI run-time credits [here](https://explained.tines.com/en/articles/12801399-ai-usage-and-credits). > **Want to see it in action?** [Book your AI Agents demo now](https://www.tines.com/book-an-agents-demo/) The AI Agent action is an evolution of the AI Action, complete with two modes: **Task** and **Chat**. With **Task**, you can define and run a prompt within your story. You can also introduce tools to take action on your behalf. Tasks are great for more straightforward actions that don’t need user input. You tell the task what it should do, it thinks and responds. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1583714038/f45ff1697aa3cb3b8ee90ac0e38e/CleanShot+2025-06-23+at+10_11_17%402x.png?expires=1781611200&signature=814a78556e16a9ecb383e15aced7839a7213cae6d3fd81a51977055397b6c45f&req=dSUvFc5%2FmYFcUfMW3nq%2BgYKza3simZM1743OiVyYjUnlvJJZagF19mONkUoU%0ALqhbX4%2BZmplbjUrc%2Bna2uCCF22Q%3D%0A) **Chat** allows you to create your own AI chat interface for audiences inside your organization. They're great for situations that benefit from a back-and-forth conversation, one that needs clarification and confirmation with the end-user. If you want an end-user to start a conversation with the agent, you can share a direct link with them. But chat links can also be sent automatically in a workflow to kick off the conversation proactively. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1583720378/de1ff0e15f63cb1d43a8bd01524b/CleanShot+2025-06-23+at+10_54_17%402x.png?expires=1781611200&signature=59251c5e9e505380cb1f6684ee50cd59a39f7051d2406c4443158cf2d782982a&req=dSUvFc58nYJYUfMW3nq%2BgV6al6i3X2YTI2EV%2Bek0XyYENqueY%2FFQENYKNVkl%0A3mAv2MkDLf5rPTPyQ4Gtkye0sO0%3D%0A) You've always had the tools for deterministic workflows, now you're gaining the power of agentic workflows where you already build, run, and monitor your most important workflows! * * * ## Resources **AI Agent action FAQs** All your burning questions about agents answered [here](https://explained.tines.com/en/articles/11510164-ai-agents-faqs). **How should I configure and use agents?** Take a look at our best practices for using agents in Tines [here](https://explained.tines.com/en/articles/11644147-best-practices-for-the-ai-agent-action). **Where can I find additional resources on agents?** We've gathered some helpful Explained articles together [here](https://explained.tines.com/en/collections/9473753-ai-in-tines). ## Introduction to cases Cases is our solution for case management. Automation works with established processes to respond to threats or problems, while cases gives builders a place to solve for the new or unknown. A case in Tines is a collaborative user interface where you can comment, take action, and report on progress all in real-time. > **Note:** Cases are an add-on for Tines customers. All customers on a paid plan may opt into a ***one-time*** 45-day free trial. You can [click here](https://hq.tines.io/pages/c88e1a237bed1f2e43fcf39d597ca6cd/) to opt-in automatically or talk to a member of our team to learn more. ### With cases, you can: - Organize your team around a case - Collaborate in real time on the steps to triage and remediate - Take actions based on the information at hand - Automate where you can with other workflows or systems - Report on what happened and share the outcomes with leadership Cases are best used in tandem with [records](https://explained.tines.com/en/articles/7971187-introduction-to-records), a way to structure event data from across story runs. Records are often attached to cases as artifacts. You can then visualize data from records and cases in a single view with [dashboards](https://explained.tines.com/en/articles/9521649-introduction-to-dashboards). These views help you monitor what's happening across workflows within your team. > **👉 To learn more about configuring cases, [see our docs](https://www.tines.com/docs/records-cases/cases).** [Watch video](https://fast.wistia.net/embed/iframe/z5u7ty1dze) ### Key features of cases The table below outlines the different features of cases. | **Feature** | **Description** | | --- | --- | | **Correlation** | Easily search and correlate in cases in the UI and via API by record data, case metadata, tags, and more. | | **Automation** | Capture granular changes made to cases with case webhook notifications, allowing you to build custom responses. | | **Remediation** | Take actions from cases via case buttons, which link to any of your existing Tines automations via webhook or page. | | **Customization** | Customize key processes to your team by defining your own case statuses, tags, closure requirements, SLAs, and custom roles. | | **Reporting** | Export individual case data and reporting dashboards for external use. | ## Introduction to dashboards Gain a singular view across all [cases](https://explained.tines.com/en/articles/7971194-introduction-to-cases) and [records](https://explained.tines.com/en/articles/7971187-introduction-to-records) with Dashboards. Dashboards allows you to monitor and report on workflow performance, bringing forward the data that you care most about for reporting. Your records and cases tell a story, highlight them with charts, lists, number blocks and notes. You can create or copy over existing record charts to build visual cross story reports, while cases can be listed out in customized views. Organization is key to a strong security posture, and bringing as much detail and context together only strengthens it. And when you need to share that performance data with leaders and stakeholders, you can export either the entire dashboard or an individual element as an image. ## Types of dashboard elements There are three main components to building out a dashboard: | **Element** | **Description** | | --- | --- | | Record charts | Visualize records with applied filters in multiple chart types for an aggregate view | | Case views | Filtered view of cases or case summary data (i.e. MTTR, MTTA) | | Notes | Context to provide alongside the charts or lists with Markdown support | Learn more about building dashboards in our [docs](https://www.tines.com/docs/records-cases/dashboards). [Watch video](https://fast.wistia.net/embed/iframe/ty6pqs9gws) ## Introduction to OpenTelemetry ## What is OpenTelemetry (OTEL)? OTEL is the open standard for generating, collecting, and exporting telemetry data. In Tines, our telemetry data consists of traces and spans. A trace is a single end-to-end operation executing through the system (for example, a story execution or background job run). A trace is composed of multiple spans or single steps like HTTP call, DB query, background job or action execution. With self-hosted release [v34.7.0](https://www.tines.com/docs/self-hosting/release-notes/#october-8th-2025-34-7-0), Tines has the ability to send OpenTelemetry traces to observability stacks that support OTEL ingestion. Read the following documentation on [how to configure this new feature](https://www.tines.com/docs/self-hosting/additional-configuration/exporting-opentelemetry-traces/). ## What are we trying to solve with OpenTelemetry? When something in Tines feels slow, fails intermittently, or just acts differently under load, the default tools may not always have enough information to act on. You can look at system metrics, see that stories are running, and dig through logs. Even after doing all of that, the same questions remain: - What exactly is slow? - Where is the time actually going? - Is it this story or action acting up? ## Why is OpenTelemetry important? This is where OpenTelemetry helps. It lets us see how a workflow moves through Tines, rather than just whether it finished. With tracing enabled, you can watch: - How requests and background jobs move through the system - Which parts of a run are really driving latency - How the different spans fit together inside a story - What changes when the system is under heavy load or stories back up That changes conversations from: *“The system feels slow.”* to something more useful, like: *“Queue latency is zero, but a couple of actions in Story 42 are slow. We should fix the story, not the infrastructure.”* Read the following articles for help with: - [OpenTelemetry: Designing and Implementing an Observability Stack](https://explained.tines.com/en/articles/14120804-opentelemetry-designing-and-implementing-an-observability-stack) - [OpenTelemetry: Designing a Dashboard](https://explained.tines.com/en/articles/14120923-opentelemetry-designing-a-dashboard) - [OpenTelemetry: Practical Troubleshooting](https://explained.tines.com/en/articles/14121076-opentelemetry-practical-troubleshooting-walkthrough) ## Introduction to records ## Introduction to records Define and structure event data across stories with records. Captured from the storyboard, each row of a record represents a story run. #### With records you can: - Create a system of record - Store and report on data produced by Tines - Structure relevant story run and event data - View data visually through multiple chart options - Enable the storage of raw logs or extensive data dumps directly within the records table - Create an “alert” to be further processed or referenced later when [creating a case](https://tines.com/docs/records-cases/cases) - Define a “retention period” or “time to live” (TTL) for a record type - Manage parent-child relationships in records through the API - Create cross story reports using records with dashboards ### Record elements Records are made up of elements that can relate to the overall record or be story-specific. When making changes to record-specific elements, it impacts all stories referencing the record. | **Elements** | **Definition** | **Story-specific** | **Record-specific** | | --- | --- | --- | --- | | **Records** | The data captured from a specific story run; appears as an individual row on the records table | Yes | Yes | | **Capture record** | Captures data from the story run to the records table | Yes | No | | **Record type** | The predefined fields across stories within a team | No | Yes | | **Record fields** | The individual predefined fields within the record type that appear as columns in the records table | No | Yes | | **Record artifacts** | A large text record field type that enables the storage of raw logs or extensive data dumps directly within the records table | No | Yes | | **Record inputs** | Determines what incoming event data gets captured in the record | Yes | No | | **Records table** | The summary of all collected records across stories | No | Yes | | **Records charts** | Visualize records with applied filters in multiple chart types for an aggregate view | No | Yes | | **Parent record** | The source data capture for parent-child relationships. If a parent record is added to a story, all child records will also be added. | No | Yes | | **Child record** | The downstream records associated with a parent record. | No | Yes | > **👉 Learn more about configuring records in our docs.** [Watch video](https://fast.wistia.net/embed/iframe/2c4gayd840) ## Introduction to the storyboard The storyboard is the heart of the Tines platform, a flexible, interactive workspace where automation workflows come to life. The storyboard is an interactive, drag-and-drop builder where you create and visualize automation workflows called "stories." A story is a collection of interconnected actions working toward a singular mission, like responding to a phishing email, onboarding a new employee, or investigating a security alert. On the storyboard, you can: - Drag and drop actions from the left panel onto the canvas - Connect actions visually by drawing lines between them to define data flow - Configure action settings using the properties panel on the right - See your workflow in action with real-time event badges showing execution status - Organize and layout your automation for clarity and maintainability - Collaborate with teammates who can view and edit alongside you in rea**l-time** * * * ## **Key components of the storyboard** ![](https://downloads.intercomcdn.com/i/o/am0g137l/2332065593/14ba6e02b2bfc70e15b647e10210/Storyboard+UI.png?expires=1781611200&signature=0d643a077068819d734a6d8a4052d752313e8eee994c6492bb211fd0e9ff5b6b&req=diMkFMl4mIRWWvMW3nq%2BgZqKEceZzLiE%2FeyxYmDmQJMXjlLxpHHxd0MGhHtx%0A7Nfy3KmjGbzjIzfWm7oiTObOveU%3D%0A) ### **The story toolbar** The story toolbar is a floating panel on your storyboard that gives you access to all actions, tools, and templates. It's designed to help you build faster, with actions grouped by function so you can find what you need at a glance. By default, the toolbar surfaces the most commonly used actions. You can personalize it by dragging actions onto the toolbar to add them, or into the Quick Search menu to remove them. Your layout is saved per user, per tenant. #### **Action types** - Webhook - Receives data from external systems to trigger workflows - HTTP Request - Sends or receives data from any API - Receive Email - Initiates workflows from incoming emails - Send Email - Sends email notifications or reports - AI Agent - Enables AI-powered reasoning and execution - Event Transform - Manipulates and structures data - Condition - Makes decisions based on conditions - Send to Story - Reuses workflows by nesting them within other stories > **👉 Learn more about actions [here](https://explained.tines.com/en/articles/6872936-what-are-actions-in-tines).** #### **Templates** Templates live within the HTTP request action type. Search and drag pre-configured templates for popular tools and services. These templates come with pre-filled configurations for common tasks, dramatically speeding up your build time. If a tool offers an API, Tines can connect to it. > Read about the story toolbar [here](https://explained.tines.com/en/articles/14781675-story-toolbar). ### **The storyboard** The central area is your workspace where you: - Place actions by dragging them from the left panel - Connect actions by drawing lines from one action to another - Move and arrange actions to create a clear, logical flow - Select actions to view and edit their configurations - See real-time indicators showing which actions have executed and how many events they've processed ### **The properties panel** When you select an action on the storyboard, the right panel displays: - Name and description fields for documenting your action - Configuration options specific to that action type - An editable options block where you can define the action's behavior using formulas and data from previous actions - Rules and conditions that determine when the action should run ### The event viewer The event viewer gives you real-time visibility into the data flowing through your story. When you select an action and open the event viewer, you can: - View the full output of each event emitted by an action. - Inspect the structured data produced at each step of your workflow. - Re-emit or delete events directly from the viewer. - Use double-click on any key to copy its data path for use in downstream actions > Tip: Use CMD/Ctrl + E to quickly open and close the event viewer at any time. * * * ## Working on the storyboard ##### **Organizing your storyboard** When building a story in Tines, things can get messy. Actions overlap, or get crowded, and the overall flow can become harder to follow. Tines gives you two simple tools to quickly bring order back to your board: **Align** and **Tidy**. With these options, you can straighten out actions, space them evenly, and make your storyboard that bit easier to read and manage. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1806553537/1f656338288a1dec12955cef3a44/Screenshot%2B2024-10-03%2Bat%2B15_02_50.png?expires=1781611200&signature=63fdbef11f734dbf9f46836fc3369cde452f7df73c418625a65e1e4b7282250b&req=dSgnEMx7noRcXvMW3nq%2BgeRsnQ2%2BGhU2Wgt8Pw7PGRTC8IAcwTpByxjnkICb%0AqtvC5DFuE7Js2IVfPadw7ZkCMgI%3D%0A) **Align**: This arranges the selected actions so that they line up neatly, either vertically or horizontally. It’s useful when you want multiple actions to share the same axis. ​**Tidy**: This automatically spaces out the selected actions evenly, reducing overlaps and improving readability. It’s helpful for cleaning up a messy storyboard quickly without manually dragging actions around. You can use **Align** when precision is needed (e.g., keeping several actions perfectly level) and **Tidy** when you want the overall layout to be more organised and visually clearer. ##### **Notes:** Add notes to your storyboard to document complex logic, explain API requirements, or provide context for teammates. Notes are visible to everyone viewing the story and are particularly useful for: - Documenting intricate workflow sections - Explaining unclear API requests - Listing required parameters for Send to Story actions - Linking to external documentation for audit purposes You can add toggle headings (H1, H2, and H3) to your notes to collapse and expand sections, keeping your notes organized without the clutter. Type `/` in any note to add a toggle heading. ##### **Connections:** Connections on the storyboard define how data flows between actions. When you connect Action A to Action B, you're telling Tines that when Action A completes and emits an event, Action B should receive that event and execute. To connect two actions: 1. Click on the source action (the one that will send data) 2. Drag from the action to the receiver action 3. Release to create the connection You'll see a line connecting the two actions, showing the data flow path. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2179793903/9b1a5f788aa038344d27647296de/CleanShot+2026-03-19+at+15_25_10.gif?expires=1781611200&signature=8a99e3bc685709095542a5c7b798a516ea825ac4c62a158b7adbb53009fc501c&req=diEgH853nohfWvMW3nq%2BgT28EQN%2F4bhjLdSxev6c%2F%2BQLzhZerZQfwA9NJwVf%0AafOPsc67pbbuCqU9%2F2So2Ek8hfY%3D%0A) ##### **Understanding event flow:** An event is the output of an executed action. When an action runs successfully, it emits an event containing the data it produced. This event then flows to all connected actions, triggering them to execute with that data. The storyboard shows event counts on each action with small badges, helping you understand how many times each action has executed and troubleshoot any issues. > **👉 Learn more about events [here](https://explained.tines.com/en/articles/6877834-what-are-events-in-tines).** * * * ### **Best practices** **Start simple, then expand** Begin with a basic workflow that accomplishes your core objective. Once it's working, you can add error handling, notifications, and additional integrations. The storyboard makes it easy to add new actions without disrupting your existing flow. **Use descriptive names** Give your actions clear, descriptive names that explain what they do. Instead of "HTTP Request 1," use "Fetch user details from Okta." This makes your storyboard self-documenting and easier for teammates to understand. **Test as you build** Don't wait until your entire workflow is complete to test it. Use the test functionality on individual actions as you add them to catch issues early. **Leverage Send to Story for reusability** If you find yourself building the same sequence of actions in multiple workflows, create a separate story for that sequence and use Send to Story actions to call it. This keeps your storyboards cleaner and makes updates easier—change the sub-story once, and all stories using it benefit. **Document complex logic** Use notes on your storyboard to explain any complex decision logic, unusual API requirements, or business rules. Your future self (and your teammates) will thank you. **Keep it visual** Arrange your actions in a logical flow from left to right or top to bottom. Avoid crossing connection lines when possible, as this can make the workflow harder to follow. ## Introduction to Tines University [Tines University](https://www.tines.com/university/) is a free, self-paced learning platform available to anyone. It offers structured learning paths that help you and your team learn how to use Tines, from foundational concepts through to advanced and specialist topics. ### What you'll find in Tines University University is organized into **learning paths**, each made up of several modules. Every path is built around a specific skill level or topic area, so you can start at the level that's right for you. Each learning path includes: - An estimated time commitment - Modular content you can work through in one sitting or spread across multiple sessions When you complete a learning path and pass the exam, you earn a badge. ### Available learning paths #### Starting paths **Tines Foundations** Your starting point for understanding Tines. This path covers what intelligent workflows are, how data moves between systems, and how to navigate the Tines platform. Topics include the Tines UI, stories, actions, JSON, APIs, and events. **Builder: Core** Learn the building blocks for creating well-structured workflows. This path covers story design, resources, credentials, and an introduction to functions. Best suited for learners who are ready to start building. #### Continuing builder paths **Builder: Intermediate** Build on core concepts with interactive elements and more complex data handling. Topics include pages, explode and implode, intermediate functions, and pagination. **Builder: Expert** Focus on enterprise-scale workflow design, including modular and reusable solutions. Topics include Send to Story, change control, loops and tags, and advanced functions. #### Specialty paths **Platform Administrator** Learn how to manage users, configure security settings, and govern your Tines tenant. Topics include authentication, compliance, reporting, and tenant health. **Builder: AI** Explore how to integrate AI capabilities into your workflows. Topics include auto generate, automatic mode, the AI agent action, MCP server, and Workbench for Storyboard (formerly Story copilot). **Specialist: Cases** Learn how to design, build, and manage cases in Tines for tracking and closing work. Topics include case design, navigation, management, and how cases relate to records and dashboards. **Specialist: Records** Learn how to capture structured data from your workflows for reporting, analysis, and automation. Topics include record design, navigation, management, and how records relate to cases and dashboards. **Specialist: Workbench** Learn how to use Workbench, Tines' AI-powered chat interface, to take action and access data across your stack from a single conversational view. Topics include Workbench tools, conversations, management, and the integration with Slack. ### Getting started Tines University is free and available to anyone. You can access it anytime at [Tines University](https://www.tines.com/university/). If you're not sure where to start, **Tines Foundations** is the recommended starting point if you're new to Tines. From there, you can move into **Builder: Core** and continue based on your role and what you need to learn. Have questions about University? Reach out to us at [university@tines.io](mailto:university@tines.io). * * * When you're ready, you can also sign up for a **Tines Certification**. Just visit our [registration page](https://www.tines.com/get-certified) where you can select either the Core or Advanced certification. ## Accessing your certification To access your Tines Certification dashboard, log in here: [Tines Certification Login](https://certification.tines.com/login) Once you have built and tested each exam story, you can submit it within the certification itself, under the relevant **Lab submission** module. > The Tines Training Team generally delivers grading responses within 72 hours. ## Introduction to Webhooks ## What is a webhook? A webhook is a way for external systems and applications to send data directly into your Tines workflows. Think of it as a doorway that allows other services to knock and deliver information to your automation in real-time. When you create a webhook action in Tines, you get a unique URL that external systems can send HTTP requests to. Each time a request arrives at that URL, Tines captures the data and creates an event that flows through your story, triggering your automation. ## Why use webhooks? Webhooks enable event-driven automation. Your workflows react instantly when something happens in another system, rather than constantly checking for updates. Common use cases include: - Receiving alerts from monitoring tools (PagerDuty, Datadog, Splunk) - Processing events from collaboration platforms (Slack, Microsoft Teams) - Handling notifications from code repositories (GitHub, GitLab) - Capturing form submissions from external websites - Integrating with third-party APIs that push data to you - Building custom integrations for any service that can make HTTP requests ## How webhooks work in Tines Here's the typical flow: 1. **External system sends a request**: Another service makes an HTTP POST, GET, PUT, or other request to your webhook URL 2. **Tines receives the data**: The webhook action captures the request body, headers, and parameters 3. **Event is created**: Tines converts the incoming data into an event 4. **Workflow continues**: Downstream actions in your story process the event data ## Webhook vs. page: Which should you use? It's important to understand the difference between webhooks and pages in Tines: | **Webhook** | **Page** | | --- | --- | | Machine-to-machine communication | Human-to-machine interaction | | Receives API calls from external systems | Displays interactive web pages for users | | No visual interface, just an API endpoint | Full UI with forms, buttons, and content | | For automated integrations | For users to visit, view, and submit data | - **Use a webhook when**: External systems or APIs need to send data to Tines programmatically. - **Use a page when**: Humans need to visit a URL in their browser to see information or submit data (booking systems, forms, dashboards, portals). ## Common webhook patterns Here are a few examples of how you can use webhooks within your stories: - **Alert processing** - External monitoring tools send alerts to your webhook, which then enriches the data, creates tickets, and notifies teams. - **Event forwarding** - Your webhook receives events from one system, transforms them, and forwards them to multiple downstream services. - **API gateway** - Multiple external systems send data to different webhooks, which normalize and route the data through a unified workflow. - **Callback handler** - After initiating a long-running process in an external API, that API calls your webhook when the process completes. Read more on webhooks in our docs, [here](https://www.tines.com/docs/actions/types/webhook/). ## Introduction to Workbench ### Workbench Demo [Watch video](https://www.youtube.com/embed/ocC4ouXDLsM?rel=0) ### **What is Workbench?** Workbench is a Tines-powered AI chat interface that allows you to take action and interact with your proprietary data in real-time. This is an add-on product within the Tines platform, and like all AI in Tines, it is [private and secure by design](https://explained.tines.com/en/articles/9369078-security-privacy-for-ai-in-tines). This is the one place in Tines that is user-scoped. Meaning, outside of audit logs, it is private to you. From Workbench, you can only interact with stories or action templates that you have permissions to interact with through your team or tenant-level settings. Workbench is available to all Tines cloud tenants, both paid and community editions. To learn more about its availability, [check out this article](https://explained.tines.com/en/articles/9855931-how-to-access-workbench). [Watch video](https://fast.wistia.net/embed/iframe/f951y3vffb) ### **Why should you use Workbench?** Workbench removes the need to switch context between applications. It offers builders a singular view to run and monitor in the context of real-time scenarios or events. You can perform tasks like: - Send a message in Slack - Look up an employee in BambooHR - Create a ticket in Jira - Get detections in CrowdStrike Falcon - Lock down a device in Jamf By getting connected and responding faster, Workbench helps teams increase operational efficiency, improve the interoperability of your tech stack, mitigate risk faster, and strengthen compliance. > **Note:** To access Workbench, you need to enable AI-powered features from your admin settings. [Learn how here](https://explained.tines.com/en/articles/9396326-how-do-i-turn-on-or-off-the-ai-powered-features). ### **Get started with Workbench** To start using Workbench, here are some best practices. 1. Ensure you have enabled a few stories for Workbench ![](https://downloads.intercomcdn.com/i/o/1175828066/2c2dd4074e2f5e722fdb1d17/Enable+Workbench+stories.gif?expires=1781611200&signature=d2edbdff64ff919e6f4debbb896aca890dc095d05144d0e0fb5320924ce2aea0&req=dSEgE8F8lYFZX%2FMW3nq%2BgX9dWg2KdZZPJ%2BKhSrmetB3dCmSZFwil9HTUyXBQ%0AceC9NwV5I1XI%2FstCI%2FEW7qsGD4g%3D%0A) 2\. Then start a conversation It’s that simple. It’s ready to use out of the box without stories enabled, but they make the experience even more powerful. Try it out! * * * ## Resources Here are some resources to get started with Workbench: - [Docs](http://tines.com/docs/workbench/) - Read up on the technical ins and outs of Workbench - [Library](https://www.tines.com/library/) - Access stories created specifically for Workbench by the Tines Labs team - [University](https://www.tines.com/university/) - Users can access this content whether or not they’ve completed their Tines certifications - [Workbench demo](https://explained.tines.com/en/articles/9859395-tines-workbench-demo-recording) - Watch a full walkthrough of Workbench - [How to access Workbench](https://explained.tines.com/en/articles/9855931-how-to-access-workbench) - Understand the various tiers of using Workbench - [Workbench FAQ](https://explained.tines.com/en/articles/9855941-frequently-asked-questions-workbench) - All your burning questions about Workbench answered - [Using stories with Workbench](https://explained.tines.com/en/articles/9855926-using-stories-with-workbench) - How to make the most of your stories and Workbench - [Writing effective prompts](https://explained.tines.com/en/articles/12097316-writing-effective-prompts) - Guidance for how to communicate well with AI ## Introduction to Workbench for Storyboard ## Overview [Watch video](https://fast.wistia.net/embed/iframe/ggg88atvdd) Workbench for Storyboard (formerly Story copilot) is an AI-powered chat interface to build, understand, and optimize flows on the storyboard. You can use Workbench for Storyboard to start from scratch or to work with an existing story. Workbench for Storyboard makes Tines accessible to the whole team, regardless of skillset. Open the interface by clicking on the Workbench for Storyboard button on the storyboard. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2472983541/f84d2f1dc89ae46c3526d24a7421/wbsb+left+open.gif?expires=1781611200&signature=6629c1da63eed1771d0bd471a3180ac58d04cf60e277a788ac2cc583a7848aaa&req=diQgFMB2noRbWPMW3nq%2BgR0%2FYmkUkKKirpeGl%2FyoK69G0s2uuNnZbTMkmJbf%0ArQvBaNZwiH0wy6zPCTbdqcQNtHU%3D%0A) ## Modes In order to ensure Workbench for Storyboard only does what you want, it has two modes: - **Ask** - Ask anything about the story on screen - **Build** - Build, edit or debug your workflow ### Ask Mode ![](https://downloads.intercomcdn.com/i/o/am0g137l/2473000540/3f633f4e6a08ad9296e27043a827/wbsb+left+mode.gif?expires=1781611200&signature=2b84d982b1af4e4a3831bbcd07ec683b01c8df295c2eab10278111cff6f95eeb&req=diQgFcl%2BnYRbWfMW3nq%2Bgda4oOFRoKAetZtQLxuZeb101n29GqxWdUTpjKoT%0AyBVSrFoEQVjDR3E61Sg6Bxj1C2E%3D%0A) Ask mode won’t build anything for you, but it can help you understand your stories or brainstorm ideas before going into build mode. It can break down what is in your story for you such as the integration points and the key components. Once you understand your story, you can switch over to build mode if there are changes you want to make to the story. ### Sample use cases: - “My story isn’t running the way I want it to. Can you help me figure out what’s wrong?” - “I didn’t build this story, can you explain it to me?” ### Build Mode In Build mode, you can: - Create a story from scratch. - Make changes to an existing story. - Figure out why your story isn’t working. ### Review changes As part of Build mode, you will be able to review the changes made to your workflow by Workbench for Storyboard and confirm whether you want to keep the changes or not. ### Sample use cases: - “Can you reformat my email actions so they look professional?” - “We changed from X tool to Y tool. Help me update the credentials.” - “I’m a new builder and need help getting started. I want to build a flow that XYZs…” ### File attachments You can send images and document attachments directly to Workbench for Storyboard to provide additional context for your requests. This is useful when you want to: - Share a screenshot of an error or workflow diagram to help Workbench for Storyboard understand your issue - Attach a document (e.g., a specification, runbook, or policy file) to guide how Workbench for Storyboard builds or modifies your story To attach a file, click the attachment icon in the Workbench for Storyboard chat input before sending your message. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2473028807/91d5c566b5c65620795f1c15d8b7/CleanShot+2026-06-12+at+15_58_21.png?expires=1781611200&signature=5e04ee609be578913e25af7f51b8f54eb7b16a23a34a1307a6bb12015894beb8&req=diQgFcl8lYlfXvMW3nq%2BgRtWFzhof5LNuDrXEQRPbdNGe%2FsIV79gQWhWIyd%2F%0AA%2BPnq2mYDtLS7D3qbJ0RT4smBas%3D%0A) > For more information on the files you can attach, check our docs out [here](https://www.tines.com/docs/stories/story-copilot/#file-attachments). ## Access Workbench for Storyboard can be used with the Tines default model or BYOM, and is available on all tenants, cloud or self-hosted. > **Note:** To use Workbench for Storyboard, you will need to enable AI features in the AI settings. Follow the steps to enabling AI features in Tines [here](https://explained.tines.com/en/articles/12801322-what-is-ai-in-tines#h_556d7957b7). Once enabled, Workbench for Storyboard will be available to all users in your tenant. ### Role access Workbench for Storyboard is aligned with your role. You cannot do something with Workbench for Storyboard that you cannot do yourself. - Viewer roles have access to Ask mode. - Admin and Editor roles have access to Ask and Build mode. ### Chat history While Workbench for Storyboard is available to all users in your tenant, conversations are scoped to the individual Tines user. To access your chat history, click the drop down arrow. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2473026730/4ddd938db32ecfcf97fb38ec980e/CleanShot+2026-06-12+at+15_57_28.png?expires=1781611200&signature=4ce97a3d8db1dcf213c1cae766e183148a22f836ac56205aa5136f5cca6757b0&req=diQgFcl8m4ZcWfMW3nq%2BgUeaZL1QOADFtxckxPsP5FU8tOZI%2BbHBNnseQz7j%0ATVRJoKq1Ssq6aOTidKnkbIVzhDA%3D%0A) ## Limits & reporting Workbench for Storyboard uses [AI run-time credits](https://explained.tines.com/en/articles/12801399-ai-usage-and-credits) from your tenant's monthly allocation. Credits are deducted per interaction when using the Tines default model. If you are using a custom provider, it will consume tokens from that provider at your own cost." ### Viewing tokens used in Workbench for Storyboard You can view the tokens used in each individual chat by clicking on the information button within Workbench for Storyboard. This button only appears after you have interacted with Workbench for Storyboard. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2473029751/7eb23bdbf543c21972e71b74b6e3/CleanShot+2026-06-12+at+15_58_54.png?expires=1781611200&signature=61f01e602ab0acd93d77b19554a3e02e2ab56235ac8d9857de7786660653903d&req=diQgFcl8lIZaWPMW3nq%2BgX6qbOut8CUC4rRpmui3uFsy6ppCaBYq8z3Hvwgn%0A3LMPq%2BoyqyrQLe8mocTqeKY2GB0%3D%0A) ### Viewing tokens used across your tenant You can view aggregated team level usage in the AI usage section of the reporting page. Here, you can view usage by both tokens and credits. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2437517070/1b78a55e4f20e505068d902de7a3/CleanShot+2026-05-29+at+11_54_02%402x.png?expires=1781611200&signature=e40980e7e3c1bc29042d0677ee560fb9175e5923f9f99c70f962118280f3a5ef&req=diQkEcx%2FmoFYWfMW3nq%2BgUxqs%2FqV7sWRUQm9wznNx9rUJOB7Y5WFCawsrnPp%0AMwAeJZrW7oJ%2Bcaqv4zYfedzEIXg%3D%0A) ## Choosing an AI model Workbench for Storyboard will use the "Smart Model" configured for your tenant. For the best results, we recommend using the Tines default smart model. If you're using another AI provider, we recommend using one of the latest models from OpenAI or Anthropic. > Read more on multiple AI provider support [here](https://www.tines.com/docs/admin/ai/#multiple-ai-provider-support). > > Steps on adding your own AI provider can be found [here](https://explained.tines.com/en/articles/10371885-use-a-preferred-ai-provider-in-tines). ## IPInfo Authentication Guide IPInfo refers to itself as the most reliable, accurate, and in-depth source of IP address data available anywhere. They process terabytes of data to produce their custom IP geolocation, company, carrier and IP type data sets. ### First, get an IPInfo API token 1. Login or sign up to [IPinfo.io](http://IPinfo.io) 2. Click on "Token" 3. Click "Copy to Clipboard" ​ ![](https://downloads.intercomcdn.com/i/o/832714569/8bb95b4a22c338c7e428084b/image.png?expires=1781611200&signature=b7e66d72a9f7127894148a76cb0aa6d3ef5234c6fe4a281720f373392b3d6acc&req=fCMlEch6mIdWFb4V1XW4gdNBjDkwkgn4n5utBDUIu8DpjOmiXDRDYKJ317Tv%0AbDcQDk46xd3z1HqpA3hIokp41g%3D%3D%0A) ### Lastly, create an IPinfo credential in Tines **IPinfo connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "IPinfo" and follow the prompts to connect. > **Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/ipinfo).** > > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of IPinfo stories in the [story library](https://www.tines.com/library?s=ipinfo&view=all).** ## IPQualityScore Authentication Guide IPQualityScore (IPQS) provides enterprise-grade fraud prevention, risk analysis, and threat detection. It analyzes IP addresses, phone numbers, email addresses, and URLs or domains to identify sophisticated bad actors and high-risk behavior. ### First, get an IPQualityScore API key 1. Login to your IPQualityScore account at [https://www.ipqualityscore.com/](https://www.ipqualityscore.com/) 2. Click on "Settings & Account Management" and then select "Account Settings" ​ ​ ![](https://downloads.intercomcdn.com/i/o/848696974/e47b9d3eb31d97604ab5fe92/image.png?expires=1781611200&signature=c5ad08f489a0dfc4b3995ab78b612a78ce0a88953c925908540f118056bc6cc0&req=fCQvEMB4lIZbFb4V1XW4gfTPurwZcmabmesR7AGN2j9uPAXiwhBoVeJ7DNB3%0A6wDHpMoYrFUOiwFQDZ7Yw4TnTg%3D%3D%0A) ​ 3. Copy your "API Key" ​ ​ ![](https://downloads.intercomcdn.com/i/o/848697357/dfa0f2e9561c186145f82e0d/image.png?expires=1781611200&signature=6be533e73308ce265e411e5b9665bb0794c03119b06821d51b710a3d4a944dfa&req=fCQvEMB5noRYFb4V1XW4gVFKPKwnL6NTarUUcM4nQkZh2zsN3%2B8AeIfKAGwq%0AQINwqb98SKNGZXi0YlQAFmktuQ%3D%3D%0A) ### Then, create an IPQualityScore credential in Tines **IPQualityScore connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "IPQualityScore" and follow the prompts to connect. **Manual credential creation** This method is not recommended as the IPQualityScore connect flow creates this credential with much less complexity. However, if you need to create this credential set manually, see the following steps below: 1. Click "+ New Credential" and select "Text" 2. Input the values for the IPQualityScore credential 1. **Name:** Required 2. **Description:** Optional 3. **Value:** Your copied API key value 4. **Domains: \***ipqualityscore.com 5. **Access:** What other teams can also use the API > **Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/ipqualityscore).** > > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of IPQualityScore stories in the [story library](https://www.tines.com/library?s=ipqualityscore&view=all)** ## Is email mode available for self-hosted Tines deployments? Self-hosted deployments of Tines cannot use email mode. Self-hosted deployments can use IMAP mode. Users of self-hosted Tines can also configure an SMTP server in the ENV file. > **👉 For more details on how to configure email for self-hosted Tines [see here](https://www.tines.com/docs/self-hosting/docker-compose/tines-docker-compose-installation-guide#step-10-edit-env-tmpl-file).** ## Is it possible to create a password-protected file within Tines? You can create a password-protected file using the ZIP function and the optional password parameter. > **For more information and examples of using ZIP, [see here](https://www.tines.com/docs/formulas/functions/zip)** ## Island Authentication Guide Island is a cyber startup that provides a web browser for the enterprise to allow work to flow freely while remaining secure. It gives organizations complete control, visibility, and governance over the last mile helping the enterprise with improved performance and helping businesses to minimize their cyber footprint and create a safe space for work to flow, boosting both security and productivity. ## First, get an Island API key 1. Login to your Island account 2. Click "Settings" and then click "API" ​ ![](https://downloads.intercomcdn.com/i/o/891023485/c0b4dd3f28bc3cb35993b056/image.png?expires=1781611200&signature=8b032f6398486e02806c694aef302d604db4a07b0646567975228bd15a1a209d&req=fCkmFst9mYlaFb4V1XW4gVjwXKzL8PFTZeylxGpAFGDFRKxwuswuAZ0NyNW0%0ARa8n6ybrFsmxglgNGgF5zvL8AA%3D%3D%0A) ​ 3. Click "+ Create" 4. Name the key, choose an appropriate role and click "Generate API Key" ​ ![](https://downloads.intercomcdn.com/i/o/891023814/57ce83ab69f9072866619f99/image.png?expires=1781611200&signature=003b626c3aae963810d0ba22c04eac00b6460bdfd850082ac9daafb769c3ce6d&req=fCkmFst9lYBbFb4V1XW4gd%2BiMqRNeUtqYkxhr5g0A3aUxfDf%2FuCWhwBYYSER%0Ai%2BLDZeNWXGWJ5m9%2BY6tBLrNVBQ%3D%3D%0A) ​ 5. Copy your API key to a text editor and click "Close" ![](https://downloads.intercomcdn.com/i/o/891024262/e7f28b6e2bbeb616e23b9f0a/image.png?expires=1781611200&signature=495af9c367a0ef38a3af7d1f25c1d0ecb544775207a5075bcc35c2659b680409&req=fCkmFst6n4ddFb4V1XW4gX8FEHUkrbhi7yzF3w5Ursgsbickc8557rw2OfPx%0ArMIJ4lq%2B%2Bdz2%2BRU9mXr1mp%2Bjgg%3D%3D%0A) ## Lastly, create an Island credential in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Text" 4. Input the values for the Island credential 1. **Name:** Island 2. **Description:** Optional 3. **Value:** Your API key 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API 6. Click "Save" > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Island** **stories in the [story library](https://www.tines.com/library?s=island&view=all)** ## Is Tines the right product for me? We built Tines because we were frustrated by the lack of flexibility, complexity, and brittleness of other automation platforms. In contrast, Tines is flexible, lightweight, robust, and easy to use. The world's leading security and operations teams now trust Tines to automate their essential workflows, making them more effective and efficient. With Tines, you can build automation stories to perform almost any manual task, from onboarding employees to escalating security alerts –and everything in between. Tines is no-code, giving your frontline team members automation superpowers. ### **Here’s a quick look at the product** [Watch video](https://www.youtube.com/embed/VnrSMh53RVg?rel=0) At the heart of everything we do is the principle that any manual process, whether related to security, HR, operations, or another IT team, can be broken down and automated using **eight action types.** The eight Action types we use are: 1. HTTP request 2. Webhook 3. Send email 4. AI 5. Receive email 6. Event transformation 7. Trigger 8. Send-to-story (nested workflows) These power every process, regardless of complexity. And, even if you're new to automation, you can learn how to use them all before lunch. We’re proud to say that if it has an API, Tines can connect to it. So, from mainstream solutions to niche and internal tools, Tines connects with your *entire* stack. No waiting for custom integrations: just the tools you already use, working together like never before. Hopefully, this gives you a basic understanding of what Tines is and can do. You might have realized by now the product is extremely powerful, and the possibilities are endless. But if you have any more questions, contact us using the messenger inside the product - we'd be delighted to chat! ## Is Tines the right product for me? Not sure if Tines is the right product for you? We built Tines because we were frustrated by the lack of flexibility, complexity, and brittleness of other automation platforms. In contrast, Tines is flexible, lightweight, robust, and easy to use. The world's leading security and operations teams now trust Tines to automate their essential workflows, making them more effective and efficient. Companies across the world are saving thousands of hours by automating their workflows using Tines. ### **Here’s a quick look at the product** [Watch video](https://www.youtube.com/embed/VnrSMh53RVg?rel=0) ### **What is Tines?** With Tines, you can build automation stories to perform almost any manual task, from onboarding employees to escalating security alerts–and everything in between. Tines is no-code, giving your frontline team members automation superpowers. At the heart of everything we do is the principle that any manual process, whether related to security, HR, operations, or another IT team, can be broken down and automated using **eight action types:** - HTTP request - Webhook - Send email - AI - Receive email - Event transformation - Condition - Send-to-story (nested workflows) These power every process, regardless of complexity. And, even if you're new to automation, you can learn how to use them all before lunch. We're proud to say that if it has an API, Tines can connect to it. So, from mainstream solutions to niche and internal tools, Tines connects with your *entire* stack. No waiting for custom integrations: just the tools you already use, working together like never before. ### **Problems you can solve with Tines** Below are ***just some*** of the ways in which our customers have turned the power of Tines into tangible business results. ##### **Security teams use Tines to automatically:** - [Analyse phishing emails](https://www.tines.com/story-library?s=Phishing+email) - [Triage security alerts](https://www.tines.com/story-library?s=security+alerts) - [Analyse files](https://www.tines.com/story-library?s=analyze+file) - [Add form data to spreadsheets](https://www.tines.com/story-library?s=add+form+data) - ***[...and many more](https://www.tines.com/story-library/)*** ##### **IT Ops teams use Tines to automatically:** - [Create Jira issues using Slack](https://www.tines.com/story-library/87653/create-jira-issues-via-slack) - [Create chatbots for communicating within and between remote teams](https://www.tines.com/blog/chatbots-for-security-and-it-teams) - [Suspend or disable accounts in Google, Okta, Github](https://www.tines.com/story-library/87650/suspend-or-disable-accounts-in-google-workspace-github-and-okta) ##### **DevOps teams use Tines to automatically:** - [Handle Github notifications and notify Slack](https://www.tines.com/story-library/1136336/handle-github-notifications-and-notify-slack) - [Reimage an AWS instance](https://www.tines.com/story-library/87635/reimage-aws-instance) - [Create Terraform infrastructure as code](https://www.tines.com/story-library/89549/create-terraform-infrastructure-as-code) ##### **HR teams using Tines to automatically** - [Onboard employees & grant specialized access to specific tools](https://www.tines.com/story-library/1120478/onboard-employees-grant-specialized-access-to-specific-tools) - [Add new employees to Bamboo HR and manage system access](https://www.tines.com/story-library/87651/add-new-employees-to-bamboohr-and-manage-system-access) > If you've got an idea for a Story in Tines, **[we'd love to hear it!](https://www.tines.com/story-library?tag=IT&modal=request-story)** Hopefully, this gives you a basic understanding of what Tines is and can do. You might have realized by now the product is extremely powerful, and the possibilities are endless. But if you have any more questions, contact us using the messenger inside the product - we'd be delighted to chat! ## JAMF Pro Authentication Guide JAMF provides enterprise-secure solutions with consumer-simple workflows to manage and secure devices and users. ### First, create a Jamf API role and client 1. Login to your Jamf tenant, i.e. `https://.jamfcloud.com` 2. Click the "Settings" icon ​ ​ ![](https://downloads.intercomcdn.com/i/o/855833364/717bc87b4c4f10b430218680/image.png?expires=1781611200&signature=60924b44db80c11c1a2bf032314f5a6d0a9a2e16f965d997a8098f7b8f4157e2&req=fCUiHsp9nodbFb4V1XW4gc1MLNc6f7r9ecD%2FjofRJlS%2FhTnNY2qf0oCxmuwl%0AxaE6gZ3cpQ126Fj69WmfGH2kUg%3D%3D%0A) ​ 3. Click "API Roles and Clients" ​ ​ ![](https://downloads.intercomcdn.com/i/o/855833732/61db4684236e86a08edfa65d/image.png?expires=1781611200&signature=8bab258cf492eba250e6a15d1ababa17a3894758eec316a9e6c35edc225c6817&req=fCUiHsp9moJdFb4V1XW4gZLmMxu3p5NCgGvJ9oAJDpROVru8Z6aC0euv%2Fyay%0AoAZCq6%2BRnrxe4UHhrDK4V9%2FXjg%3D%3D%0A) 4. Click the "API Roles" tab and then "+ New" ​ ​ ![](https://downloads.intercomcdn.com/i/o/855834214/969b8519f6a4f02d6e56fedd/image.png?expires=1781611200&signature=67629993ceae7a08dbd0fed2fcece235984ffe3837c2bc4f3cd09486992da5cd&req=fCUiHsp6n4BbFb4V1XW4gc1Rwm8RNkOc7nu5BxlXl%2BphMbp06VCPTjXYPwoW%0AJrl5G43jftbqVXFqKWyZiWW%2BoA%3D%3D%0A) ​ 5. Name the role, choose the privileges for the role and click "Save" ​ ​ ![](https://downloads.intercomcdn.com/i/o/855834776/18d83336ef3e3154b8debac1/image.png?expires=1781611200&signature=e7142c685625e0d5dc599a2667f0a9793bd08982576e24693954c7ba57610f90&req=fCUiHsp6moZZFb4V1XW4gcE4zP1xbTFewSc%2F5z5jFDgpzJlXUN2yDuAipi9K%0Ajvly%2BnMj6UJODirvJ3eJk3%2Fwtg%3D%3D%0A) ​ 6. Click the "API Clients" tab and then "+ New" ​ ​ ![](https://downloads.intercomcdn.com/i/o/855835405/64ac9a5c8751c616375348e8/image.png?expires=1781611200&signature=1a3a02a317747495863613d3261f8140bd1ad29ae157bea065025557cf3a0cc4&req=fCUiHsp7mYFaFb4V1XW4gWuSdKB3WA9nwV6n%2FNwTjnDNkHmVNMUWj84U5rUx%0AE%2Bele35lECb%2BCFHfNgkLEELuWg%3D%3D%0A) ​ 7. Name the client, choose the API role you created, click "Enable API client" and then "Save" ​ ​ ![](https://downloads.intercomcdn.com/i/o/855836140/4afe8a0b2c4a8fccff3b84a9/image.png?expires=1781611200&signature=7fbdf7f46a4fdbce7f14362251b1b930257147d394624b15792aefbbda7cfb2b&req=fCUiHsp4nIVfFb4V1XW4gQpEj7HSgFHXfekRP4xLG38bABlWFmrAHLJgqtKq%0AbxydQB39I0qvh2c0yHQIyxGTQQ%3D%3D%0A) ​ 8. Click "Generate client secret" ​ ​ ![](https://downloads.intercomcdn.com/i/o/855836396/459b1b8e2501f7abafdf7c86/image.png?expires=1781611200&signature=c25e4e35d382ff9b4db1fef8fda423d29c87c7ace91070bdc2097e978d5f2a39&req=fCUiHsp4nohZFb4V1XW4gSMGT9spc608uikgo0%2Fvyw0AAJyDxVLiAq5iXPGm%0AHMP6WEu09pzLXkIaPFd8YNyz0w%3D%3D%0A) ​ 9. Click "Copy client credentials to clipboard" and paste into a text editor, then click "Close" ​ ​ ![](https://downloads.intercomcdn.com/i/o/855836779/2474cccd58bfcdad36be3a59/image.png?expires=1781611200&signature=dccf0dce17ead10692c48f1f80d1a9d968b64b059bce7c3c4747968987a5f9a7&req=fCUiHsp4moZWFb4V1XW4gU2P0RwI9w%2Fjvfrolfikt0gDUuRQ6sQy3c%2BZpdwE%0AGLoOda0MKioPDwpgVq%2FEO3LBEA%3D%3D%0A) ## Lastly, create a Jamf credential in Tines **Jamf connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Jamf" and follow the prompts to connect. > **Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/jamf).** > > **More on creating credentials in Tines [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can also find a selection of Jamf stories in the [story library](https://www.tines.com/library?view=all&s=JAMF).** ## Jira Software Authentication Guide Connect Tines to Jira Cloud Platform to create powerful automations with the below authentication guide. ### First, get the relevant credentials needed in Jira. To authenticate Jira for use with Tines, you will need the following: - API token associated with an account - Email of account associated with API token - We recommend creating a Tines service account. That way, actions created and run from Tines will be appropriately identified as from Tines. - Jira domain ##### Step by step instructions: 1. Log in to [https://id.atlassian.com/manage/api-tokens](https://id.atlassian.com/manage/api-tokens) with the account you would like to associate the API token with. 2. Click "Create API token" ![](https://downloads.intercomcdn.com/i/o/754220317/c9fa70ec76760000ae20a6f1/Screenshot+2023-06-01+at+12.08.17.png?expires=1781611200&signature=e6229221815be42b4441ab1bb096e721d77447d63dd91ce996189c1a6c9b66ed&req=cyUjFMt%2BnoBYFb4V1XW4gVWTZTSZ8nWHV%2BGfkcZeCeGm9hdjByBrrcp%2BfSov%0A%2FugEWUnCRFEEZFvIRdIIeukAhg%3D%3D%0A) 3. From the dialog that appears, enter a label (e.g. 'Tines') for your token and click Create. ![](https://downloads.intercomcdn.com/i/o/754220799/01564cfa1b91f1bbeb70fe37/Screenshot+2023-06-01+at+12.08.48.png?expires=1781611200&signature=cf1643056af6d214dde869c4a63291e1020ae95f2d14f17fbab7ca7eef495e42&req=cyUjFMt%2BmohWFb4V1XW4gZU87KslkfCnX5aKbHZcaG%2FOk19upnKyrAAlPANC%0AxdeBLe0VfRwFmETD3q8n8jwBrw%3D%3D%0A) 4. Copy the API key ![](https://downloads.intercomcdn.com/i/o/754221290/57e0004defa9941da5b683d8/Screenshot+2023-06-01+at+12.09.34.png?expires=1781611200&signature=20706e85becbf9c55819c455db34fe3934dc95a6128e52adaee413269ad4a1b6&req=cyUjFMt%2Fn4hfFb4V1XW4gYDCeq3fi%2BSYCkE02ZJ%2F%2BLC%2B62YnPQOeAboUxswJ%0A4kmjeRbNAOjHl1Dqnb2z3yd4hw%3D%3D%0A) ### Then, create a Jira credential in Tines **Jira Software connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Jira Software" and follow the prompts to connect. ##### Manual credential creation This method is not recommended as the Jira Software connect flow creates this credential with much less complexity. However, if you need to create this credential set manually, see the following steps below: 1. Click "+ New Credential" and select "Text" 2. Input the values for the Jira credential 1. **Name:** Required 2. **Description:** Optional 3. **Value:** Your API token 4. **Metadata:** Enable metadata and add the below metadata: ``` { "domain": "your Jira domain", "username": "the email address of the account that created your API token" } ``` This will allow you to reference the credential's metadata via the `INFO` key. This is also used in our templates. 3. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the credential. > Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/jira-software). > > For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines). > > You can find a selection of Jira stories in the [story library](https://www.tines.com/story-library?page=1&s=Jira). ## Joe Sandbox Authentication Guide Joe Sandbox is the industry's most advanced automated and deep malware analysis engine. With a unique multi-technology approach and the latest machine learning techniques, Joe Sandbox enables security specialists to analyze files on Windows, macOS, Linux, Android, and iOS operating systems. ### First, get a Joe Sandbox API key 1. Login to your Joe Sandbox account at [https://www.joesandbox.com](https://www.joesandbox.com) 2. Click on the person icon and select "User Settings" ​ ​ ![](https://downloads.intercomcdn.com/i/o/849597161/2aec7dd8b63fa6412a11c717/image.png?expires=1781611200&signature=25a13a69674cedb8d5799cced9078ac9d884efac8e8ddf3fe04c1edf5d3479e8&req=fCQuE8B5nIdeFb4V1XW4gY%2BFEUZecszGxxpSNSv1vwg94WDCAY9%2FHsJ1xFyM%0AZTC%2FV4T0Qurw7IHR9LdWa2g24Q%3D%3D%0A) ​ 3. Click on the "API Key" tab and click "Generate API key" if an API key isn't already displayed ​ ​ ![](https://downloads.intercomcdn.com/i/o/849597827/ea1f995c37eb826f04246e26/image.png?expires=1781611200&signature=b79a4b930cbd72b47c4cb3d8cc1561f6af05dc79562438c89d4b77d38adfbc26&req=fCQuE8B5lYNYFb4V1XW4gYns55U394LjZ57kujFTGmrSsiYYs14qMhxFW6FS%0AGB4H5RhLmz95ylYpjQqvz%2BY2%2BA%3D%3D%0A) ### Lastly, create a Joe Sandbox credential in Tines **Joe Sandbox connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Joe Sandbox" and follow the prompts to connect. > **Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/joe-sandbox).** > > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Joe Sandbox stories in the [story library](https://www.tines.com/library?s=joesandbox&view=all)** ​ ## JumpCloud Authentication Guide JumpCloud is an open directory platform for secure, frictionless access from any device to any resource, anywhere. JumpClouds mission is to Make Work Happen, providing simple, secure access to corporate technology resources from any device, or any location. The JumpCloud Directory Platform gives IT, MSPs, VARs/Distributors, security operations, and DevOps a single, cloud-based solution to control and manage employee identities, their devices, and apply Zero Trust principles. ## First, get a JumpCloud API key 1. Login to your JumpCloud account 2. Click on the user menu and click "My API Key" ​ ![](https://downloads.intercomcdn.com/i/o/891028470/36ccb61b7e502a47a0321aba/image.png?expires=1781611200&signature=5d67f1f3a26e1852427bc67467d612a42672f3a07c883f882b75a14434b70d22&req=fCkmFst2mYZfFb4V1XW4gXQeLIYcKvL7W8I0Y7MVkFjw9Fb4SaFEOiDNLlLs%0AoME0ggilyHrcnnRMhxv1oMqv%2Fg%3D%3D%0A) ​ 3. Click "Generate New API Key" ​ ​ ![](https://downloads.intercomcdn.com/i/o/891030068/c66288b455164c6fbfae2924/image.png?expires=1781611200&signature=e658b4777c57c1de032d0dba01ba073656f3eeb478d3d6d6d3d42010ad0e8368&req=fCkmFsp%2BnYdXFb4V1XW4gbAlYhp%2FAoqed1zCjJDJxkIPWRGYP2B4INtIpk1U%0A4lozkUhD6Hvvr2ediAduXGWh1g%3D%3D%0A) ​ 4. Copy your API key to a text editor ​ ​ ![](https://downloads.intercomcdn.com/i/o/891030422/bb11ce4686caa84101c4e3ce/image.png?expires=1781611200&signature=c87cf27b0f7cc6cf3d706959a00f967a45bf1841612dea359a04723f9517e9d3&req=fCkmFsp%2BmYNdFb4V1XW4gREB%2BGzkhhJ3DQvbG3RsNha5UO7iw8A5xeMG1NR4%0AQbJJwJ9vLxYiY739v2O7coy%2FIg%3D%3D%0A) ## Lastly, create a JumpCloud credential in Tines **JumpCloud connect flow:** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "JumpCloud" and follow the prompts to connect. > **Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/jumpcloud).** > > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of JumpCloud** **stories in the [story library](https://www.tines.com/library?s=jumpcloud&view=all)** ## JupiterOne Authentication Guide JupiterOne is a leading cybersecurity company specializing in cyber asset and attack surface management. Customers use the JupiterOne platform to connect the dots between all assets, people, and risks, providing deep context and insight into their expanding technology footprint. JupiterOne helps teams discover assets, map relationships, and triage risks to reduce attack surfaces. ### First, get a JupiterOne API key 1. Login to your JupiterOne account at [https://login.us.jupiterone.io/](https://login.us.jupiterone.io/) 2. Click on the menu in the top right and select "Account API Tokens" ​ ​ ![](https://downloads.intercomcdn.com/i/o/848710681/2ebe1fcc3394b453e24d927e/image.png?expires=1781611200&signature=022a371b2a3311be41ad39e479657760ab1f40f1c8aee1b350af35fe0bd61287&req=fCQvEch%2Bm4leFb4V1XW4gfeL2HUPLk55OylRLc4o2i7dS%2B4i644G5o4n8FXL%0A30psH59WwghdM%2F83mtQhNCzRhg%3D%3D%0A) ​ 3. Click "New Token" ​ ​ ![](https://downloads.intercomcdn.com/i/o/848711450/40079d4318c5e389509178bd/image.png?expires=1781611200&signature=dde4d83cf173e581413d00af78128381cdb89d8bea63922e1ed24bf80ac335cc&req=fCQvEch%2FmYRfFb4V1XW4gS8vk2YziAoc5oDyf9vgxRo2Vc20oooHc7NkgjBu%0A3qLT02zUvDaRLdtbCz%2Bvr3F8pw%3D%3D%0A) ​ 4. Name the token, select the number of days it is valid for and choose the privilege level, and then click "Create" ​ ​ ![](https://downloads.intercomcdn.com/i/o/848712720/27947ac56bca75f549b2bd16/image.png?expires=1781611200&signature=cde3db93f3af2c3d8dcfc914f106e4fa78df682deb76b3f57b9e0289120096c7&req=fCQvEch8moNfFb4V1XW4gZ3LRS%2BhkolUHO%2Bebd9BsjWWmOkX3Ytp0QGdQrCL%0AYDdafzQCqI%2B8XbrGB40P93gVJQ%3D%3D%0A) ​ 5. Copy your "Token" to a text editor and click "Done" ​ ​ ![](https://downloads.intercomcdn.com/i/o/848713262/825583d8a8f76f15f6904c0c/image.png?expires=1781611200&signature=700bd31f2b6dbdb4020e50216086608662bb05ede39e20352d28c7e2791ace35&req=fCQvEch9n4ddFb4V1XW4gWj0A5aqIrKjAczRf5MbhCqql95oz0RbEAk3Vtj2%0AQiSiWOEjovABAvQ8kYOW%2FLCrpg%3D%3D%0A) 6. Click on the menu in the top right and select "Account Management" 7. Copy your "Account Id" to a text editor ​ ​ ![](https://downloads.intercomcdn.com/i/o/848715916/3990cf53fae441b27d047c72/image.png?expires=1781611200&signature=d6bc8155e03aaa802ae03982c3618b1ebfe9baf9e2c28d8c26a6af49272e919c&req=fCQvEch7lIBZFb4V1XW4gWA%2BnrX1DblKC0AoOihzXAgvCvM4urLIZXp8rdaL%0AUgSm1vGyTtTL2kAD3iAXvcEwLg%3D%3D%0A) ​ ### Lastly, create JupiterOne resources and a credential in Tines **JupiterOne connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "JupiterOne" and follow the prompts to connect. > **Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/jupiterone).** > > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of JupiterOne stories in the [story library](https://www.tines.com/library?s=jupiterone&view=all)** ## KnowBe4 Authentication Guide **KnowBe4** provides Security Awareness Training to help you manage the IT security problems of social engineering, spear phishing and ransomware attacks. ## First, get a KnowBe4 API token 1. Login to your KnowBe4 account at [https://training.knowbe4.com/ui/dashboard/](https://training.knowbe4.com/ui/dashboard/) 2. Click on the user menu and then click "Account Settings" ​ ![](https://downloads.intercomcdn.com/i/o/964882601/46974cb19090cd214f6dda7c/image.png?expires=1781611200&signature=d675f3c0e52cadc3acc80fc447d710ae87943959edeebd68eebdef8c3b763bb3&req=fSYjHsF8m4FeFb4V1XW4gdbsMgUN1P8JyqWkCXEIZR7FVhaaShv%2FQWg69QQF%0AyerR6stIsiANE20a8z%2FiuE9%2BDA%3D%3D%0A) ​ 3. Click "Account Integrations", then "API" and then click on the API you need to create a token for ​ ![](https://downloads.intercomcdn.com/i/o/964884105/e230698d0f4048797985da56/image.png?expires=1781611200&signature=78b0385cda637604f156b62a418e4757102cf7fd98126a9ca217cdc34cbc2b01&req=fSYjHsF6nIFaFb4V1XW4gb0WaoyoptAzBBOUlUdXzykj%2FlMaY6Kpa%2FV8Gbq%2B%0ACdRftH8MuQx8Oz2NqU%2BHbcGcAA%3D%3D%0A) ​ 4. Click "+ Create New API Token" ​ ![](https://downloads.intercomcdn.com/i/o/964885412/77246839a942972cbd8fd6fc/image.png?expires=1781611200&signature=d7aac2e892165101e0a10dce909835970e5c5e6fae68b2605e823c4aa723a4a1&req=fSYjHsF7mYBdFb4V1XW4gb8DSKz9STlpensaE2jmfw7bcPwul1vugCXdjseh%0AYQfq6WSw8IhoHRZ56Y2DzV8MhQ%3D%3D%0A) ​ 5. Name the token and click "Create Token" ​ ![](https://downloads.intercomcdn.com/i/o/964886204/f5b70a105188401cfa09e47f/image.png?expires=1781611200&signature=644854b838a15a84015962b5d45d08280c773b74ac65f04de688f709219b494c&req=fSYjHsF4n4FbFb4V1XW4gcIiFlUHVwZ4%2F2wR7K80E3lT%2FPlAseBkypojpCl7%0AwJVwSQN2PHm4uQilRBXfvRijHg%3D%3D%0A) ​ 6. Copy your token ​ ## Lastly, create a KnowBe4 credential in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Text" 4. Input the values for the KnowBe4 credential 1. **Name:** KnowBe4 2. **Description:** Optional 3. **Value:** Your API token 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API 6. Click "Save" ​ > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of KnowBe4** **stories in the [story library](https://www.tines.com/library?s=knowbe4&view=all)** ## Malware Analytics Authentication Guide Secure Malware Analytics (formerly Threat Grid) combines advanced sandboxing with threat intelligence into one unified solution to protect organizations from malware. With a robust, context-rich malware knowledge base, you will understand what malware is doing, or attempting to do, how large a threat it poses, and how to defend against it. ## First, get a Malware Analytics API key 1. Login to your Malware Analytics account 2. Click on the user menu and then click "Account Settings" ​ ​ ![](https://downloads.intercomcdn.com/i/o/929242759/d709a3a4158b093e66a257f7/image.png?expires=1781611200&signature=a43f14bce992ede8841f4156d4960ce66897641f653c40b11fb1e51ebbbdee2d&req=fSIuFM18moRWFb4V1XW4gbzJuUsFiHahly9oEfFv0R78%2BvoG0k3vt6b0u5%2Fb%0AmlqehAZhEU9YQ4BEFsBd5Hq2RQ%3D%3D%0A) ​ 3. Copy your API Key to a text editor ![](https://downloads.intercomcdn.com/i/o/929243248/c97e26789f3cc3089aa28b75/image.png?expires=1781611200&signature=51444af80f8f66f14b76d83abda1518b0d75994df189d34e40094ec28a29d918&req=fSIuFM19n4VXFb4V1XW4gdMJDrXQzt51682EfC9OeJo%2FmveFXb4p%2BSRI86dV%0AnPo9PQCbj57jsY0UHoSLVTocLg%3D%3D%0A) ## Lastly, create a Malware Analytics credential in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Text" 4. Input the values for the Malware Analytics credential 1. **Name:** Malware Analytics 2. **Description:** Optional 3. **Value:** Your API key 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API 6. Click "Save" > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Malware Analytics** **stories in the [story library](https://www.tines.com/library?s=malware%20analytics&view=all)** ## Malwarebytes Authentication Guide Malwarebytes is an anti-malware software for Microsoft Windows, macOS, ChromeOS, Android, and iOS that finds and removes malware. Made by Malwarebytes Corporation, it was first released in January 2006. ## First, create OAuth2 credentials for Nebula To integrate Nebula with other applications, you will need to create an OAuth client ID and Client secret. You must be a Super Admin to create OAuth2 credentials in Nebula (see [Malwarebytes documentation](https://service.malwarebytes.com/hc/en-us/articles/10594516370835-Create-OAuth2-credentials-for-Nebula)). 1. Log in to Nebula. 2. In the left navigation pane, click "Integrate". 3. Click the "Add". 4. In the "Create Client" pop-up window, enter an Application name. 5. Check "read, write, and/or execute". 6. Click "Save". 7. In the OAuth Client window, copy your "client ID" and "client secret". > **IMPORTANT: This is the only time your client secret is displayed. Store it in a secure place. If you lose the secret, you need to generate a new secret, and you will be required to update all integrations that used the old secret.** ## Lastly, create a Malwarebytes Credential in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "HTTP Request" 4. Input the values for the Malwarebytes credential 1. **Name:** Malwarebytes 2. **Description:** Optional 3. **URL:** `https://api.malwarebytes.com/oauth2/token` 4. **Content Type:** Form 5. **Method:** post 6. **Payload:** Copy the below object and paste into the "**Plain code**" section ​ ``` { "scope": "read write", "grant_type": "client_credentials" } ``` 7. **Headers:** 1. **Header:** Authorization 2. **Value:** Basic `<>` 5. Click "Save" 6. Click "Run request" and and double-click on the `access_token` key to copy the path 7. **Location of token from response**: Paste the path you copied `<>` 8. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains 2. **Access:** What other teams can also use the API 9. Click "Save" Your credential should look like the following: ​ ![](https://downloads.intercomcdn.com/i/o/931871269/4e3f319e1f63a1e727814ed7/MalwarebytesCredential.png?expires=1781611200&signature=4e5df5e7664a8188ed7f3748fdf8c5b106fd33a3b64c343d66d95e0141db17b7&req=fSMmHs5%2Fn4dWFb4V1XW4gcij0oO9lcBzyxoivmsb09ziE0%2BhtseXsWxCUhcM%0A4%2FyPhLGBgHPbVGuF230WwSmc9w%3D%3D%0A) ![](https://downloads.intercomcdn.com/i/o/931871447/606cfb902200039f6c8968d1/Payload.png?expires=1781611200&signature=2324339ff3114285067a43a20794b86e3150ca5908229ceaf71e5dc325b94ae9&req=fSMmHs5%2FmYVYFb4V1XW4gX8V5AnasrZxOYx8xwXtCJz%2BGj%2BbzvIw4VBLmjzO%0ABP20SclhueOp8wGp6Lo%2B6owOPA%3D%3D%0A) ![](https://downloads.intercomcdn.com/i/o/931871557/fe4ccd43a272e7a9c9ff5658/Location.png?expires=1781611200&signature=0657fdc2887a04bad6cfca58ad74f5a6417d5be1ccc065ba7768f4ae6e59e0cc&req=fSMmHs5%2FmIRYFb4V1XW4gYnfC5Z4NFoC6lyJrGpEBnNGtND7JnZudwZPwYp1%0Ae4prB8TZeeYPi2ymAw%2BfD93S1g%3D%3D%0A) > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Malwarebytes stories in the [story library](https://www.tines.com/story-library?s=malwarebytes).** ## Using the Credential and Resources in an action The Header configuration for your Malwarebytes credential should be: ``` "Authorization": "Bearer <>" ``` Here is an example Malwarebytes action you can copy and paste onto your storyboard in Tines: ``` {"standardLibVersion":"41","actionRuntimeVersion":"6","agents":[{"disabled":false,"name":"Working List suspicious activities of the account in MalwareBytes","description":"Fetch suspicious activity records of the account","options":"{\"url\":\"https://api.malwarebytes.com/nebula/v1/events\",\"content_type\":\"application_json\",\"method\":\"get\",\"headers\":{\"Authorization\":\"Bearer <>\",\"accountid\":\"<>\"}}","position":{"x":945,"y":300},"type":"httpRequest","timeSavedUnit":"seconds","timeSavedValue":0,"monitorAllEvents":false,"monitorFailures":false,"monitorNoEventsEmitted":null,"recordType":null,"recordWriters":[],"form":null,"cardIconName":"httpRequest","createdFromTemplateGuid":"31fd8f347d598606b2c44fec5e0c9bf2a30c670030079f25aa68473848431792","createdFromTemplateVersion":1,"originStoryIdentifier":"cloud:8b3d0c1d536d7aef6416b3d0e57a460a:4a72bb77fd9e057d66d88208bf9b39ea"}],"links":[],"diagramNotes":[]} ``` ## Managing your stories In Tines, you have the ability to move or archive stories and then either restore or delete them permanently. This article will walk you through the steps to do this. Need a refresher on stories? Read [this article](https://explained.tines.com/en/articles/12688464-stories-in-tines) on stories in Tines. ## Moving a story You can move a story to another team in your tenant in two places: 1. On the story dashboard by clicking the 3 dot icon on the story you want to move. ​ ![](https://downloads.intercomcdn.com/i/o/am0g137l/2233697024/0d5c0775ec4999ae869da1f0bd60/move+story+in+dashboard.gif?expires=1781611200&signature=0e11f59d6aa74531a5829db9a630e341083e437f00175cfa07a2c06edb986ba6&req=diIkFc93moFdXfMW3nq%2BgcW7ArZSm6SsYbyjH4c%2FVVhzkWlB6o1K8z%2FbNXkW%0A2kFkxzcfn001MGGmQ8lbJTsTzU4%3D%0A) 2. Within your story by clicking the 3 dot icon in the top right corner of the screen. ​ ![](https://downloads.intercomcdn.com/i/o/am0g137l/2233685860/281d7ef9fb6cf69b87f8d7a8916b/Move+story.gif?expires=1781611200&signature=bdeded127b188eb10db54f2001db391184ad51ce276387d371e49faf6b978b5b&req=diIkFc92mIlZWfMW3nq%2BgZsv5yFAY2dsn0L024Lc6ia3JQPQZYVDqBhEE%2BrZ%0AJD9x7S%2BXg7bBJ8wt22PnORdi58c%3D%0A) > Tines tip: It can be very useful to have a dedicated folder, like one for testing, where you can work and collaborate with your team. ## Archiving a story You can archive a story in Tines by clicking on the 3 dot icon on the story you want to archive and select **Archive Story**. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2223121796/3e788b630af7f0d8456ec880c7f6/Archive+story.gif?expires=1781611200&signature=f322fea5e4a46c5f99d9e21b0c9b6283acd482719e325bc0e95f5299112b9c87&req=diIlFch8nIZWX%2FMW3nq%2BgRjLjYYw%2FVnKNMfYoOERPqkI069pV6Hn7B8wATEP%0AbCXeYWoKF0Ern%2BQuaXtPZeHlPyI%3D%0A) ## Restore or delete an archived story You can find your archived stories by clicking on your team name, then clicking **Archived Stories**. Archived stories can be restored or permanently deleted individually or in bulk from this folder. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2223122411/363165301c2b083c238a57dc9015/restore+archived+story.gif?expires=1781611200&signature=38e78bbf3b43b29934efa4e11b4cbad18ed13b528cf3b5ad525972104b24e76c&req=diIlFch8n4VeWPMW3nq%2BgU6L%2FvKkcb8V5BS2cUI1Y82zSv4NIJ3DrKoc6lU0%0ARIwOjY8b%2Fy0MbWtVubR7%2Fwn2wu0%3D%0A) > Note: These archived stories are stored indefinitely until they are permanently deleted. Read more about stories in Tines [here](https://www.tines.com/docs/stories/). ## Managing your subscription You can manage your Tines plan on your billing page at `[tenant-name].tines.com/settings/billing`. This centralized hub gives you control over your subscription, usage limits, and billing details. ### **Your plan** Your billing page displays your current plan tier and associated usage limits. Tines offers different plans to suit various needs: - **[Community Edition](https://explained.tines.com/en/articles/13653063-getting-started-with-tines)**: Forever free with basic limits - **Business & Enterprise**: Plans with expanded limits and features > To upgrade to a business or enterprise plan, **[book a call](https://www.tines.com/book-a-demo/)** with our Sales team to learn more. ### **AI run-time credits** The number of [AI run-time credits](https://explained.tines.com/en/articles/12801399-ai-usage-and-credits) you have used and have remaining can be reviewed on your billing page. If you exhaust your monthly AI run-time credits before renewal, all plans *except for* Community edition can purchase additional credits to avoid workflow interruptions from the billing page (`.tines.com/settings/billing`). Top-up credits are only used after your monthly allocation is exhausted and will roll into the next month. When you top up, you'll see the dollar amount of credits used, and available. One credit equals $0.01. Hover over the dollar amount to see the credit equivalent. Learn more [here](https://explained.tines.com/en/articles/12801399-ai-usage-and-credits). ### **Billing history** The billing page includes a complete record of your invoices and payment history. You can: - View past invoices - Download receipts for accounting - Track payment methods and renewal dates ## Mastering the fundamentals ## The storyboard at a glance Before working through the fundamentals, here's a visual overview of the four key sections of the storyboard: ![](https://downloads.intercomcdn.com/i/o/am0g137l/2332299487/bb13b035b56b491c4d69ad6f17fe/Storyboard+UI.png?expires=1781611200&signature=0dfcee13b9d230a2aaab2160d27c3b5b9407e84b99e1395f8496451ae463b4f6&req=diMkFMt3lIVXXvMW3nq%2BgTUpGOS%2BwBS2%2BvY8tUPtvjs17vu4qUsfMusUnKnU%0A1uXqYSBajmZRc6h7oniVtOUrGAs%3D%0A) - Story toolbar — Drag actions, tools, and templates from here onto the storyboard - Storyboard — Your central workspace for building and connecting actions - Properties panel — Configure each action using the right-hand panel - Event viewer — Inspect real-time event data output from your actions ## Actions ### Testing an action To test an action in Tines, select the action and click "Test". ![](https://downloads.intercomcdn.com/i/o/am0g137l/2273533632/23642cf305bcdcaac551004b14bf/test+an+action.gif?expires=1781611200&signature=d4c24f355b96bf56db9afdcddd9132290a22910910343ca0136e6413e419e1c7&req=diIgFcx9nodcW%2FMW3nq%2Bgd1d0aKRkX%2FVNutqa1hbZKFs%2BoGnzxnPF13OxxHu%0A98aHMr%2FGxpIQBdyWUHpnUBbXPzQ%3D%0A) This will display the results of the test along with a status code of the action ### Copying an action To copy an action in Tines, click on the action you wish to copy and then either click the copy button or Ctrl/Command ⌘ + C on your keyboard. Once copied, you can paste the action into your storyboard. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2273536684/ef8404a38c5e6fdb15d975b13815/copy+an+action.gif?expires=1781611200&signature=41407f6aa1a91d89b3b0119a72fe12db9bc1dcd206aa6679ff4a0d1819260931&req=diIgFcx9m4dXXfMW3nq%2BgYnRRHpo4pQejjcgy%2BXNJpAzR5%2FRqRXA65AKkFgS%0As5QXP9y2C4tYFhZ9zAuh7WEG7Vs%3D%0A) ### Copying multiple actions To copy multiple actions, press and hold Ctrl/Command ⌘ and use your mouse to select the actions you want to copy. Then, the same as copying single actions, click the copy button or Ctrl/Command ⌘ + C on your keyboard. Once copied, you can paste the action into your storyboard. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2273538058/24130a95ffcf33e2b676f7b4c6ad/copy+multiple+actions.gif?expires=1781611200&signature=ef456c323ccc887872e1fade8470d731e68c2db0da506d47f304cafda730bc04&req=diIgFcx9lYFaUfMW3nq%2BgX3wInQi5JFhNmj7hTYOjWrsRd%2BI5FDHxRmOTYhf%0AFdX%2F57yd%2FUxSnxHRuv3YJFVrsSI%3D%0A) ### Align and tidy actions When building a story in Tines, things can get messy. Actions overlap, or get crowded, and the overall flow can become harder to follow. Tines gives you two simple tools to quickly bring order back to your board: - Align: This arranges the selected actions so that they line up neatly, either vertically or horizontally. It’s useful when you want multiple actions to share the same axis. - ​Tidy: This automatically spaces out the selected actions evenly, reducing overlaps and improving readability. It’s helpful for cleaning up a messy storyboard quickly without manually dragging actions around. With these options, you can straighten out actions, space them evenly, and make your storyboard that bit easier to read and manage. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2273622913/f6bed0f06f122c756b44dcdad52d/align+and+tidy.gif?expires=1781611200&signature=1cd03499f29600ef126a4b98da6362ab512afdf4717109aa781baca7e8deb144&req=diIgFc98n4heWvMW3nq%2BgcIcp%2Fs0pxiC%2BfMq6w4zRX9Iv1%2BYc98S4096tVQ5%0A3KXuUUcdRV%2BEH23OOGZK7NGbUm0%3D%0A) > Tip: > > - Use Align when precision is needed (e.g., keeping several actions perfectly level). > > - Use Tidy when you want the overall layout to be more organised and visually clearer. ### Delete a connection between actions To delete a connection, click the line between two actions and press delete. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2273641859/291a80db08f1ffee9c18403dfdeb/delete+a+connection.gif?expires=1781611200&signature=6837407c2ca2cb3001763df4141af767bc18eed1267185b9649d448ed6b86db6&req=diIgFc96nIlaUPMW3nq%2BgXW78ksDxaz%2BnIT2Enqm3ZFxJUsO%2BaDIgFwmAt8z%0AVh9JDgu9Jrfb5wFvJGuF1eP%2BByo%3D%0A) To undo your delete, press CTRL or CMD Z. ## Add a note Notes are helpful for adding information to your story. To add a note, drag and drop the note action on to your storyboard. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2329178935/954cad0c234ceea409c44aaf2787/add+a+note+new+toolbar.gif?expires=1781611200&signature=0f4cd26537ccaf1b7e5221370a98e7cd8235eab1b656b401d4d9de8091ae7642&req=diMlH8h5lYhcXPMW3nq%2BgU9%2BJ2Gt9yym0PUZ9JNMTHhxufWk9HHsKAgfBxYg%0AK0kDl2hoGcfPMiJ%2FjbS263wY3jw%3D%0A) > Tip: You can also click into a blank space on your storyboard and type 'n' to instantly add a note. ### Formatting your notes with toggle headings You can add toggle headings (H1, H2, and H3) to your notes to collapse and expand sections, keeping your notes organized without the clutter. Type `/` in any note to open the formatting menu and select a toggle heading. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2317154471/5fb72d98fc8b29f7fb3016ec2920/toggle+headings.gif?expires=1781611200&signature=6d4d184b22f86327f1cec75b167f24a08d875ae6a8b791224dc6b76cd4aefded&req=diMmEch7mYVYWPMW3nq%2BgR27NxQ%2B5HQdHF2WHI9KOtg9lHhJoKy25nDsofB0%0AvkRi8J%2ByawfCoaxY2M2cBc0AexQ%3D%0A) ## Referencing upstream data If you want reference data from an upstream action in a downstream action, Rosie from the product team explains it in the video below: [Watch video](https://www.youtube.com/embed/C2sAQY5_Hdk?rel=0) ### **Steps for referencing upstream data:** 1. Make sure the actions are connected together in the story. They don't need to be connected directly together, but connected via other actions. 2. To reference upstream data, you need to create a pill in the downstream action. There are three ways to create pills: 1. Hovering over the event data key and clicking the copy symbol, then pasting it into the payload 2. Double-clicking the event data key to copy the path, then pasting it into the payload 3. Select the payload with your cursor and a + will appear. Click +, select value, and manually parse the JSON path to the relevant event key 3. If you need to reference multiple data points from upstream as different keys, click the + sign in the payload to add more pills. You can reference a number, boolean, text, and formulas, amongst other data types. 4. Pills are meant for dynamic references, linking actions together for a smooth workflow. If you want to input data directly without referencing anything upstream, you don't need to use pills. You can type numbers, boolean values, or text directly into Tines, which will be automatically referenced. ## Mattermost Authentication Guide Mattermost is an open source platform that provides secure collaboration for technical and operational teams that work in environments with complex nation-state level security and trust requirements. Mattermost is built specifically for technical and operational use cases, including software development and engineering workflows, and integrates deeply with a rich ecosystem of third-party developer tools. Mattermost gives companies full control over their data; with self-hosted and private cloud deployment options and access to the source code, developers can contribute directly to a shared, flexible, and extensible platform built just for them. ## First, get a Mattermost personal access token 1. Login to your Mattermost account at [https://mattermost.com/](https://mattermost.com/) 2. Navigate "System Console" > "Integrations" > "Integration Management" and enable personal access tokens. 3. Navigate "Account Settings" > "Security" > "Personal Access Tokens" 1. If your account is a non-admin account, a "System Admin" will need to provide permission to create tokens: 1. Navigate to "System Console" > "User Management" > "Users", identify your account, and select "Manage Roles ​ ![](https://downloads.intercomcdn.com/i/o/853998386/94f22fa53896039150f8bd84/image.png?expires=1781611200&signature=9cbc149706ce6fe1f1e145f89a6c6d7930d6d073d06470d3e9d4825d4b64d8a3&req=fCUkH8B2nolZFb4V1XW4gYrGLwRDU5dNo4HxQtRsnGTaMEsHXd4jAbNSC87R%0AgOi9fPzX5YoM29zR6MNx4OUzVA%3D%3D%0A) ​ 2. Select "Allow this account to generate personal access tokens", any additional permissions and click "Save" ​ ![](https://downloads.intercomcdn.com/i/o/853999524/e83ddd66b70b85a382d45d6d/image.png?expires=1781611200&signature=fb5dd464944875d8baf1468123947e5a1efb93182e408188b3a389cf8d73beb0&req=fCUkH8B3mINbFb4V1XW4gcMUzRuDqkCfH3odV922LwOaiRd%2Brnl2gpWaCdGc%0AIlJDpTJ8jk%2FGRvITeZ1Gq4VsQw%3D%3D%0A) ​ 4. Click "Create New Token" 5. Give the token a name and click "Save" 6. Copy the access token to a text editor ## Lastly, create a Mattermost credential in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Text" 4. Input the values for the Mattermost credential 1. **Name:** Mattermost 2. **Description:** Optional 3. **Value:** Your token 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API 6. Click "Save" > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Mattermost** **stories in the [story library](https://www.tines.com/library?s=Mattermost&view=all)** ## MCP server FAQs ## Overview **What is the Model Context Protocol (MCP)?** **[Model Context Protocol (MCP)](https://modelcontextprotocol.io/overview)** is an AI standard [introduced by Anthropic](https://www.anthropic.com/news/model-context-protocol) that defines how large language models (LLMs) can interface with external systems in a structured, predictable way. **What is the MCP server in Tines?** The **[MCP server](https://www.tines.com/docs/actions/templates/mcp-server/)** (also referred to as the **MCP server template**) is an [action](https://www.tines.com/docs/actions/) template that you can configure within your story, including many of the same configuration options as our [Webhook action](https://www.tines.com/docs/actions/types/webhook/). > **Note:** The MCP server is not an MCP client, and does not offer the ability to connect Tines to other MCP servers. **When is it advised to use the MCP server?** Use the MCP server template to securely make any API or workflow available to other AI tools that act as an MCP client. Some MCP clients you might want to connect with are: - Anthropic Claude - ChatGPT - Cursor - GitHub CoPilot - Windsurf * * * ## Availability **Do I have to be a Tines customer to use the MCP server?** The MCP server template is available for all plans, including Community Edition tenants. **Is the MCP server available for self-hosted tenants?** The MCP server template is available for self-hosted tenants on August 18th, 2025. * * * ## Functionality **What are Tools and Custom Tools for the MCP server?** - The following **Tools** can be added to the MCP server action's configuration: [Public Templates](https://www.tines.com/docs/actions/templates/templates/), [Private Templates](https://www.tines.com/docs/actions/templates/private-templates/), and [Send to Story](https://www.tines.com/docs/stories/send-to-story/). - The **Custom Tool** option is our [action Groups](https://www.tines.com/docs/stories/groups/) feature that you can build into the MCP server action's configuration. - A brand new action cannot be added directly as a **Tool** to the MCP server action's configuration; it must be pre-built into one of the features mentioned, **Tools** or **Custom Tools**. **How many Tools can I connect to the MCP server?** You can connect as many Tools as you need per MCP server template. You can also: - Utilize Custom Tools, where you can delegate specialized tasks within them. Please note that Custom Tools are not as flexible as a root-level Tool connected to the MCP server, as all of the actions within a Custom Tool must be invoked when used (the Custom Tool provides a singular output from all of the actions within it). **Does the MCP client gain access to the connected Tools' credentials?** No, the MCP client does not have access to the Tools' credentials that are integrated within the MCP server in Tines. The MCP client is connected to the MCP server via the provided secret or API key, depending on the Access Control mode you select. There are multiple ways to handle the MCP server's access control: - Anyone with the path (public) - Anyone with the secret (passed in via the MCP server action's URL or HTTP Authorization) - Only team members (requires a [Tines API key](https://www.tines.com/api/authentication/)) - Members of this Tines tenant (requires a [Tines API key](https://www.tines.com/api/authentication/)) * * * ## Pricing **How much does the MCP server cost?** The MCP server template does not come at an extra charge. **Does the MCP server use AI credits?** No, the MCP server template does not consume AI credits. **Does the MCP server count as a flow towards my tenant limit?** Yes, using the MCP server template with connected Tools counts as a flow towards your plan. Tenant owners can validate how many flows you have at the tenant level and delegate Team flow allowances via the tenant **Settings** > **Access & security** > **Story allocation** section. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1654723207/fff65618a9b68cd4476629e08207/image.png?expires=1781611200&signature=590f0377953d51215ee3897d0fe6612d326817c0fc5ea04f39a91ba80286b23d&req=dSYiEs58noNfXvMW3nq%2BgdwZQIogdScbGdOyHztzM5D3mw3G9jpMyl0qFkqU%0Ae38FfAZshJ0%2FuDMggiMHow3eLO0%3D%0A) * * * ## Resources **How do I get started with the MCP server?** Check out our [how-to article](https://explained.tines.com/en/articles/11931662-how-to-set-up-an-mcp-server-in-tines) to learn more! **Are there MCP server examples available?** Yes, you can find examples of MCP server builds in [our Library](https://www.tines.com/library/stories/1324549/). **Where can I find additional resources on the MCP server?** - **Tines Blog**: [Building MCP servers on TInes](https://www.tines.com/blog/introducing-mcp-servers/) ## Microsoft Graph Authentication Guide **Microsoft Graph** provides programmatic access to a wealth of data that can be used to better inform decision-making during threat detection and response. You can use information such as Outlook emails, organizational structure, advanced threat analytics, and more in your security automation program. ### First, create an Microsoft Graph Credential in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credential" 3. Click "+ New Credential" and select "OAuth 2.0" 4. Copy the "Callback URL" ### Next, create an Azure application 1. Login to your existing [Azure](https://login.microsoftonline.com/) account or [sign up](https://signup.live.com/signup) if you haven't already signed up 2. Next, you'll need to register a new Azure application in [app registrations](https://portal.azure.com/#view/Microsoft_AAD_RegisteredApps/CreateApplicationBlade/quickStartType~/null/isMSAApp~/false). 3. Under "Redirect URI (optional)", select "Web" and paste your "Callback URL" you copied earlier. ​ ​ ![](https://downloads.intercomcdn.com/i/o/799292950/350fdfe0b67b4b23bd205e60/image.png?expires=1781611200&signature=7775089e99c6a699dbe4ba12dd77f12326fe183cd2aeffde1e83dc7149d6c6c9&req=cykuFMB8lIRfFb4V1XW4ga6RnqvFSTeXz9EJ0UqAaUD1KQvn9mwFSIyGk2N8%0AbPn2NGb0xJjabHf5YEEHuR6PIA%3D%3D%0A) ​ 4. Next, in your application, navigate to Certificates & secrets > Client secrets and click on the "New client secret" button to create a client secret. Copy the secret to use later. ​ ![](https://downloads.intercomcdn.com/i/o/799218339/46ec0af21a09f76a0b01cb86/image.png?expires=1781611200&signature=b56ecf1b436b95c04b533a732b8f77186581a42c8f5d3d5a57ee3cc87d1df9a1&req=cykuFMh2noJWFb4V1XW4gfJ8EvZIbTx9Oxo7%2BhMaBNVIyPZmC9dcF%2Br%2FoyUw%0AzOTTiS%2B0NUfnqczHg6P9zuliOQ%3D%3D%0A) ​ 5. Next, navigate to API permissions and click on "Add a permission" to add the required permission (see [Microsoft Graph permissions](https://learn.microsoft.com/en-us/graph/permissions-reference)). ​ ​ ![](https://downloads.intercomcdn.com/i/o/799293856/b1ebe62a8e014e52b44d7d4b/image.png?expires=1781611200&signature=ce61f09ae2cc084e8487b991126a957afbf2692ddb11ee76a5e1823eae295eb2&req=cykuFMB9lYRZFb4V1XW4gVDp%2FVkG%2BiHs0OKW%2FF605LwNVj8%2F%2BFyfJZpPJ9uC%0A6ICusKr4jtBKESLB4bz1S2ZGqw%3D%3D%0A) ​ Microsoft Graph exposes two types of permissions: *Delegated* and *Application* (see [Overview of Microsoft Graph permissions](https://learn.microsoft.com/en-us/graph/permissions-overview?tabs=http)) 1. **Delegated permissions** (also called *scopes*) are permissions that allow an application to act on behalf of a signed-in user. However, the application will never be able to access anything the signed-in user couldn't access. 1. If you select delegated permissions, you'll need to use the grant type "Authorization code" when configuring the OAuth 2.0 credential in Tines. 2. Always include “offline\_access” permissions. This scope will allow Tines to request fresh access tokens as necessary. Note: this may not appear in the response from Microsoft (see [here](https://learn.microsoft.com/en-us/answers/questions/806413/scope-offline-access-isnt-being-returned-in-the-to) for more information). 2. **Application permissions** (also called *app roles*) are permissions without a signed-in user present. The application will be able to access any data that the permission is associated with. 1. If you select application permissions, you'll need to use the grant type "Client credentials" when configuring the OAuth 2.0 credential in Tines. ​ ​ 6. Next, you may need to click “Grant Consent” as an administrator for some or all permissions, i.e. application permissions and high-privilege delegated permissions (see [Consent](https://learn.microsoft.com/en-us/azure/active-directory/develop/permissions-consent-overview#consent)). ​ ​ ![](https://downloads.intercomcdn.com/i/o/799294976/be8830320de3d8b9704a7a63/image.png?expires=1781611200&signature=89ec8bb1e9bc967775423d5f2a417a6305eff4c510f9fc1235a5f5f222b52677&req=cykuFMB6lIZZFb4V1XW4gYENzkNXz2bvZEebIqdq3Gy70d7m3O%2BNBG3M52Oz%0A%2Blgq0dtVfFLwP1FLKK9akJvc8A%3D%3D%0A) ​ 7. Next, navigate to Overview and click "Endpoints". ​ ​ ![](https://downloads.intercomcdn.com/i/o/799298117/959163611bfbfd20bcffe435/image.png?expires=1781611200&signature=a690556fd3bb4dc624e85f013aa00478844ac38bbe265ccd48759c2bb51684b5&req=cykuFMB2nIBYFb4V1XW4gb%2FZgL0q8JWL0WHcEbwqPSEkxE0B1CvdgGmGph%2Fv%0ARnDaVeMzWoEzUYjTnge2593%2BsQ%3D%3D%0A) ​ 8. Copy the endpoints for "OAuth 2.0 authorization endpoint (v2)" and "OAuth 2.0 token endpoint (v2)". ​ ​ ![](https://downloads.intercomcdn.com/i/o/799298683/d005e6151ded1c120bd8721c/image.png?expires=1781611200&signature=edb6d2a9d01f176e3225f61d2359abb1fc7ec30512256e6d4f2246c1f921858e&req=cykuFMB2m4lcFb4V1XW4geuVs%2BBuIamGFovuPYu20KWLL69wBNYU4ogTJa7g%0AFgiue1%2BONBnuNB8g9CHpvCIkxQ%3D%3D%0A) ​ ​ ​ ### Lastly, finish creating the Microsoft Graph credential in Tines ##### Authorization code grant type 1. Input the values for the Microsoft Graph credential 1. **Name:** Required 2. **Description:** Optional 3. **Client ID:** "Client ID" found in your application (see screenshot below) ​ ​ ![](https://downloads.intercomcdn.com/i/o/799300831/bdf4ede1a9fb44018da49b46/image.png?expires=1781611200&signature=25ded60d1d64a6388996e7707f52004f4a74cd41776c34ddce518221915c76c1&req=cykuFcl%2BlYJeFb4V1XW4gU5eISdqzsPRiXYi62dQk3ZZytbfsl%2FIe9oH0Kc%2F%0AKSjp2tzVnAqh92NfafDR6TQt9w%3D%3D%0A) ​ 4. **Client secret:** "Client secret" created earlier 5. **Scope:** 6. **OAuth Provider:** Manual 7. **Grant type:** Authorization code 8. **OAuth authorization request URL:** `https://login.microsoftonline.com//oauth2/v2.0/authorize` 9. **PKCE challenge method:** None 10. **OAuth token URL:** `https://login.microsoftonline.com//oauth2/v2.0/token` 1. **Domains:** `graph.microsoft.com` 2. **Access:** What other teams can also use the API 2. When you click "Save", you will asked to pick an Microsoft account to authorize. ​ ​ ![](https://downloads.intercomcdn.com/i/o/799307641/0a430381723defe98c2a2fa0/image.png?expires=1781611200&signature=1e12749ac28f67e8beacb7a0016679a01270039b78152ba2ff8cff527bfa7445&req=cykuFcl5m4VeFb4V1XW4gSvE%2FAKxWgjz0YRAZqVI%2FdujL%2BVJlzOTe9WRy0q9%0AhazrCUws8qY6NsRGnkK%2B6REbkg%3D%3D%0A) ##### Client credentials grant type 1. Input the values for the Microsoft Graph credential 1. **Name:** Required 2. **Description:** Optional 3. **Client ID:** "Client ID" found in your application (see screenshot below) ​ ​ ![](https://downloads.intercomcdn.com/i/o/799300831/bdf4ede1a9fb44018da49b46/image.png?expires=1781611200&signature=25ded60d1d64a6388996e7707f52004f4a74cd41776c34ddce518221915c76c1&req=cykuFcl%2BlYJeFb4V1XW4gU5eISdqzsPRiXYi62dQk3ZZytbfsl%2FIe9oH0Kc%2F%0AKSjp2tzVnAqh92NfafDR6TQt9w%3D%3D%0A) ​ 4. **Client secret:** "Client secret" created earlier 5. **Scope:** `https://graph.microsoft.com/.default` 6. **OAuth Provider:** Manual 7. **Grant type:** Client credentials 8. **OAuth token URL:** `https://login.microsoftonline.com//oauth2/v2.0/token` 1. **Domains:** `graph.microsoft.com` 2. **Access:** What other teams can also use the API 2. Click "Save" ​ > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Microsoft Graph stories in the [story library](https://www.tines.com/story-library?page=1&s=microsoft)** ## Microsoft Teams Authentication Guide Microsoft teams allows users to collaborate and communicate in real time within your organization. Connect Tines to Microsoft Teams to create powerful automations that send relevant information to users in Teams. The below instructions allow users to create a Microsoft Teams application with delegated permissions tied to a user account. For production use, we recommend creating a service account for Tines to link this app to. Depending on your organizational settings, this application may need to be approved by your admin before use. See further details on the application [here](https://www.tines.com/docs/credentials/connect-flows/microsoft-teams/). Want to create a custom Microsoft Teams credential? Follow [this guide](https://explained.tines.com/en/articles/8210263-microsoft-graph-authentication-guide) for steps on how to create a Microsoft Graph credential manually and enable your preferred custom scopes. > Read more about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/microsoft-teams). ### **Create a Microsoft Teams Credential in Tines** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credential" 3. Click "+ New Credential" and select "Microsoft Teams" 4. Select an account to authenticate with. 1. **How to select an appropriate account**: 1. The account selected will be tied to the actions of the application. For example, if you select your account and send a message through Tines, the message will appear to be sent from your account. For this reason, we recommend creating a Tines service account to authenticate with. That way, actions created and run from Tines will be appropriately identified as from Tines. 2. The account will need licenses relevant to the actions you'd like to automate. For example, if you'd like to send messages in Teams, the account will need a Microsoft365 license to send the messages. 3. The account will need access to relevant teams you'd like to access. If you want to create an automation in Tines that sends messages in a certain teams channel, the account must have access to that teams channel. 2. **Admin approval**: depending on the account selected and your organizational settings, you may need to receive admin approval for the Tines application before you can successfully authenticate. 5. Your credential is created and will appear in Tines. Select the credential to view further details about its associated account and scopes. ### **Test the Microsoft Teams Credential in Tines** 1. Navigate to your Tines storyboard. 2. Select 'Templates' and navigate to the templates for 'Microsoft Teams'. 3. Drag and drop the template 'List all teams' onto the storyboard. You should see your created credential appear at the bottom right of the template builder. 4. Select 'Run' on the action template. 5. Select 'Events' to view the results of the action, in this case, to view the list of all teams in your Microsoft Teams organization. Congrats, you have successfully tested your Microsoft Teams credential. ### **Send a message with the Microsoft Teams Credential in Tines** 1. Within your Tines storyboard, drag and drop the template 'Create a one-on-one chat' onto the storyboard. 2. Within the template builder, enter the two user IDs or emails to start a chat between. Please note, one of the users must be the account you have associated your Tines Microsoft Teams credential with. 3. Select 'Run' on the action template. A chat should be created between the two users and the chat ID will be returned in the event data. 4. Drag and drop the template 'Send simple message in a chat' onto the storyboard and connect the first 'Create a one-on-one chat' template to this one. 5. Within the template builder of 'Send simple message in a chat', specify the chat ID that was returned from your action in step 3. You can specify this dynamically by referencing the path to the chat ID or hard-code the chat ID into the template. 6. Select 'Run' on the 'Create a one-on-one chat' template. Tines will now create the chat and then send the message to the created chat. ### **Microsoft Teams Application Details** The application that users are authenticating with is built by Tines and verified by the Microsoft Partner center. Within your Azure environment, the application can be found under the name 'Tines (Microsoft Teams)'. ### **Permissions** This application has 8 configured delegated permissions necessary for users to complete most common tasks required in Microsoft Teams, such as sending messages. The scope *ChannelMessage.Read.All* is a sensitive scope requiring admin permission. 1. *Channel.ReadBasic.All*: read the names and descriptions of channels 2. *ChannelMessage.Send*: send channel messages 3. *ChannelMessage.Read.All*: read a channel's messages 4. *Chat.ReadWrite*: read and write user chat messages 5. *Team.ReadBasic.All*: read the names and descriptions of teams 6. *TeamsAppInstallation*.ReadForUser: read user's installed Teams apps 7. *User.Read*: sign in and read user profile (necessary to authenticate) 8. *offline\_access*: maintain access to data you have given it access to (this prevents you having to sign in each time you want the automation to run). ### **Frequently Asked Questions** 1. Do I need to get admin approval for the Tines Microsoft Teams application? *Yes. Admins can approve the Tines app just once for the organization and then you can create as many Microsoft Teams credentials as desired without needing additional consent. For the scope ChannelMessage.Read.All, this is a sensitive scope and requires admin approval.* 2. Does the account I authenticate with for my Tines Microsoft Teams credential need to have admin permissions? *No, the account associated with the credential does not need to have admin permissions. Once the Tines application has been approved by your admin, you can associate the created credential with any account of your choice. We recommend associating with an account that clearly denotes Tines is connected and performing actions to avoid confusion.* 3. What if I want my Microsoft Teams app to have more permissions or functionality than the Tines managed application has? *You can create an application with custom permissions for your organization as well. Follow [this guide](https://explained.tines.com/en/articles/8210263-microsoft-graph-authentication-guide) for steps on how to create a Microsoft Graph credential.* ## Migrating stories from non-production to production tenants Tines stories can be migrated from non-production tenants to production tenants. This article outlines the procedures to do so, including both manual migration steps and automated change management setup for multi-tenant architectures. ### **Automated migration through a Tines Story** Tines offers a migration workflow that manages the promotion of stories from a non-production tenant to a production tenant using the Tines API. It is important to note that although most Tines components can be automatically migrated, there are limitations to the API. This automated approach is ideal for the story migration workflow itself, ensuring consistency and reducing human error. In the following section, we'll walk through the process of setting up an automated story migration system. #### **Automatic migration** - Stories - Records - Actions - Resources\* - Private Templates #### **Manual migration required** - Credentials - Resources\* - Case Templates - Case Fields - Case Settings (statuses, priorities, sub-statuses) > **\* Note:** Resources may contain environment-specific data that differs between non-production and production. For domains, best practice is to use metadata within the credential instead of a resource. If values are the same across environments, nothing needs to be done and migration can be handled automatically. ### **Steps to set up dev to prod tenant migration story** - Import this [story](https://www.tines.com/library/stories/1321490/?name=migrate-stories-from-development-to-production-tenants-in-tines&redirected-from=%2Flibrary%2Fstories%2F) from the Tines story library into your non-production tenant. - Add your `dev_tenant_api_key` to the Tines story. This is the API key for your non-production Tines tenant. - You should include the non-production tenant domain as metadata. - Add your `prod_tenant_api_key` to the Tines story. This is the API key for your production Tines tenant. - You should include the prod tenant domain as metadata. - Optional - add a resource called `prod_tunnel_name`. This is the name of the tunnel used in the production tenant. The story will automatically update any HTTP request actions using a tunnel with the proper production name. Only applicable if tunnels are used and the tunnel naming convention is different between tenants. ### **Manual migration required** While many Tines components can be transferred automatically between tenants using stories, certain elements require manual migration. The following items cannot be pushed to a production tenant through automated workflows and must be configured directly in the target environment. ### **1\. Credentials migration** #### **Why manual migration is required** Credentials contain sensitive data that cannot be read via the Tines API and therefore cannot be automatically created or updated within the migration workflow. The workflow does include steps to compare credentials in the non-production and production tenants and will list which need to be created or updated based on the naming. Best practice is to have the credentials in the production and non-production tenants have the same name with differing environment-specific values (e.g., API endpoints, authentication tokens). Non-production credentials point to non-production systems, while production credentials must point to production systems. #### **Steps to migrate credentials** ##### **Before migration (Non-Prod)** - Navigate to Credentials in the non-production environment - Document all credential names (exact spelling and capitalization matter) - Ensure credential names follow a consistent naming convention - **Important:** Avoid environment-specific names like "tines non prod" - use generic names like "S1" or "ServiceNow" ##### **During migration (Prod)** - Navigate to Credentials in production - Create new credentials with identical names to non-production - Use production-appropriate values (prod API endpoints, prod tokens, etc.) - Verify each credential is properly configured ##### **After migration** - When stories are promoted, they will automatically connect to credentials with matching names - If names don't match, you'll see "reconnect" or “replace” warnings in actions - Test each credential connection in promoted stories ##### **Credential naming best practices** - ✅ Best Practice:: S1, ServiceNow, Cribble, Zscaler - ❌ Avoid: tines non prod, S1 dev, ServiceNow test * * * ### **2\.** Resources migration #### **Why manual migration might be required** Resource values may need to differ between environments (ServiceNow state mappings, environment-specific configurations). The workflow will automatically create and update resource values so if resource values need to be different between tenants, DO NOT have them be named the same. #### **Steps to migrate resources** ##### **Assessment Phase** - Navigate to Resources in non-prod - For each resource, determine if values should be: - Identical between environments (queries, mappings that don't change) → Nothing needs to be done. - Different between environments (ServiceNow state mappings, environment-specific configurations) → Follow steps below. **Migration Steps** - Navigate to Resources in production - Create new resource with different name from non-production - Modify values as appropriate - At the bottom of each resource, configure team sharing if needed: - Check which teams should have access - Example: Share Security Engineering resources with Security Operations - Once story is migrated, replace the non-production resource with the production resource ### **Resource Sharing** Resources live within a team but can be shared: - Open the resource - Scroll to bottom - Check boxes for teams that need access - Example: Security Engineering can share resources with Security Operations * * * ### **3\. Case Templates Migration** #### **Why manual migration is required** **Current Limitation:** Tines does not support exporting/importing case templates between environments. #### **Steps to migrate Case templates** ##### **Before migration (Non-Prod)** - Navigate to Security Operations Team → Cases → Templates - Open each template you need to migrate - Document the following for each template: - Template name - Description - Priority settings - Records configuration - Case requirements - All field mappings and value pills - Actions configured in the template ##### **Migration (Prod)** - Navigate to Security Operations Team → Cases → Templates - Click Create New Template - Manually recreate each template: - Right Side Panel: - Add case requirements (click + to add sections) - Configure priority - Add records - Main Area: - Copy/paste descriptions (value pills should carry over) - Add all configured actions - Set up field mappings ##### **Verification** - Create a test case using the new template in production - Verify all fields populate correctly - Confirm actions trigger as expected - Compare side-by-side with non-production template * * * ### **4\. Case fields migration** ### **Why manual migration is required** Case fields are tenant-level configurations that don't transfer with stories. #### **Steps to migrate Case fields** ##### **Documentation phase (Non-Prod)** - Navigate to Cases → Case Settings → Fields - Document all fields currently configured: - Field name (exact spelling) - Field type (text, number, timestamp, boolean, etc.) - Any special configurations ##### **Migration phase (Prod)** - Navigate to Cases → Case Settings → Fields - Click New Field for each field - Enter exact field name (must match non-prod) - Select appropriate field type - Configure any additional settings - Repeat for all fields ##### **Important notes** - Field names must match exactly between environments - Fields are used across all case types (not application-specific) - Purple highlighting in cases indicates field mapping from different sources * * * ### **5\. Case settings migration** #### **Why manual migration is required** Case settings (statuses, priorities, sub-statuses) are tenant-level configurations. #### **Steps to migrate case settings** ##### **Statuses** - Navigate to Cases → Case Settings → Status in non-prod - Document all custom statuses beyond default Tines statuses - In prod, navigate to Cases → Case Settings → Status - Add each custom status with identical naming ##### **Priorities** - Navigate to Cases → Case Settings → Priority in non-prod - Document all custom priorities - Recreate in prod with identical naming ##### **Sub-statuses** - Navigate to Cases → Case Settings → Sub-Status in non-prod - Document all sub-statuses and their parent statuses - Recreate in prod with identical configuration ##### **Tags** - Document all case tags used in non-prod - Create matching tags in prod before promoting stories * * * ### **6\. Best practices for environment-agnostic code** #### **Use INFO formula (Critical)** ❌ Bad Practice - Hard-Coded Values: `Status: 2265` ✅ Good Practice - INFO Keyword: `Status: <>` #### **Why this matters** - Hard-coded values (like `2265`) won't work in prod if IDs differ - INFO keyword dynamically retrieves the correct value for each environment - Stories become truly portable between environments #### **INFO keyword examples** For Case Statuses: `<>` `<>` For Credentials: `<>` `<>` For Domains: `<>` For Case Fields: `<>` `<>` For Records: `<>` For Tenant Information: `<>` ### **Code review checklist** Before promoting stories, verify: - No hard-coded status IDs - No hard-coded field IDs - No hard-coded credential IDs - No hard-coded domains/endpoints - All environment-specific values use INFO or META keywords - Credential names match between environments ## MISP Authentication Guide MISP Threat Sharing (MISP) is an open source threat intelligence platform. The project develops utilities and documentation for more effective threat intelligence, by sharing indicators of compromise. ## First, get a MISP auth key 1. Login to your MISP account 2. Click "Administration" and then click "List Auth Keys" ​ ​ ![](https://downloads.intercomcdn.com/i/o/891081099/4bc49ee70c84e7d817700c55/image.png?expires=1781611200&signature=91b81bd1efc68e0a3d24e769429ab060026fca6f214ed58fd0b33485b7ad6b8a&req=fCkmFsF%2FnYhWFb4V1XW4gaBp6ymEceNnBcwQFGdbH4FUA3OrmHfo8B4fgJEw%0AFeENscbxJLHwIeQW1dd6kD4m5Q%3D%3D%0A) ​ 3. Click "+ Add authentication key" ​ ​ ![](https://downloads.intercomcdn.com/i/o/891081799/0b9a4617053edb1d1978e65a/image.png?expires=1781611200&signature=37da553a0647f41fec1a435383022c7cc31ae036c6d58af8a5790e8780e95203&req=fCkmFsF%2FmohWFb4V1XW4gW38SplrIk4joTxiJM0xs%2FnqVBpVQrhFk0KiDb0g%0A7cXFFoIbp1n479%2BWXmA34g8HEg%3D%3D%0A) ​ 4. Add a descriptive comment, limit access to required IPs, and set an expiration date, then click "Submit" ​ ![](https://downloads.intercomcdn.com/i/o/891083259/112075374adefe1a7a3d3f14/image.png?expires=1781611200&signature=ad2ebd83f1e2f4101edeeb9f94a86bc183a09d2dbbff7dd3cf28a62c7ace3e94&req=fCkmFsF9n4RWFb4V1XW4gS%2FZQ8KyFPDXELkSDHC6oiVyOU5il3GlAG7LSnAd%0AjSfcwAKIu4%2FnSgNpP53dfFsOdA%3D%3D%0A) ​ 5. Copy your key to a text editor and click "I have noted down my key, take me back now" ​ ​ ![](https://downloads.intercomcdn.com/i/o/891084056/5d3bdba00c825335b5242190/image.png?expires=1781611200&signature=a575b3c2058022150e64c896cdf9ad6df15d8f7dad35a82e732959860ad18298&req=fCkmFsF6nYRZFb4V1XW4gZWwZAngc6GoJGAVOvdu2R2ju7IAAiCPuSd2kanE%0ADCDElM0IpRcqvAzcG%2BDTbHTuOw%3D%3D%0A) ​ ## Lastly, create a MISP credential in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "MISP" and follow the prompts to connect. > **Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/misp).** > > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of MISP** **stories in the [story library](https://www.tines.com/library?s=misp&view=all)** ## Monitoring actions > **Note: Monitoring is not available for stories in [TEST](https://www.tines.com/docs/stories/change-control/) mode** Tines offers three kinds of monitoring for your story. All three kinds of monitoring happen on an action level, so they trigger for the action, not the story. The option can be found in the right-hand builder panel under the status tab: ![](https://tines-f60bb36f92a5.intercom-attachments-7.com/i/o/794543538/9939fac5c8188444b4426700/INMDv86ALQkhpvPGfOOOYuYdRZbX5uYrGu79luF-FupCQNlTkYx3nBB0cpxz5_XyMr5ANdsrBoIhaG3--x9EqnTZkXfn6ew29Gnxaq5AIYtUKZhjJVyof_Tla40oqjKV_IECzIY6vrLQd3_u3yCU4U0?expires=1781611200&signature=2fb8c21bde6f4ee34f8ac5c67a28aca2d14ad523388b3362a5110f2f2408428c&req=cykjE819mIJXFb4V1XW4gaEUWbAiIQe0yOVPhRU8vi4yG1x0gu%2FcOWzlAe70%0Al6CqZUPJ3nSd7ti23zE2Z9J8CQ%3D%3D%0A) - “No event is emitted within X time”, - This function will notify if no events are emitted by the action in the last X minutes/hours/days. The function is usually used to confirm data is still coming into the story by enabling this on incoming webhooks or mail actions. - “Notify with all events” - This will send a notification for all events being emitted by the action. This is usually only used to notify you of actions that you don’t expect to emit events, like error-handling actions built into the story. - “Notify when action fails” - This will send a notification if an action fails. An action failure is anything that would mark the action with a red bubble. This can be due to errors in the functions used in an action. ![](https://tines-f60bb36f92a5.intercom-attachments-7.com/i/o/794543546/2fec20ff5358a0e8ba31ddd1/vRpXAT_9JFroChvflhA3xB7tn0UQ2XbCYxwo8f4c531wc44kP2BxVPbNrgAraWavMSAgWZwVkpf9MCmr0mrguU6OWcTYfISv2SiQZ89PGDYwvYZyD5O689_pO0Ka2BmQbSzFojnb5DeDr9W50ddTgoE?expires=1781611200&signature=c2aca48b062331ae1069ac756bd5e09820660f81589581265bc1c539325d343c&req=cykjE819mIVZFb4V1XW4gam3kx9zqnGofb%2Fj9AF8kmCxmTjctGbD0zE4vBxG%0A9YfJ8DYhBNmp2MXk9NjzqpOgNw%3D%3D%0A) > **Important note:** “Notify when any action fails” option can be configured on the story level, but this function only works by enabling and forcing “Notify when action fails” on all actions in the story. You can find the story-wide setting on the right-hand panel. It can accept either mail addresses or webhook URLs. ![](https://tines-f60bb36f92a5.intercom-attachments-7.com/i/o/794543553/9619f4bf4ef86caff38441d7/wL0T6m0YNfVt-ipo3KvWkAusl4ZgSp5XSXd2qaBUaXc9SZDKv-sGyhTZa4MvCZ6zIq_-7h13hCoPfY7KzHm9fZs4hGAPmyXb-3_UjW7OeM1jsQ4zoIZBfzRmZe8vpYJDXqmk2RULH89_MZno7_I2Iaw?expires=1781611200&signature=66ef283b47c0cc0c5d08148d333031778a557a241a366fb16ac5bbc0ba71018e&req=cykjE819mIRcFb4V1XW4gRjxG%2Fp7XNJC8vf%2FpEX%2Bdj9k2wf1YJpZFBZorHnq%0ADS1vgEllk38sspkpThkHONkKYw%3D%3D%0A) Regardless of the action or story setting, all notifications will be sent to all addresses or URLs listed in the story settings. The email may look like this: ![](https://downloads.intercomcdn.com/i/o/am0g137l/2299229671/c32701e40fe0fd1d8246e35c4da2/CleanShot+2026-04-20+at+16_52_45.png?expires=1781611200&signature=08f414ae6b59831321eb757687a04125591b93ebd97e07a1ff06f77cf4daff80&req=diIuH8t8lIdYWPMW3nq%2BgWUr25FH3TyO4rwu8wi5ERAiP4Ks8iH3wzaCeoYM%0Ay9%2ByQZmPFNhDifyK6P2vyS3D2KQ%3D%0A) ## New Relic Authentication Guide New Relic is a US-based web tracking and analytics company. The company's cloud-based software allows websites and mobile apps to track user interactions and service operators' software and hardware performance. ### First, get a New Relic API key 1. Login to your New Relic account at [https://login.newrelic.com/login](https://login.newrelic.com/login) 2. Click on your user account and select "API Keys" ​ ​ ![](https://downloads.intercomcdn.com/i/o/850593480/94b4dc58d45ddfe9b709db46/image.png?expires=1781611200&signature=2f4a9fe1ad40e2f59b9b5767e177ce4fa691f35ca2f0da561c0cd3fb69e906df&req=fCUnE8B9mYlfFb4V1XW4gTKU44Tg6w0aHjLpXcNMSoIhh8lTbW6Td2t2cCgu%0AlgTM2LCFwkvKKjs%2Bq0tLi6ltsg%3D%3D%0A) 3. Click "Create a key" ​ ​ ![](https://downloads.intercomcdn.com/i/o/850596782/3764c21f62e667f759df71e3/image.png?expires=1781611200&signature=16c92b4916ea2889cc850d4047b930ca6714351d222b87443a2b2b7b33a4ce65&req=fCUnE8B4moldFb4V1XW4gXBOldo4D%2Bb4Bd72YO9z2V836j3FUibvwDLZ5tcs%0A7a231fuFDQoA61fSy7khfY9TQw%3D%3D%0A) ​ 4. Name the key, select the appropriate "Key type" and click "Create a key" ​ ​ ![](https://downloads.intercomcdn.com/i/o/850603356/e4f47c771db1e8b2921c0cf2/image.png?expires=1781611200&signature=349e91b7f4992cb686ed6b9efc48205089efdcccdcbadc1e7621cce9b828f159&req=fCUnEMl9noRZFb4V1XW4gdF99rnByFyWEJ3tKC4DyKbCXttvxJmJZ%2BbxCw0q%0AgYIieRCK2BBv41sy8ZuchxZKPg%3D%3D%0A) 5. Click the ellipsis and select "Copy key" ​ ​ ![](https://downloads.intercomcdn.com/i/o/850671938/4b3b255063b960115fef8135/image.png?expires=1781611200&signature=20ecc93a65091311bb173e93c02fe35c38e11ea67bdb222f23d5b6e417140fe3&req=fCUnEM5%2FlIJXFb4V1XW4gVNgW0d8k5lXWoNO%2Fy01SAO8c%2BOJ41JOjiGH%2FC6B%0A2bFMbzuYeyFtieU8eA4h5Hf4fw%3D%3D%0A) ### Then, create a New Relic credential in Tines **New Relic connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "New Relic" and follow the prompts to connect. **Manual credential creation** This method is not recommended as the New Relic connect flow creates this credential with much less complexity. However, if you need to create this credential set manually, see the following steps below: 1. Click "+ New Credential" and select "Text" 2. Input the values for the New Relic credential 1. **Name:** Required 2. **Description:** Optional 3. **Value:** Your copied API key value 1. **Domains:** api.newrelic.com 2. **Access:** What other teams can also use the API > **Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/new-relic).** > > **For more on creating credentials in Tines click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of New Relic stories in the [story library](https://www.tines.com/library?s=new+relic&view=all)** ## NextDNS Authentication Guide NextDNS is a personalised DNS nameserver, that can be used to increase the security of your network by blocking malicious domains, block ads and trackers, and limit the browsing experience for your kids. ## First, get a NextDNS API key 1. Login to your NextDNS account 2. Click on the user menu and click "Account" ​ ![](https://downloads.intercomcdn.com/i/o/891085571/96fa0fad2d7d294e1f45e7b9/image.png?expires=1781611200&signature=2bfb458250f112b63b4f0e89f246fbe898ffb6dc4cd4a977aaef704659a688e1&req=fCkmFsF7mIZeFb4V1XW4gapYwZm97tYKzU13KjtsysJgIPaes3s8kbtheQD2%0AJKH9nLCFIvXpotWnorS1%2F3bBMQ%3D%3D%0A) ​ 3. Copy your API key to a text editor ​ ![](https://downloads.intercomcdn.com/i/o/891085961/793666ada9e906392b928d28/image.png?expires=1781611200&signature=965da023922320c296381c88a883819003211e85412c64fca0cb99fd07a6ff1a&req=fCkmFsF7lIdeFb4V1XW4gRHHHh5i451SZCCRPkXpRNmNdBSmcXsQ67yLVlfC%0Aq%2F%2FOPGjU%2Ft8qtXgfNgpJIKMWlg%3D%3D%0A) ## Lastly, create a NextDNS credential in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Text" 4. Input the values for the NextDNS credential 1. **Name:** NextDNS 2. **Description:** Optional 3. **Value:** Your API key 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API 6. Click "Save" > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of NextDNS** **stories in the [story library](https://www.tines.com/library?s=nextdns&view=all)** ## Nightfall AI Authentication Guide Nightfall AI is the leader in cloud data loss prevention (DLP) for generative AI (GenAI) tools, SaaS apps, and custom apps. Download the Nightfall Chrome browser plugin or integrate via APIs to protect PII, PHI, PCI, secrets, and keys across apps like ChatGPT, Slack, GitHub, Confluence, Google Drive, and more. ## First, get a Nightfall AI API key 1. Login to your Nightfall AI account 2. Click on "Overview" ​ ​ ![](https://downloads.intercomcdn.com/i/o/893651548/f388e9fc51a40cb7bbacb20a/image.png?expires=1781611200&signature=df0d4776ef22889ed23b3c2ef96ebec57fb32a7bffe8cb6e1bc598477967dbd3&req=fCkkEMx%2FmIVXFb4V1XW4geuomls0cQkQ02s%2FucoapVrDlvQoOePNDsrErA%2FU%0Ai0PwSmuBR0M08W76z2OLd9ojzA%3D%3D%0A) ​ 3. Click "Create key" ​ ​ ![](https://downloads.intercomcdn.com/i/o/893651847/2d4252f9cf2ca989d64ea1a8/image.png?expires=1781611200&signature=eaac1a78ad8c9938cc75a91f10194e78ee762fdfa7b3cbb3c529c332b4fcd031&req=fCkkEMx%2FlYVYFb4V1XW4gX1DDEhwxVKmJfVzGOS%2FJ9PN8yDsnXoRUhcNQI%2Bv%0AB4HCnN0RZ%2BcspUNTDWXY2KnWlg%3D%3D%0A) 4. Name your API key and click "Create" ​ ​ ![](https://downloads.intercomcdn.com/i/o/893652153/2525800cf0ed86f0fac5f29d/image.png?expires=1781611200&signature=13206ddd354829abfb55e396b12f72b5c53e0a958c1f39a04d7c821b66a8db30&req=fCkkEMx8nIRcFb4V1XW4gRfti%2FUPjFtu6BgZf23CnkDrtHmneTBxq6iok5DS%0A8%2BFoxjEFx8kZRTtcKnsZaa67Qw%3D%3D%0A) ​ 5. Copy your API key to a text editor and click "Got it" ​ ​ ![](https://downloads.intercomcdn.com/i/o/893652439/bc1f3ae5bff85cf2aacd8f85/image.png?expires=1781611200&signature=71b1c5e72f37b9c4a0d8712b9e049c73452778fa24c764dc659f258ef30d059c&req=fCkkEMx8mYJWFb4V1XW4gejP4ZkP74wdWXyLyhzXCA%2Fni7p1w3zD2O1iG8a4%0AIfjh4IqzolQWxvc6WWHhH0smXw%3D%3D%0A) ​ ## Lastly, create a Nightfall AI credential in Tines 1. Log in to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Text" 4. Input the values for the Nightfall AI credential 1. **Name:** Nightfall AI 2. **Description:** Optional 3. **Value:** Your API key 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API 6. Click "Save" > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Nightfall AI** **stories in the [story library](https://www.tines.com/library?s=nightfall%20ai&view=all)** ## "No flows available" Error ## **Overview** The "No flows available" error in Tines occurs when your tenant exceeds its allowable flow limit. A "flow" in Tines refers to a connected set of one or more actions within a Storyboard that can run automatically. Understanding this error will help you manage your workflows more efficiently and continue working without interruption. ​ ## **Cause and solution** ### **Exceeded Flow Limit** Your organization has reached the maximum number of flows as defined by your subscription. In Tines, an autonomous flow is one that runs on its own without requiring manual intervention. When you've used all available flows, you won't be able to create new ones or restore archived stories with flows. > 🟢 **Solution**: > > - Archive unused stories to remove their flows from the active count. > > - Move stories to the "Personal Stories" section, as these don't count against your team's flow limit. > > - Consider requesting an increase to your flow allocation by upgrading your tenant subscription. ### **Restoring Stories With Connected Actions** When attempting to restore a story that contains connected actions, you may encounter this error if the total number of flows would exceed your allowed limit upon restoration. > 🟢 **Solution**: > > - Before restoring, check your current flow usage and ensure you have enough available flows. > > - Archive other unused stories first to free up flow capacity. > > - Consider breaking down larger stories into smaller components with fewer flows. ## **Troubleshooting checklist** ☑️ Review your current flow usage in your tenant settings ☑️ Identify and archive unused or redundant stories ☑️ Prioritize which stories are essential for production environments ☑️ Move development or test stories to Personal Stories when possible ☑️ Contact your Tines administrator about subscription limits ​ ## **Need further assistance?** Have questions or still seeing the error after working through the sections above? We are happy to help! ⬇️ [Contact Tines Support](https://www.tines.com/contact#support) **with the information below**, when available: > - The number of active stories in your tenant > > - The number of flows you're currently using > > - Screenshots of the error message > > - Details about what you were doing when the error occurred (creating a new story, restoring an archived story, etc.) ## Notion Authentication Guide Notion is a freemium productivity and note-taking web application developed by Notion Labs Inc. It offers organizational tools including task management, project tracking, to-do lists, and bookmarking. Additional offline features are offered by desktop and mobile applications available for Windows, macOS, Android, and iOS. Users can create custom templates, embed videos and web content, and collaborate with others in real-time. ## First, get a Notion secret 1. Make sure you have admin authorization in your Notion workspace. 2. Login to [My integrations](https://www.notion.so/my-integrations) in the Notion developer portal and click "New Integration" ​ ![](https://downloads.intercomcdn.com/i/o/948720975/2998d2e6d01059a3f3583a4b/image.png?expires=1781611200&signature=2a0e251fd579cd0f5df359090b997b32960770d3fa8f7cf238d335df2dea3582&req=fSQvEct%2BlIZaFb4V1XW4gdQwUfe5lMsB9xwEmm9wO%2FM%2BYNxUXrZ46a%2Fart8H%0AYgFssrmsAVqAzknZT9Jz645B2g%3D%3D%0A) ​ 3. Name the integration, ensure it is connected to the correct workspace and then click "Submit" ​ ![](https://downloads.intercomcdn.com/i/o/948721781/f03ab18751fcc07b7380ae4c/image.png?expires=1781611200&signature=ce49e256410d715e4e6fcfefe0d2aa8edeed59885cec9191815f9374e775fccd&req=fSQvEct%2FmoleFb4V1XW4gVTySZxp8gdLQeGY1E7tSRn8xuzaZNcL6ExqGOIG%0AVJNh7F%2Bh%2FtLFWvMwBsnpnFIPQA%3D%3D%0A) ​ 4. Click "Secrets", then click "Show" and copy your Secret to a text editor ​ ![](https://downloads.intercomcdn.com/i/o/948722544/1c27c9f0f837f13b45eed5ef/image.png?expires=1781611200&signature=94d5caf1c017c037e89e78cd21db67d088c74c707283c1019a32bc055567465e&req=fSQvEct8mIVbFb4V1XW4gdRhhv%2F0lm%2FghOo5garixV8ESU98KF%2BINcQNvJQc%0AgArlzl%2B3vQZOe1neDnlDrnpZdg%3D%3D%0A) ## Lastly, create a Notion credential in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Text" 4. Input the values for the Notion credential 1. **Name:** Notion 2. **Description:** Optional 3. **Value:** Your Secret 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API 6. Click "Save" > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Notion** **stories in the [story library](https://www.tines.com/library?s=notion&view=all)** ## Nutanix Prism Authentication Guide This authentication guide will cover how to create a credential for the following services: 1. [Nutanix Prism Central](#h_cd8820ee9b) 2. [Nutanix Prism Element](#h_d3c5cc92e0) ## Nutanix Prism Central Nutanix Prism Central (PC) offers an organizational view into a distributed Nutanix deployment, with the ability to attach all remote and local Nutanix clusters to a single Prism Central deployment. This global management experience offers a single place to monitor performance, health, and inventory for all Nutanix clusters. To create a Nutanix Prism Central credential, you will need your Nutanix Prism Central: - `username` - `password` ### Create a Nutanix Prism Central resource and credential in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Resource" 3. Click "+ New Resource" 4. Input the values for the Nutanix Prism Central resource - **Name:** "nutanix\_user" - **Description:** Optional - **Builder:** Your username 5. **Optional** - **Access:** What other teams can also use the resource 6. Click "Save resource" 7. Navigate to the team that will be using the API and click "Credentials" 8. Click "+ New Credential" and select "Text" 9. Input the values for the Nutanix Prism Central credential 1. **Name:** "nutanix\_password" 2. **Description:** Optional 3. **Value:** Your password 10. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API 11. Click "Save" ## Nutanix Prism Element Prism Element(PE) is **a service built into the platform for every Nutanix cluster deployed**. Prism Element enables you to fully configure, manage, and monitor Nutanix clusters running any hypervisor. To create an Nutanix Prism Element credential, you will need your Nutanix Prism Element: - `username` - `password` ## Create a Nutanix Prism Element resource and credential in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Resource" 3. Click "+ New Resource" 4. Input the values for the Nutanix Prism Element resource - **Name:** "nutanix\_pe\_user" - **Description:** Optional - **Builder:** Your username 5. **Optional** - **Access:** What other teams can also use the resource 6. Click "Save resource" 7. Navigate to the team that will be using the API and click "Credentials" 8. Click "+ New Credential" and select "Text" 9. Input the values for the Nutanix Prism Element credential 1. **Name:** "nutanix\_pe\_password" 2. **Description:** Optional 3. **Value:** Your password 10. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API 11. Click "Save" > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** ## Okta Authentication Guide Okta simplifies how users connect to apps and boost your IT team’s efficiency. Modernize your IT with the complete, integrated Okta cloud identity solution. ### First, get an Okta API key: 1. From the Okta dashboard screen, go to **Security > API > Token** or get there directly by visiting [https://#{{ your\_okta\_domain }}.okta.com/admin/access/api/tokens](https://dev-05937673-admin.okta.com/admin/access/api/tokens) ![](https://downloads.intercomcdn.com/i/o/753754320/80bd0c8a5c134fe42e4d6c32/Screenshot+2023-04-19+at+5.49.21+PM.png?expires=1781611200&signature=13e38db13a7180754c0caf27197451a6020092c7fb0784bb147aa1932f07f69e&req=cyUkEcx6noNfFb4V1XW4gZYj3wf9zkOkM%2BAT1OAAv6FYBfDfSomGH4dwIkh3%0ATaek7hegdo7OuMwLgZiJnIDuaw%3D%3D%0A) 2. Give the token a descriptive name, then click “Create token” ![](https://downloads.intercomcdn.com/i/o/753754618/850d92be6b99f442f78bafe3/Screenshot+2023-04-19+at+5.52.03+PM.png?expires=1781611200&signature=e62dbd1aad013230aadc42bd4cce53c6119f47ee5096d520e212b61bc40d8334&req=cyUkEcx6m4BXFb4V1XW4gWAXXJvSH4bjvxMHOhwQIK3INLVV2xgrGxLvZt6Z%0ANoItbdsz8GhrlsTVmHCixm7G5Q%3D%3D%0A) 3. Copy the “Token Value” and click “OK, got it" ![](https://downloads.intercomcdn.com/i/o/753754795/84504db2a254bc6852bdcf40/Screenshot+2023-04-19+at+5.54.26+PM.png?expires=1781611200&signature=bfea43d22b32fb78657f4fed91b421b860639e4f73c85aacf6203d37f11558a9&req=cyUkEcx6mohaFb4V1XW4gUmOIbF1Fb7jNCsB5FVbV1XrzcnjNr1zRk6bBFRG%0ARrSH%2FexRqrUj2f5iO163vSr0pA%3D%3D%0A) ### Next, create an Okta credential in Tines **Okta connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Okta" and follow the prompts to connect. **Manual credential creation** This method is not recommended as the Okta connect flow creates this credential with much less complexity. However, if you need to create this credential set manually, see the following steps below: 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click **Credential** 3. Click **\+ New Credential** and select **Text** 4. Input the values for the credential 1. **Name:** Required 2. **Description:** Optional 3. **Value:** API Key 4. **Metadata:** Select 'Enable metadata' and then paste in the following in Plain code mode. Replace 'yourdomain' with your Okta domain. ``` { "domain": "yourdomain.okta.com" } ``` 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API > Read more about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/okta). > > For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines). > > You can find a selection of Okta stories in the Tines [story library.](https://www.tines.com/story-library?s=okta&page=1) ## OneLogin Authentication Guide OneLogin, Inc. is a cloud-based identity and access management (IAM) provider that develops a unified access management (UAM) platform for enterprise-level businesses and organizations. ### First, create a OneLogin API credential 1. Login to your OneLogin account at [https://app.onelogin.com/login](https://app.onelogin.com/login) 2. From the "Developers" menu, select "API Credentials" ​ ​ ![](https://downloads.intercomcdn.com/i/o/851494282/f4874d3446158c14a5be8f98/image.png?expires=1781611200&signature=16bded97495d0041083dcaa636227137fe5833f1cdf1433cf1a3f8170b8b3545&req=fCUmEsB6n4ldFb4V1XW4gR8SxXAEpS%2B4Ll7xS3XTOKsoGPRmsdAbWALauxOn%0AglKzDII%2BGgKhrCEkzNWOdgH%2BIg%3D%3D%0A) ​ 3. Click "New Credential" ​ ​ ![](https://downloads.intercomcdn.com/i/o/851512062/cb9d1462c48026c82096ae71/image.png?expires=1781611200&signature=8c5f046712334d9a458d473d0064c6c5b1f6e92ed9a19958e8797e1ccf991df9&req=fCUmE8h8nYddFb4V1XW4gVh2KtMK80ri8a%2Fw1hSo3mnrvMfQfZh0Rf2F6lBM%0AZoO97GL%2Blk4j1Sk1Ta2qrNfpIg%3D%3D%0A) ​ 4. Name the credential, choose the privilege level, and click "Save" ​ ​ ![](https://downloads.intercomcdn.com/i/o/851548451/e09f6338967968a21ef0f336/image.png?expires=1781611200&signature=637170d8123e0e73d0da8e8aec194ee446d0f4e1a0e653a2e3c7723d3a5489f1&req=fCUmE812mYReFb4V1XW4gRC3%2FYxxdEXp5UUr83K9%2Fy4ehvijLIZ76rM%2BFPzS%0AQ98rD47yIJO%2BKhKzWx2%2FDdC7EQ%3D%3D%0A) ​ 5. Copy your "Client ID" and "Client Secret" to a text editor and click "Done" ​ ​ ![](https://downloads.intercomcdn.com/i/o/851549069/7d9b9a7f3a82dcc916913d83/image.png?expires=1781611200&signature=1fef34085c401a5344151daa9c42793a5461aabd1eef144b25d3392882033356&req=fCUmE813nYdWFb4V1XW4gSXUZIp4Hi3V4oh4OEAWEvPQ9ywV%2Bn0ZyzUXYBVt%0AV6ysshBOTIirwpnTsf2joYov5A%3D%3D%0A) ### Then, create a OneLogin credential in Tines **OneLogin connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "OneLogin" and follow the prompts to connect. > **Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/onelogin).** > > **For more on creating credentials in Tines, click** **[here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can also find a selection of OneLogin stories in the [story library](https://www.tines.com/library?view=all&s=onelogin).** ## OpenTelemetry: Designing a Dashboard ## Designing a story troubleshooting dashboard The goal of the **Tines** **Story Troubleshooting Dashboard** is simple: > *Make it obvious which parts of a story are slow, erroring, or noisy.* This dashboard is designed to troubleshoot HTTP-centric Tines stories. It combines span-derived metrics from Prometheus with raw traces from Tempo. You can filter to a single story, drill down into specific destinations or actions, and jump directly from panels into full traces. It focuses on answering: what is slow, what is failing, and whether the issue lives in Tines execution, a particular action, or an external destination. The dashboard is organized around three ideas: 1. **Story-level health** - high-level RED metrics - total requests, errors, duration percentiles - quick read on “is this story generally healthy?” 2. **Action-level performance** - latency by action - error rate by action - outlier actions that only occasionally spike 3. **Drill-down paths** - click → jump directly into **Tempo traces** ### Breaking down the dashboard #### **1\. Overview** The Overview section gives a fast, high-level read on the health of a single Tines story. It surfaces core RED metrics such as request rate, error volume, error percentage, average duration, and P99 latency. The intent is simple: tell you, within a few seconds, whether the story is generally healthy or exhibiting failure or latency symptoms. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2178477532/6a054ce0d587e27467092fc9198b/image.png?expires=1781611200&signature=99689044e8aa59572afc30c588690876fd601d8993a1c2964a832ca1f81db48e&req=diEgHs15moRcW%2FMW3nq%2BgeQMCjydF47ilbB8BVFyKnllS17jsBtRMXl%2BqT1i%0A8ux0sfSS4sYja8hclG2HrKQun6E%3D%0A) #### **2\. Trends over time** This section focuses on how behavior changes across time, not just point-in-time snapshots. You’ll see throughput, success and error rates, and latency percentiles plotted across the selected time window. This makes it easy to spot patterns such as gradual performance decay, sudden regressions after a deploy, or spikes that correlate with increased traffic. It also helps distinguish sustained latency problems from rare tail events. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2178481924/789895e8c74bbeff45a83eee7dfb/image.png?expires=1781611200&signature=3256cbabd6943aae60baafb33c0e1beab59b5a61685dca07e8ff7ba2d4420fe7&req=diEgHs12nIhdXfMW3nq%2BgQxr5HH%2BgXbGfFo479iyM%2ByBrk20w2myEdXKkT41%0AJQOaN%2FxF3y%2BOVvGZ%2FGp%2FwBjb3WU%3D%0A) #### **3\. Error analysis** The Error Analysis section is designed to answer a single question: what is failing, and where? Errors are broken down by HTTP status class, action, and destination. This helps isolate whether failures are concentrated in one integration, one destination, or one specific action. From here, the dashboard also exposes direct trace pivot links, letting you jump from “error count increased here” into the exact traces responsible for those failures. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2178483595/ba6eed9c74de6c7905629d9291e4/image.png?expires=1781611200&signature=1c907db1e4d076b22f88be27c8981d1f72d8eb38032c61cb7cc4ccff2467375a&req=diEgHs12noRWXPMW3nq%2BgXk2KV87NMo4neMRu%2Fq9A5fyg1Ewru%2BKk2rWp442%0Apn1s%2B9i%2FAN6waeB95X19fNUsmjY%3D%0A) #### **4\. Performance analysis** This section shifts the focus from failure to slowness. It highlights the actions and destinations contributing the most to overall latency using percentile-based views such as P95 and P99. You can see whether performance degradation is systemic or isolated to a handful of expensive operations. It also surfaces slow-request samples, allowing you to hop straight into slow traces rather than hunting manually in Tempo. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2178485285/31b633c69c81c809b9322a6b56c9/image.png?expires=1781611200&signature=7567991f4ed4d3ef2996c59e29b1050e52a524ebd40ca5751987285cdc447636&req=diEgHs12mINXXPMW3nq%2BgWigX7ulzf8XlilUVOIYy594kYxPs17bxvVQwYVw%0AqvCJPlaZCveo%2BYiWAacY4NGsUek%3D%0A) #### **5\. Volume & activity** The Volume & Activity panels help explain load characteristics of a story. They show which actions generate the most requests and how frequently specific destinations are called. This is particularly useful for identifying noisy polling actions, unexpected loops, or integrations that are being exercised far more than expected. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2178486967/368a92290ee1dee1a0494623f15d/image.png?expires=1781611200&signature=235aa56d0a48079dfdd124ec7f4a02b35fac9b5a810e51a42d38ecb527bb503f&req=diEgHs12m4hZXvMW3nq%2BgY7yS6mP%2BFYGpRDuRPgQHgu%2Bi0UJ7ADBQV3%2BX38L%0AllRs4BQ6MwtUnlH%2BawqlykO0kVo%3D%0A) #### **6\. Raw events & DB slow query panels** This section pulls in recent trace samples, not just aggregated metrics. You’ll see tables of the latest erroring requests, slow requests based on your defined threshold, and relevant database-related spans. These provide direct, click-through entry points into Tempo, allowing you to move straight from metric-level symptoms into span-level root cause investigation without guesswork. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2178489393/30d8aa6b5739cbf020b665e59cba/image.png?expires=1781611200&signature=98a97ffa1c1f89f912c63f1a2315e465eac13eaab29248790e56252beb52b012&req=diEgHs12lIJWWvMW3nq%2Bga6m0iSZsqZnp%2BOHYCSVkVVx3CZviWAFRThOb1Vl%0A3P%2BNwe6DGzJ%2FrLm3k%2BiDaQvOw%2BI%3D%0A) Continuing on from the example in [this article](https://explained.tines.com/en/articles/14120804-opentelemetry-designing-and-implementing-an-observability-stack), you can find the configurations for the observability stack and Grafana dashboard in the .zip file below: [tines-grafana-blog-v1-0-0.zip](https://downloads.intercomcdn.com/i/o/am0g137l/2178474801/71a6b9a9c8d6fec60132d4531ae6/tines-grafana-blog-v1-0-0.zip?expires=1775142000&signature=ccbe46e7f6182683f2457da2dd7bc0d0dc3b3467cd83002db4df22ef9b70d3d7&req=diEgHs15mYlfWPMW3Hu4gdHY7b%2B4xHAW1ayUH4DoGbjOGEYw8i5TSG4XXvng%0AJA%3D%3D%0A) Read the following articles for help with: - [OpenTelemetry: Practical Troubleshooting](https://explained.tines.com/en/articles/14121076-opentelemetry-practical-troubleshooting-walkthrough) ## OpenTelemetry: Designing and Implementing an Observability Stack ## Designing an observability stack There isn’t a single “right” design. Different teams will make different choices based on scale, security requirements, cost constraints, and what they already run in production. For this example, the observability design is intentionally simple. The goal is to show how Tines emits traces, how those traces move through the pipeline, and how they turn into something you can actually use in Grafana. At a high level, the stack is built around five core components: - Tines**:** Generates OpenTelemetry traces - [OpenTelemetry Collector](https://opentelemetry.io/docs/collector/): Receives traces from Tines, does light processing and sampling, then forwards them - [Tempo](https://grafana.com/docs/tempo/latest/): Stores full traces and lets you search and inspect them - [Prometheus](https://prometheus.io/docs/introduction/overview/): Stores metrics derived from those traces, including RED and service-graph metrics - [Grafana](https://grafana.com/docs/): The user interface layer that queries Tempo and Prometheus and powers the dashboards Tines sits at the edge, emitting telemetry. Everything else exists to receive it, shape it, store it, and present it in a way that helps you answer questions about performance problems. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2178418062/3ae3f3688f1adea0d1eed4469d7f/image.png?expires=1781611200&signature=903e1474ca6d4d3fda7c37f05cc6ad360028340628ca7218d8622bcca8fa02bd&req=diEgHs1%2FlYFZW%2FMW3nq%2Bga48YAJk2Dd1nhI%2FBbWgcvpkLrru5Xm%2B8UKcsqSe%0ANMzsMEEfAURheOWHT30Gww5FMME%3D%0A) This diagram shows the high-level movement of data through our example system: - Tines exports OTEL traces - the OTEL Collector receives and processes them - Tempo stores and indexes traces for search and TraceQL - Prometheus stores span-derived metrics - Grafana queries both and ties traces and metrics together You can find the configurations for the observability stack and Grafana Dashboard in the .zip file below: [tines-grafana-blog-v1-0-0.zip](https://downloads.intercomcdn.com/i/o/am0g137l/2178421195/26758c35c9dee243d8a769536b53/tines-grafana-blog-v1-0-0.zip?expires=1775142000&signature=062abd09742c36408f9abb6a129c6d6ab013eef4b098d64d99cdb22d44f6e2f6&req=diEgHs18nIBWXPMW3Hu4gSva0LBDhDlaFtNjLnq1HJ0%2F1IekOcXszlYImtlc%0ATw%3D%3D%0A) > Note on configurations provided in this article. > > The configuration examples included in this article are intended to illustrate how an example OpenTelemetry stack can ingest Tines OTEL traces. They are not the only valid deployment pattern and should not be treated as production-ready configurations without thorough self-review. Different environments will use different storage backends, security controls, sampling strategies, and network topologies. ## Implementing an observability stack Tines needs to be configured to export OTEL Traces to our stack. At a minimum you need to: - enable tracing and auto instrumentation - choose the OTLP protocol (HTTP or gRPC) - point Tines at your collector endpoint - optionally set a service name This means setting container environment variables for tines-app and tines-sidekiq like the below example: ``` environment: # Enable OTEL - OTEL_ENABLED=true # Configure endpoint and protocol - OTEL_EXPORTER_OTLP_PROTOCOL=http/protobuf - OTEL_EXPORTER_OTLP_ENDPOINT=http://otel-collector-host.example.com:4318 - OTEL_SERVICE_NAME=tines-app # Enable auto-instrumentation for detailed traces - OTEL_AUTO_INSTRUMENTATION=true environment: # Enable OTEL - OTEL_ENABLED=true # Configure endpoint and protocol - OTEL_EXPORTER_OTLP_PROTOCOL=http/protobuf - OTEL_EXPORTER_OTLP_ENDPOINT=http://otel-collector-host.example.com:4318 - OTEL_SERVICE_NAME=tines-sidekiq # Enable auto-instrumentation for detailed traces - OTEL_AUTO_INSTRUMENTATION=true ``` ### Docker Compose: Deploying an observability stack To keep everything self-contained, we’re running the observability stack with [Docker](https://docs.docker.com/) in a single `docker-compose.yml`. The following diagram shows how all of the components in the stack fit together, including what is exposed, what stays internal, and how data moves through the system. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2178428125/81d34bc457d1f2a0169774ebc6d3/image.png?expires=1781611200&signature=9af7e5364de99a4baffc8d6cf3db536a1aba1477f49aa6decaf6cc574f14615e&req=diEgHs18lYBdXPMW3nq%2BgUiP8BqRbcUcfrEGYgBCQAAXwT8AWneENlmiYLd6%0ARO%2Bi%2FD6vS1y8SNj11vF5OdgRt5E%3D%0A) Below is the directory structure used for this example: ``` tines-observability/ ├─ docker-compose.yml ├─ .env # .env file ├─ grafana/ │ └─ provisioning/ │ ├─ datasources/ │ │ ├─ prometheus.yml # Grafana Prometheus Datasource │ │ └─ tempo.yml # Grafana Tempo Datasource │ └─ dashboards/ │ └─ story-troubleshooting.json # Grafana dashboard json(s) ├─ tempo/ │ └─ tempo.yaml # Tempo config ├─ prometheus/ │ └─ prometheus.yml # Prometheus scrape config ├─ otel-collector/ │ └─ config.yaml # OTEL Collector config └─ data/ # Bound as volumes ├─ grafana/ # /var/lib/grafana ├─ tempo/ # /var/tempo (trace blocks) └─ prometheus/ # /prometheus (TSDB) ``` ### OTEL collector: Configuration, filtering, & exporting traces The OpenTelemetry collector is the center of the pipeline. Tines sends traces here, the collector decides what to keep, generates metrics from those traces, and then forwards everything to the right backend. ### Receivers: Where Tines sends the data The collector exposes both OTLP endpoints: - **gRPC on 4317** - **HTTP on 4318** You can choose either protocol in Tines, so both are enabled: ``` receivers: otlp: protocols: grpc: endpoint: 0.0.0.0:4317 # GRPC Receiver http: endpoint: 0.0.0.0:4318 # HTTP Receiver ``` ### Filtering: Remove noise before sampling Before sampling or exporting, the config drops spans you will almost never care about. In our example we’re dropping the /health endpoint, but you can filter more aggressively as needed: ``` filter: traces: span: - 'attributes["http.target"] == "/health"' ``` > Note: Tines has [additional recommendations for head based sampling](https://www.tines.com/docs/self-hosting/additional-configuration/exporting-opentelemetry-traces/#optional-sampling-auto-instrumentation) for auto instrumentation, as it can be extremely noisy. An efficient and useful production sampling configuration likely employs a combination of both head and tail based sampling. ``` # Tail-based sampling - decides AFTER seeing complete traces tail_sampling: decision_wait: 20s # Wait time for spans before sampling decision num_traces: 20000 # Max in-flight traces considered for sampling expected_new_traces_per_sec: 75 # Used to size internal reservoir/buffers policies: # Evaluated in order, first match wins - name: errors type: status_code status_code: status_codes: [ERROR] # Keep 100% of errors - name: slow-traces type: latency latency: threshold_ms: 5000 # Keep 100% of traces >5s - name: fast-traces type: probabilistic probabilistic: sampling_percentage: 10 # Sample 10% of remaining "normal" traces ``` ### Batch & memory protections Two processors are here largely for operational safety: - `batch`: send spans in groups instead of individually - `memory_limiter`: keep the collector from running out of memory ``` # Batch - groups data before export to reduce network overhead batch: timeout: 10s # Max time to wait before flushing a batch send_batch_size: 1024 # Preferred batch size (items) send_batch_max_size: 2048 # Hard cap on batch size # Memory limiter - prevents OOM by applying backpressure memory_limiter: check_interval: 1s limit_mib: 1536 # Soft cap for collector memory inside 2GiB container ``` ### Spanmetrics connector: Turning Traces into Metrics The spanmetrics connector converts traces into Prometheus-queryable metrics. It does three main things: 1. It builds latency histograms using explicit **buckets**, which lets us calculate percentile latency (like P95/P99) and quickly spot slow or timing-out requests in the dashboard. 2. It enables **exemplars**, so individual metric points can link directly back to the exact trace in Tempo that caused them, making “jump to trace from spike” possible. 3. It adds selected **dimensions** (HTTP method, status code, destination host, exception type, story and action identifiers) so we can break metrics down by specific actions, destinations, or failure types without exploding cardinality. ``` connectors: spanmetrics: histogram: explicit: # Extended buckets for better P95/P99 accuracy and timeout detection buckets: [100ms, 250ms, 500ms, 1s, 2s, 5s, 7s, 10s, 12s, 15s, 20s, 30s, 45s, 60s] exemplars: enabled: true # Link metric samples back to example traces in Tempo metrics_flush_interval: 15s dimensions: # HTTP attributes - name: http.method - name: http.status_code # Network attributes - name: net.peer.name # Destination hostname # Error attributes - name: exception.type # SSL / timeout / connection error groupings # Tines-specific attributes - name: action.type # Agent type (HTTPRequestAgent, etc.) - name: action.id # Specific action within story - name: story_container.id # Container/folder ID # Database attributes - name: db.system ``` ### Exporters: Where data actually goes Traces → Tempo ``` # Send traces to Tempo for storage and querying otlp/tempo: endpoint: tempo:4317 compression: gzip # Compress traces before sending sending_queue: enabled: true num_consumers: 4 # Parallel senders queue_size: 10000 # Buffer during Tempo hiccups tls: insecure: true # No TLS for internal Docker network timeout: 30s retry_on_failure: enabled: true initial_interval: 5s max_interval: 30s max_elapsed_time: 300s # Give up after 5 minutes ``` Metrics → Prometheus ``` # Expose metrics for Prometheus to scrape at :8889/metrics prometheus: endpoint: "0.0.0.0:8889" namespace: tines # Prefix: tines_traces_span_metrics_*, tines_otelcol_* const_labels: environment: production resource_to_telemetry_conversion: enabled: true # Promote resource attrs (service.name, etc.) to metric labels ``` ### Service pipelines: wiring it all together At the bottom of the config, everything is connected: ``` service: telemetry: logs: level: info metrics: level: basic # Enable otelcol_* self-metrics pipelines: # Traces: OTLP → mem limit → filter → tail sampling → batch → Tempo + spanmetrics traces: receivers: [otlp] processors: [memory_limiter, filter, tail_sampling, batch] exporters: [otlp/tempo, spanmetrics] # Metrics: spanmetrics + prometheus receiver → batch → Prometheus exporter metrics: receivers: [spanmetrics] processors: [batch] exporters: [prometheus] ``` ### Tempo: Trace storage Tempo is the trace backend in this stack. The OpenTelemetry Collector sends sampled traces to Tempo over OTLP, and Tempo is responsible for storing them and making them queryable from Grafana. This configuration does a few important things: - Tempo is configured to listen on: - gRPC on `4317` - HTTP on `4318` - These ports are internal to Docker. Tines never talks to Tempo directly — traces always go Tines → OTEL Collector → Tempo. - It uses local storage with WAL + block compaction - a write-ahead log (WAL) at `/var/tempo/wal` - WAL is the short-term buffer while traces are being ingested - immutable **compressed blocks** at `/var/tempo/blocks` - blocks are the long-term persisted storage - the compactor periodically merges and deletes old blocks - Retention is explicitly configured: `block_retention: 168h` → 7 days of traces - **It runs the metrics generator** - This config enables Tempo’s built-in metrics generator. The generator consumes traces and produces: - service graph metrics - exemplars tied back to Tempo traces - Those metrics are sent to Prometheus via `remote_write`: [`http://prometheus:9090/api/v1/write`](http://prometheus:9090/api/v1/writew) with `send_exemplars: true` ### Prometheus: metrics from traces In this stack, Prometheus stores metrics that are generated from traces\*\*:\*\* - Tines sends traces to the OTEL Collector - the Collector turns those traces into metrics via spanmetrics - Prometheus scrapes those metrics and stores them ### Grafana: datasources and dashboards Grafana is the UI layer in this stack. It does two things for us: - connects to **Tempo** for traces - connects to **Prometheus** for metrics - optionally loads **prebuilt dashboards automatically** Instead of clicking everything together in the UI, we deploy Grafana declaratively so the environment is repeatable. ### Datasource provisioning **Tempo datasource** - type: `tempo` - URL: [`http://tempo:3200`](http://tempo:3200) - used for: - TraceQL search - viewing full traces - jumping from metrics → trace It’s also wired so Tempo can pull metrics context from Prometheus for service maps and node graphs. **Prometheus datasource** - type: `prometheus` - URL: [`http://prometheus:9090`](http://prometheus:9090) - marked as **default** - sample interval set to `15s` to match scrape interval - exemplarTraceIdDestinations tells Grafana: - exemplars in Prometheus metrics contain a **trace ID** - clicking them should open **Tempo** ### Dashboard provisioning The dashboard provider configuration tells Grafana to: - look for JSON dashboards in `/etc/grafana/provisioning/dashboards/json` - put them in a folder called **Tines** - automatically reload if files change Read the following articles for help with: - [OpenTelemetry: Designing a Dashboard](https://explained.tines.com/en/articles/14120923-opentelemetry-designing-a-dashboard) - [OpenTelemetry: Practical Troubleshooting](https://explained.tines.com/en/articles/14121076-opentelemetry-practical-troubleshooting-walkthrough) ## OpenTelemetry: Practical Troubleshooting Walkthrough > *I have a story in my Tines instance that i’ve noticed has been running erratically, erroring, and overall slow.* Based on the above problem, we should be able to answer the following: 1. What are the overall RED metrics for my story? 2. What Action(s) and Destination(s) are encountering errors or exceptions in my story? 3. What Action(s) are consistently slow in my story? 4. How can I easily see what is consuming HTTP request run times? ## Overall: RED metrics This is pretty easy to see from the overview section. We can clearly see that my story, over the last hour, has had an extremely high error rate and high average request duration. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2178514446/1984a12a550aecd22f9b30ee7faf/image.png?expires=1781611200&signature=c4f28dc9749d085e96cb3df7312f0ea1b6c63b5af34dd7d04b9e2e1bfa49b3de&req=diEgHsx%2FmYVbX%2FMW3nq%2BgXLpywqHcYEPJ6hL2bu7UsNi0FSh4nO3b8tORPdd%0AaXrCrkmMk%2B1uXkPgT5ju%2F%2BMKKME%3D%0A) We can see that my request volume over time has been consistent, with spikes correlating to when the story is scheduled to run. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2178515853/dfdea5096c4b867236fc1b5843a4/image.png?expires=1781611200&signature=498b79f3548e5dcd733c2fc2aa42971ba47f4521011bf76d701812ddc1dbfd63&req=diEgHsx%2FmIlaWvMW3nq%2BgT9Su3IlCx4BgGBfrAeG4ljIb%2FFMetR2pWkeK5%2Bq%0AzW%2FZkuZ2PVFTF0EfR1lkvaNQDm0%3D%0A) We can also see that the story has had a consistent error rate each run, meaning there is likely a set of or singular action(s) that are having issues. The high request duration percentiles also indicates that one or more actions are running slowly. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2178520650/22ac316760ba8428b26e551e0a83/image.png?expires=1781611200&signature=f6222ac9e508bed914ba53d00ea957cd04fffc7596e5b13b17f43112748e5876&req=diEgHsx8nYdaWfMW3nq%2BgVGOgC6sYmKoo3chO%2B5dXpP4ukk0iz%2BIxjMA0s8X%0A1gTmPpOYbwVvqORVID2QrJXZRBE%3D%0A) ### Actions & destinations: Errors & exceptions Now I need to see which actions and destinations are the most problematic in my story. This Trend graph over time shows that I am consistently receiving 4 main errors: - 4XX errors - 5XX errors - SSL Errors - Timeout Errors So which actions are the problem? ![](https://downloads.intercomcdn.com/i/o/am0g137l/2178526802/bdf0fd42db90cd0b2adf30e00f72/image.png?expires=1781611200&signature=724df021472b4b7c17d41a1fbcf33da470b0f28cafd84f3b367f10bd4920a4ec&req=diEgHsx8m4lfW%2FMW3nq%2BgZFb02vtlR%2BOqXCiLcMBQIXA3T6R8IbGHm3fDJtu%0AkCOvSjeBWC3tKODz9ej%2B71uF%2FG0%3D%0A) ![](https://downloads.intercomcdn.com/i/o/am0g137l/2178527712/f0e6f6b85fae03db2b3e282f1ab2/image.png?expires=1781611200&signature=576dab2f5ad053f351936cdc4eecce98a00648f5b5fa629ed8e561e80650981b&req=diEgHsx8moZeW%2FMW3nq%2BgQSd%2BGqMjh2zuZl%2BJ2S%2B7jo2kde%2Fk74EUFxZ26Oy%0Aa1H0XpIir4RAsemkHaOtZ6mdA08%3D%0A) I can see that action ID 2057 is my highest error count, clicking into the Trace link for that action, I can easily find out that the action is generating a lot of 504 errors. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2178528849/d02bad680fc49932435479cda5e3/image.png?expires=1781611200&signature=49c642e796d53d5f37f989594d8b06fbeafc78dccefe5d6f345103342b530f1b&req=diEgHsx8lYlbUPMW3nq%2BgexAsyB1D5LzGOSqg8iCyXlgfqcx8tHwpE%2BUbryU%0A6uf%2BKCDjCIb9rU%2Bt%2FKCJjsnauzk%3D%0A) Checking the action logs in my story confirms that this action is receiving 504 errors, so I can now investigate deeper as to why! ![](https://downloads.intercomcdn.com/i/o/am0g137l/2178529618/f3b8c8eea28318dd1a5bc0f85de4/image.png?expires=1781611200&signature=e48dfd803acc06163b41d702c18f6a8fd6ee244d1eb2dde56dd98989ab55422a&req=diEgHsx8lIdeUfMW3nq%2BgTgd67KOAHINhIy7rsl2fGY58RZwMlDdRIP26WlE%0Adopb%2BS6Q60NcEmgoPxOYUyazXSs%3D%0A) Similarly with destinations, I can see that self-signed.badssl.com & [expired.badssl.com](http://expired.badssl.com/) are receiving exceptions. Clicking into expired.badssl.com and drilling into a span shows me that the service for this destination is returning an expired certificate. Within the span attributes we can then see the action id for this problematic action is 2033. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2178531084/acf1a51f41188e53ef0649b4620c/image.png?expires=1781611200&signature=5cec930d7917f0a612b23588f0166cf84bf6e623445393ffee7d28022a868006&req=diEgHsx9nIFXXfMW3nq%2BgRaH2sEnWnmHKBwF1g%2FfG8d%2BET7%2BI%2BzpkwuXvTFm%0Abyunp9IB9WqNVU8KvwOBnaqjKx4%3D%0A) ### Actions: High latency Now that i’ve identified all the errors in my story, I want to find which actions are slowing down my story execution. Looking at the performance analysis section shows me my average latency is high, but particularly so for tines-mbp.local. Drilling into the span for the slowest action, I can see that the majority of the time spent for action 2035’s execution was actually just the http request to the service and timed out. We can see prior and subsequent operations (like database calls) were very quick! ![](https://downloads.intercomcdn.com/i/o/am0g137l/2178797683/5a5f04cf8df0ba8bcefaedefc06b/image.png?expires=1781611200&signature=66548b182be10d5331f89e219abd7545d5669474fdc1619e9193c2b83484c943&req=diEgHs53modXWvMW3nq%2BgT3J7cQmekOZwEjKrCTkOKtb1e9yOeCSZllhXOec%0AQLs1NxXqYmKkhrfFFjIax3gWyrY%3D%0A) ![](https://downloads.intercomcdn.com/i/o/am0g137l/2178797937/0f3fa897c21f3525f266db28f5e9/image.png?expires=1781611200&signature=3bd5c53ed9400d88ae9ba582fa555f368d7c6f53e41cb5bfe447683b0f4dbd03&req=diEgHs53mohcXvMW3nq%2Bgb08HFHYKhPiYZRsSKiaDx4T1n6gHito2i5vu64y%0AnFR4inJN8POoQpluq%2BxGmXgHtvM%3D%0A) ### HTTP requests: Where is the time spent I’m also suspicious that a normally fast set of actions has been particularly slow. I’ve confirmed that the route and endpoint work very quickly normally. In this case, I can check the slow tines-app DB queries in sidekiq jobs panel to check if there any requests are slow because of the database, and not the http request. We can see I have a few spans that fit the criteria! Drilling into the span, we can see the majority of this HTTP POST request was actually spent inside of the database, and not the POST itself! ![](https://downloads.intercomcdn.com/i/o/am0g137l/2178799359/c9118a0e81aa9306749a19086e48/image.png?expires=1781611200&signature=5c19e43b2ef25754c6924a02d3ae5b9c65892db65d99b7b2870b3b4ad01b0091&req=diEgHs53lIJaUPMW3nq%2BgRotr37Dd6OmY%2Fdd3wCHQ%2FWFD2R7S%2BV339Ugq5hu%0AQRNKifatgteMb22qA87kDN2uGS4%3D%0A) ![](https://downloads.intercomcdn.com/i/o/am0g137l/2178799487/428fcf83ed596aa328e564cadb51/image.png?expires=1781611200&signature=3c3fa0c71282915345fa5b6b0b75001adfdd6b0567d3518150483e029f7a4889&req=diEgHs53lIVXXvMW3nq%2BgYArB9oeiirXyxU%2FV5VtQusmrYJ16%2B5zMThHR9A2%0Ai6vre8tDudFqe6B9a3B6BS0QweE%3D%0A) Continuing on from the example in [this article](https://explained.tines.com/en/articles/14120804-opentelemetry-designing-and-implementing-an-observability-stack), you can find the configurations for the observability stack and Grafana dashboard in the .zip file below: [tines-grafana-blog-v1-0-0.zip](https://downloads.intercomcdn.com/i/o/am0g137l/2178903633/6cf0f830ed2b31f0cd62329c42d7/tines-grafana-blog-v1-0-0.zip?expires=1775142000&signature=76252cc83d6ea5270ddfed126d49bde534ebd5bb663563b8da7a690bb79c940b&req=diEgHsB%2BnodcWvMW3Hu4gbPmwf4Br7id9jPnPlNndpibnqMr0cfNFCQT2T07%0Aiw%3D%3D%0A) ## Orca Security Authentication Guide ### First, create a Orca Security API token 1. Log into your Orca Security dashboard [app.orcasecurity.io](https://app.orcasecurity.io) 2. Log in to your Orca Security tenant 3. Select the **Settings** icon on the left side 4. Under **Connections**, select **Integrations** 5. Select the **API Tokens** tile by clicking **See API Tokens** 6. Determine the expiration date, role, and scope you wish to apply 7. Click **Add** ### Lastly, create a Orca Security credential in Tines **Orca Security connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Orca Security" and follow the prompts to connect. > **Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/orca-security).** > > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Orca Security stories in the [story library](https://www.tines.com/story-library?s=orca+security&page=1)** ## Pages FAQs ## How do I configure a Tines page with SSO (Okta)? There are three steps to share a page with your organization in Tines via Okta. 1. Ensure that Tines has been assigned to the colleagues who need to access the page 2. Ensure that SSO is configured for your tenant. The option to select SSO will not appear unless SSO is configured for your tenant. 3. Set the page as "Public" and tick the "Require SSO" option ![](https://downloads.intercomcdn.com/i/o/am0g137l/2218691957/d5545f8924410a9d604e56b7ffe8/209e9ee8-1e54-4245-8dff-830110976d30?expires=1781611200&signature=30bace93391b10c535f7c515382f7953824b6861e0def8cae68961833a40189e&req=diImHs93nIhaXvMW3nq%2BgWn069ODp4b9IWZSFynXQWZCtzsp3ZGuXUy5AnNw%0AJ8UjntU6FDVYh0AJBAmV2djUFiw%3D%0A) ## Does Tines Pages support vanity URLs? Tines currently does not support vanity URLs. > Read more about pages in our docs [here](https://www.tines.com/docs/pages/). ## Palo Alto Networks Firewall Authentication Guide To generate an API key you will need the following: - The firewall's hostname or IP address - The firewall's admin username - The firewall's admin password ## First, create Palo Alto Networks Firewall credential in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Text" 4. Input the values for the Palo Alto Networks Firewall credential 1. **Name:** PAN Firewall Admin Password 2. **Description:** Optional 3. **Value:** Your admin password 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API 6. Click "Save" ## Next, generate a Palo Alto Networks Firewall API Key in Tines 1. Create a new story 2. Paste the following action onto the storyboard, replace `firewall_hostname` and `` with the firewall's hostname and admin username, then run the action ​ ``` {"standardLibVersion":"42","actionRuntimeVersion":"6","agents":[{"disabled":false,"name":"Generate PAN Firewall API Key","description":"Created from cURL command","options":"{\"url\":\"https://<>/api/?type=keygen\",\"method\":\"post\",\"content_type\":\"application/x-www-form-urlencoded\",\"payload\":{\"password\":\"<>\",\"user\":\"\"}}","position":{"x":1995,"y":375},"type":"httpRequest","timeSavedUnit":"minutes","timeSavedValue":0,"monitorAllEvents":false,"monitorFailures":false,"monitorNoEventsEmitted":null,"recordType":null,"recordWriters":[],"form":null,"cardIconName":null,"createdFromTemplateGuid":null,"createdFromTemplateVersion":null,"originStoryIdentifier":"cloud:aa47f8215c6f30a0dcdb2a36a9f4168e:cf6e110a4849cd0f6b69a3d39da8f81a"}],"links":[],"diagramNotes":[]} ``` 3. Copy the `key` value from the response: ​ ![](https://downloads.intercomcdn.com/i/o/943248188/ca8ea5d69450d6ebc8b60f1f/image.png?expires=1781611200&signature=b40bc06f6406d19fee7990de2a9e7e00396b4bba676a2c962fca6289a3c41bdb&req=fSQkFM12nIlXFb4V1XW4gUS3FTGIAkdQ3fzRndP4G%2Fry12KrJ0ROjofbPTsq%0AabyAfInkRGrwgKCoJGy6q159%2Fg%3D%3D%0A) ​ ## Lastly, create Palo Alto Networks Firewall credential in Tines 1. Navigate to the team that will be using the API and click "Credentials" 2. Click "+ New Credential" and select "Text" 3. Input the values for the Palo Alto Networks Firewall credential 1. **Name:** PAN Firewall API Key 2. **Description:** Optional 3. **Value:** Your API Key 4. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API 5. Click "Save" > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Palo Alto Networks Firewall** **stories in the [story library](https://www.tines.com/library?s=palo%20alto%20networks%20firewall&view=all)** ## Payloads in Tines explained ### **What are payloads?** Payloads are a way to send structured data as an event in Tines. Think of payloads as the messages sent between your web browser and a website or application. Where the HTTP request is the transfer of the information, the payload is the actual information being transferred. You can send data using payloads to: - another system via an API - another story via a send-to-story action - or to another action within a story via our event transform action ### **How can I use payloads in Tines?** You can use payloads with 3 of the 8 action types in Tines: HTTP requests, event transform message-only mode, and send-to-stories. In the case of HTTP requests, a payload can be the data sent with a HTTP request or the data returned from a HTTP request. So if we are making a request to a weather API to fetch the weather, the payload can be the request for specific weather information, or it can be an actual forecast that is returned. You can configure the request as a key/value option in the action builder like this: ![](https://tines-f60bb36f92a5.intercom-attachments-7.com/i/o/977863909/b08b7750e8ecb16458b38be8/SGrX98hWIpAf8sIpbhxJ52b0vB-lCut5-EEuocQILmhqgjrcC01Cjq5D3BVXs4pCmUPqG1jRe_cN8O8pe0s4BHlFyRy3wRWADzqeOpfzD48HjRGlCRfk8r1R5N5zc7-0hii4f1SSCv6a94YWtMLgvsQ?expires=1781611200&signature=4d7f6e132e127604a200c29fed6cc87f7ccd0f44f23d3be923d835ec86083478&req=fScgHs99lIFWFb4V1XW4gZxALiNysNiHNSb2gdj3HcgA%2BfKjs5SRHAlRwV7e%0ATtuDSNqPgXxUoMBXe3ckgJqS6g%3D%3D%0A) In plain code, that would look like this: ![](https://tines-f60bb36f92a5.intercom-attachments-7.com/i/o/977863925/08cc72a4fc988003954941ff/OtQLRy1Q54rXnvXgk8VCu0jdUqEqbrnm9KtXzadpCzwzT7Zl0wD37wPsalxudZNxjEm521eLPIJgLfaC2IyD14zWvBphnFCWzsdRQLGkrlh4ijg35nRMhA8pU1W1NvTcT0TpJn7x6Ki48_VorxW6p_k?expires=1781611200&signature=5f5a62924d76f924ed362502433f76aa2378d1394c5655aa8c1ca69e90c0598b&req=fScgHs99lINaFb4V1XW4gXYjcLhQu%2BgYl7Z5n%2FjmOZ%2Fq%2F4K6tIAJCZjrNBQg%0Af6FOSKhTrEhCjeHSGzsPP3Sw8g%3D%3D%0A) In the case of the information returned, a payload might look something like: `{` `"city": "dublin",` `"forecast": "broken clouds"` `}` In Tines, when configuring a payload request, you have a number of different data configuration options to choose from. The value option determines the structure of the data in the payload. The different options are; text, boolean, null, numbers, arrays, and objects. ![](https://tines-f60bb36f92a5.intercom-attachments-7.com/i/o/977863946/18a45db9576ff9b369cdfed7/CWujOVj6YdM4Z_2TBsJVhoWj43oG-HGJytugpfnLwh3Qw9Hd_hwX1SnGUHURWmJVViscdrxTZ_Pnd51T7wvOJK9npFZ2TMr0u8WZAm5hEsTg64T1SfrX6t45KCOe1NxHYYvzKqwScrX8QPBrAglr7QY?expires=1781611200&signature=bab7202af2b6e8fe36881ef17b218a4928588d0c4f5281f1963a11bbf1525e29&req=fScgHs99lIVZFb4V1XW4gfxzl2xjeK%2FhlYLE8do15iYdccvOYHYvT2R9zlwS%0A0A8t2vG6mx8tZ5oqDnGRyA7pyA%3D%3D%0A) Here is a guide for when to use each payload type. | Value options | **Description** | **Supports** | **When to use this mode** | | --- | --- | --- | --- | | Text | Values will be automatically converted into text regardless of their initial data type. | - Hard-coded text - Functions - Tags | Use this mode when the output of any functions or tags applied should be text or if you are simply typing in text. | | Formula | Allow values to retain their initial data type. | - Functions | Use this option when the output of any functions applied should retain their initial data type (e.g. array, object, integer, boolean). | | Number | Only accepts numbers and retains their integer data type. | - Hard-coded text | Use this option when you want to hard-code a number into a payload. If you’d like to use a formula that should have a number output, use the formula option. | | True / False | Only accepts boolean values true or false. | - Hard-coded text | Use this option when you want to hard-code a boolean (true or false) into a payload. If you’d like to use a formula that should have a boolean output, use the formula option. | | Null | Only accepts the value null. | - Hard-coded text | Use this option when you want to hard-code the value NULL into a payload. If you’d like to use a formula that should have a null output, use the formula option. | | Add an object | Allows you to create a JSON object or series of nested JSON objects with key / value pairs in Tines. | - Hard-coded text - Functions - Tags - Any of the other value options in this table. | Use this option to create a JSON object in Tines. This is often helpful for building API calls and structuring your JSON data. Please note, you can also create an object within a formula when using the formula value option in payloads. | | Add an array | Allows you to create an array or series of nested arrays in Tines. | - Hard-coded text - Functions - Tags - Any of the other value options in this table. | Use this option to create an array in Tines. This is often helpful for building API calls and structuring your JSON data. Please note, you can also create an object within a formula when using the formula value option in payloads. | > **👉 Check out our product docs on HTTP requests [here](https://www.tines.com/docs/actions/types/http-request).** ## PDF Generator Authentication Guide PDF Generator API allows you easily generate transactional PDF documents and reduce the development and support costs by enabling your users to create and manage their document templates using a browser-based drag-and-drop document editor. ## First, get PDF Generator credentials 1. Log in to your PDF Generator account 2. Click "Settings" and copy your "API key" and "Secret" to a text editor ​ ![](https://downloads.intercomcdn.com/i/o/910258233/2a9a07d09a7ee9cc28a84c4a/image.png?expires=1781611200&signature=e4977ee39e8116af78e8dec242f38057b5b255010eef216c45f02d1c4bcf3ee0&req=fSEnFMx2n4JcFb4V1XW4gT%2FTVoB18JqNlz0GRa7brh0DmP8YM9X3vvO2Yzn7%0AYkrnCwg6IFIEB9wXvbnmX6BU1Q%3D%3D%0A) ## Lastly, create a PDF Generator credential in Tines You will need to create: - One Resource: "PDF Generator username" - Two Credentials: - Text type: "PDF Generator API key" - JWT type: "PDF Generator" ##### Resource 1. ##### Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Resource" 3. Click "+ New Resource" 4. Input the values for the PDF Generator resource 1. **Name:** PDF Generator username 2. **Description:** Optional 3. **Builder:** Your PDF Generator username 5. **Optional** 1. **Access:** What other teams can also use the resource 6. Click "Save resource" ##### Text type 1. Navigate to the team that will be using the API and click "Credentials" 2. Click "+ New Credential" and select "Text" 3. Input the values for the PDF Generator credential 1. **Name:** PDF Generator API key 2. **Description:** Optional 3. **Value:** Your PDF Generator API key 4. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API 5. Click "Save" ##### JWT type 1. Log in to your Tines tenant 2. Navigate to the team that will be using the API and click "Credential" 3. Click "+ New Credential" and select "JWT" 4. Input the values for the PDF Generator credential 1. **Name:** PDF Generator 2. **Description:** Optional 3. **Algorithm:** HS256 4. **Payload:** Copy the below object and paste into the "Plain code" section: 1. Replace `` with the unix epoch time timestamp of how long the the token is valid for. - It is highly recommended to set the `exp` timestamp for a short period, i.e. a matter of seconds, that way if a token is intercepted or shared, the token will only be valid for a short period of time. ``` { "iss": "<>", "sub": "<>", "exp": "" } ``` 5. Tick "Auto generate 'iat' (Issued At) & 'exp' (Expiration Time) claims" 6. **HMAC Secret:** Your Secret 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains 2. **Access:** What other teams can also use the API 6. Click "Save" Your credential should look like the following: ![](https://downloads.intercomcdn.com/i/o/910262576/815fe6999802604f9413d8bb/image.png?expires=1781611200&signature=f7b940381b4017dda01505ba52ca1ca8322e95501c6a588ca6deadd9e32027a9&req=fSEnFM98mIZZFb4V1XW4gVwOkelR%2B4EOGnVEN7Yd09GMJxTT5%2B7ks8jhJunT%0AJNPDd5SbLbHW6rvMNYXxJGUYBA%3D%3D%0A) ​ > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of PDF Generator stories in the [story library](https://www.tines.com/story-library?s=pdf%20generator)** ## Power BI Authentication Guide Power BI is a tool that you can connect to and generate reports using your own data sources. This article will walk you through setting up a Power BI credential in Tines. ## Create a Power BI credential in Tines In your Tines tenant, navigate to the credentials section for the Team you want to create the credential in. Select “+ New” > “Manual Creation” > “OAuth 2.0” > “Create Credential”. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2195179682/61ce205e4497505d985ff31b5690/Manual+credential.gif?expires=1781611200&signature=9b7fc09e400d0b5bfb0bd37d57bdeaa234b07b20ef209af4224e0f68234a530c&req=diEuE8h5lIdXW%2FMW3nq%2BgbIuYNuHnxB7LXaIUagr%2F%2FJfdIL%2FCfr9aBSnxgD0%0Aox8ZlEEDAGaF1rSU3pfAdyH1%2BEk%3D%0A) Set name as “PowerBI” and product as “PowerBI”. Copy the callback URL for later (i.e [https://tenant-name.tines.com/oauth2/callback](https://tenant-name.tines.com/oauth2/callback)). ![](https://downloads.intercomcdn.com/i/o/am0g137l/2195181198/0f479abbc5091a2b1cfe296d672e/eea30e3e-aa7f-4048-84af-d3266db92a98?expires=1781611200&signature=0fb239397f9968e46aabe8e7195bb6b9f8b40fa1928a641380c19cce728489cc&req=diEuE8h2nIBWUfMW3nq%2BgaqqzHUobKjlg5gDXu89IjLXCGlwjnBtO7wmT%2Be0%0A0ozpMZAO0%2BZw2fNR2iLn8TmgLXw%3D%0A) > Note: There are other credentials we need to create first before we can save. Keep this tab open while you continue through this guide. ## Create Azure application > Note: If you have already created an Azure application for your Microsoft Graph credential, you could skip the application setup portion and just edit the permissions to include the PowerBI scopes/permissions. Otherwise, or if you would like to create a separate app for PowerBI, follow the next steps. Navigate to [app registrations](https://portal.azure.com/#view/Microsoft_AAD_RegisteredApps/ApplicationsListBlade) in Azure. Give the app a name, select the your desired supported account types (“Single tenant only” was used in this example). ![](https://downloads.intercomcdn.com/i/o/am0g137l/2195185862/d890fea1dee95e0a890cbbf7b11a/3b6be887-c679-40ee-9dc7-36005109faae?expires=1781611200&signature=6bcc15785129f7cabf3043d20e450ed0affe26423ef62200fcc717216f96cd2f&req=diEuE8h2mIlZW%2FMW3nq%2BgbMqPYUtkFw1s6JiVgwMLTdQ%2BLKtDmgylm9%2BGgbi%0AmB9TzrS57GvguOynBl%2BNtNzfats%3D%0A) > Note: The "Help me choose" option gives descriptions for the account types. Under Redirect URI, select “Web” for platform type and paste the callback URL from Tines into the. Click “Register”. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2195186751/38712703da5daf9044d20a84b500/676fc300-fcab-430a-a91c-9e7b49c8c4cf?expires=1781611200&signature=a05a68d68314479cf09d5dcea9a3377ec7ab439eaab30aa620d14e32c8663dca&req=diEuE8h2m4ZaWPMW3nq%2BgRlVg%2FbTdNJqYLCZvB9speMo5k8P02IM4zFb4nx9%0ABlUm6Noe20VTxc4ygkjf5qsDebg%3D%0A) Within your app, navigate to Manage > Certificates & secrets and click on the Client secrets tab. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2195186752/e0f4d1b620c06e055da62b929728/436c72a0-d657-48c0-8c7d-d601857203dd?expires=1781611200&signature=6b8e74ae42b01b69a372842a67597ea959e89d5166a4fc7fc449a0ea96f07ae7&req=diEuE8h2m4ZaW%2FMW3nq%2BgSIs3fws4m6Vy4IKnrN3R1ZGXL6Wsjdbb51Guypy%0A2IP9fhNEs2IgSNhG2to8PtoyJDw%3D%0A) Select “+ New client secret” to name and set expiration date. Note the expiration date for later. Click “Add” to generate a new secret. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2195203774/29f5f6c7555dd8b147f6551c1863/d1b8f5df-decd-40c5-9299-c92a817e722e?expires=1781611200&signature=e579b2c15d2bff17ccdeb97ab7a032c6986309b2eaba689a58a2fdbc99f2c999&req=diEuE8t%2BnoZYXfMW3nq%2BgbJMY69MzRRbZP6cLBND7zNedDLkyPiLrp8%2BrZOh%0AZ0e14UonggG4I7FyEN888kR4gv0%3D%0A) Copy the secret value to use later in our Credential in Tines. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2195205672/80dca211c29b0b0b3a8d951afec4/d8755e14-d107-4c8c-bc70-7974290f650b?expires=1781611200&signature=8bf5a43d8cf669079e82e4335a6f3dc82ea23cbadf828ef24e5861f19f753570&req=diEuE8t%2BmIdYW%2FMW3nq%2BgXynnJKakQVVd2Ti548o4t3CwTW7SIl0oOZFc0Q0%0A84BldfxgNdu%2Fxo9YpArMYMVQmAQ%3D%0A) Navigate to API permissions and click on “+ Add a permission” then scroll down to select “Power BI Service” to add the relevant Power BI permissions. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2195205675/fa9f8b8a6297ee38653ef19ec339/f02c912d-3667-49ca-bd8e-2f35706a9aae?expires=1781611200&signature=2beb69c29475be685e64e61d0841807a3d4d391051a2d4cfaaea7966bfeeb12f&req=diEuE8t%2BmIdYXPMW3nq%2BgYLWA6v%2BZ7UY1NoP16%2BO%2FhdyV83L887Mf9J5uufg%0ASegNeTp74hjZbbHeXziXHCr8d8g%3D%0A) ![](https://downloads.intercomcdn.com/i/o/am0g137l/2195205673/e23143f01cc1a7a020b0cf24be2c/27946cfd-d4a3-4cf8-bbfb-819711067109?expires=1781611200&signature=e5e844a0aa60c3c767520640a50c0a785ca44521e3fff1c949072e832fd011a9&req=diEuE8t%2BmIdYWvMW3nq%2BgW75IYG1RB2J6GX9lKuzWds9zUSWgrBi8bDe%2BznZ%0A1hXJSDpXkGBRpHCGzipri9tuEqw%3D%0A) Graph has two types of permissions: Delegated and application (see [Power BI permissions](https://learn.microsoft.com/en-us/power-bi/fundamentals/service-get-started?WT.mc_id=Portal-Microsoft_AAD_RegisteredApps)). In this example we will use delegated permissions. Add the necessary scopes you will need for the types of operations that you will be doing. Usually, the scopes are listed in the API docs (example: Get Groups [https://learn.microsoft.com/en-us/rest/api/power-bi/groups/get-groups](https://learn.microsoft.com/en-us/rest/api/power-bi/groups/get-groups)) > Note the added scopes for later Next, you may need to click “Grant admin consent” as an administrator for some or all permissions, i.e. application permissions and high-privilege delegated permissions (see [consent](https://learn.microsoft.com/en-us/azure/active-directory/develop/permissions-consent-overview#consent)). Return to the overview section and copy the following for later: - Application (client) ID - Directory (tenant) ID Select “Endpoints” in the Overview section and copy the following for later: - OAuth 2.0 authorization endpoint (v2) (example: [https://login.microsoftonline.com/your-directory-tenant-id/oauth2/v2.0/authorize](https://login.microsoftonline.com/your-directory-tenant-id/oauth2/v2.0/authorize) - OAuth 2.0 token endpoint (v2) (example: [https://login.microsoftonline.com/your-directory-tenant-id/oauth2/v2.0/token](https://login.microsoftonline.com/your-directory-tenant-id/oauth2/v2.0/token]\(https://login.microsoftonline.com/33e1b5d3-361d-4859-be90-6f3cd100757f/oauth2/v2.0/token\))) ## Finish Creating Power BI Credential in Tines Return to the credentials screen in Tines we left earlier in the guide. > Choose either 1a or 1b as your method of authentication 1a. OAuth 2.0 (Authorization Code Grant Type) - Paste Application (client) ID in Client ID field - Paste secret value into Client secret - Insert a space-separated list of scopes that match with the API permissions you selected in your Azure Application (example below) into Scope: - [https://analysis.windows.net/powerbi/api/Dashboard.Execute.All](https://analysis.windows.net/powerbi/api/Dashboard.Execute.All) - [https://analysis.windows.net/powerbi/api/Dashboard.Read.All](https://analysis.windows.net/powerbi/api/Dashboard.Read.All) - [https://analysis.windows.net/powerbi/api/Dashboard.ReadWrite.All](https://analysis.windows.net/powerbi/api/Dashboard.ReadWrite.All) - [https://analysis.windows.net/powerbi/api/Dashboard.Reshare.All](https://analysis.windows.net/powerbi/api/Dashboard.Reshare.All) - [https://analysis.windows.net/powerbi/api/Dataset.Read.All](https://analysis.windows.net/powerbi/api/Dataset.Read.All) - [https://analysis.windows.net/powerbi/api/Dataset.ReadWrite.All](https://analysis.windows.net/powerbi/api/Dataset.ReadWrite.All) - [https://analysis.windows.net/powerbi/api/Workspace.Read.All](https://analysis.windows.net/powerbi/api/Workspace.Read.All) - [https://analysis.windows.net/powerbi/api/Workspace.ReadWrite.All](https://analysis.windows.net/powerbi/api/Workspace.ReadWrite.All) - Set Grant type as Authorization code - Paste the OAuth authorization endpoint into the OAuth authorization request URL (example: [https://login.microsoftonline.com/your-directory-tenant-id/oauth2/v2.0/authorize](https://login.microsoftonline.com/your-directory-tenant-id/oauth2/v2.0/authorize)) - Paste the OAuth 2.0 token endpoint into the OAuth token URL (example: [https://login.microsoftonline.com/your-directory-tenant-id/oauth2/v2.0/token](https://login.microsoftonline.com/your-directory-tenant-id/oauth2/v2.0/token)) - PKCE challenge method: None - Paste the following in Domains separated by spaces: - \*api.powerbi.com\* \*login.microsoftonline.com\* Optional - Set the teams this credential can be used in access and set expiry notifications recipient in expiry notifications. - Select save. 1b. OAuth 2.0 (Client Credentials Grant Type) - There are some additional steps outside of Tines for Client Credentials. - In the Azure Application, under Expose an API, add an Application ID URI. Select Save. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2360973589/dd0115b4a8627e5ca46bfdd3eb30/5c6cd931-5375-49d2-aa32-97cec4a3153f?expires=1781611200&signature=7ffbcb72235b1f4a9e6520235189c77d18d835ff0efb60239d0923a89ffbe872&req=diMhFsB5noRXUPMW3nq%2BgaaFxiaXhm0PoNhNWmtW%2BgJ%2BTuw5iySBbt%2FoaPsk%0Ai7dTGVaFc8W8bTu31%2BHnJufEeJU%3D%0A) ![](https://downloads.intercomcdn.com/i/o/am0g137l/2360973590/d5021f02893e2d1a583593c225d3/8710457e-ec50-463b-97c5-981bc428d101?expires=1781611200&signature=666f652e35e731e3d136f64239f2c5fd3517ee8e8534acca8c1ee4125fe4125d&req=diMhFsB5noRWWfMW3nq%2BgfbufwP1ky3E0zE8RrIq9td3kolb70%2FVeJlBMcKE%0Add7MLlBBfzN65jwI4fnY9fencHA%3D%0A) - In your PowerBI Workspace (Not “My Workspace”), navigate to “Manage access” and select “Add people or groups”. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2360973588/ce6c5dad1721c96b0d7e7041a738/788adb4e-32bc-481d-a4c3-456d8924dd83?expires=1781611200&signature=db668480d039dfcb7fef12327751a381e0ae73f5d19ae6dc3fc4cc50c3d3a04b&req=diMhFsB5noRXUfMW3nq%2BgbZXti2USIEA3f9rUnLr4vO6CL65%2F23HjImcfND7%0AxpS%2BMJR3LTSwhoMg5O%2Bo2o2%2FYCc%3D%0A) ![](https://downloads.intercomcdn.com/i/o/am0g137l/2360973592/37839a802f6d422fe7247f3e13f6/17e53f31-958f-4978-b207-73d861aa0883?expires=1781611200&signature=d584c308dc779a77256bde4074ab52ad64f5da92e2151ccb70ca81b5ee97a334&req=diMhFsB5noRWW%2FMW3nq%2BgfFItRAZ4KzsXiYfaDmP8pxtVVxpXB8J4ZOF6Pjq%0AiRFacikBUZnYCGU93KvBWAbBikw%3D%0A) - Search for the name of your Azure Application (the AppID in PowerBI will match the client ID from Azure). Add the App as an Admin and save. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2360973587/375d359e90e6eb5620c3e662cb29/da1dda1f-c679-4300-9098-f1d482079b20?expires=1781611200&signature=fc8cf33e00f1365e5cee28c656c9922010fc6cbef5b5c3bbc6dc730bc7339984&req=diMhFsB5noRXXvMW3nq%2BgSvbL9OHmhmbbccv76J5Fsy4Hxe8jkQ1gj6%2BPvS7%0AKYk2mOP2ditdrQUm%2BdivC%2Fzbz4s%3D%0A) - Back in Tines - Paste Application (client) ID in Client ID field - Paste secret value into Client secret - Paste the following into Scope - [https://analysis.windows.net/powerbi/api/.default](https://analysis.windows.net/powerbi/api/.default) - Set Grant Type as Client credentials - Paste the OAuth 2.0 token endpoint into the OAuth token URL (example: [https://login.microsoftonline.com/your-directory-tenant-id/oauth2/v2.0/token](https://login.microsoftonline.com/your-directory-tenant-id/oauth2/v2.0/token)) - Set the following for URLs and Domains ![](https://downloads.intercomcdn.com/i/o/am0g137l/2360973591/b432972cec62f4f8dcfbcdc40ca1/b17b0e2a-d23f-4d71-9a83-bfb14c03a079?expires=1781611200&signature=d167c2069ebe2bf3400b7e6a752bc1092ec9363aff24fac6e110e885b2ec51c4&req=diMhFsB5noRWWPMW3nq%2BgSBY%2BNW9WKsk%2BvNjmIL%2FhYsG%2BlYTXKFejlbyRSzd%0AchOHUM0avqMs%2BDWPDGpqEfjeG5w%3D%0A) 2\. Save and then authorize Microsoft account. 3\. Test with an HTTP request that is within your permissions (example Get Groups). ``` {"standardLibVersion":"87","actionRuntimeVersion":"71","agents":[{"disabled":false,"name":"Get Groups","description":"Returns a list of workspaces the user has access to.\n\nhttps://learn.microsoft.com/en-us/rest/api/power-bi/groups/get-groups","options":"{\"url\":\"https://api.powerbi.com/v1.0/myorg/groups\",\"method\":\"get\",\"headers\":{\"Authorization\":\"Bearer <>\",\"Content-Type\":\"application/json\"}}","position":{"x":2415,"y":855},"type":"httpRequest","timeSavedUnit":"minutes","timeSavedValue":0,"monitorAllEvents":false,"monitorFailures":false,"monitorNoEventsEmitted":null,"aiMonitoringThresholds":[],"caseConfiguration":{"subStatus":null,"tags":[]},"recordType":null,"recordWriters":[],"form":null,"createdFromTemplateGuid":null,"createdFromTemplateVersion":null,"templateTags":[],"originStoryIdentifier":"cloud:c18f5f5beb294f638984cec56ebf3515:72a1c33baa387d031f0775fdd62e118d"}],"sections":[],"links":[],"diagramNotes":[]} ``` ## Preferred AI providers FAQs ## **Is there a specific LLM a Tines builder should consider?** No - the right LLM for one business might be different from another. Customers can choose to use the one their organization already has in place. We created [this Tines story](https://www.tines.com/library/stories/1281993/?name=compare-prompts-across-llm-models-in-openrouter) to help you compare prompts across different LLMs and find what works best for you. ## **Does using a different AI provider affect the security of using AI in Tines?** No. Customers engage with third-party applications at their own risk, as is the current status at Tines. Regardless of which LLM is used, Tines will still handle customer data using our same security and privacy rules. > For more, see “Topics and common questions” in the [Tines Trust Center](https://trust.tines.com/) or this blog on [keeping a security mindset with AI](https://tines.com/blog/securely-bringing-your-own-ai-to-tines/). ## **Does using a preferred AI provider bring in any extra costs?** No extra costs are incurred with Tines specifically. Costs will be associated with the separate AI provider the customer uses. - [AI Agent action](https://www.tines.com/docs/actions/types/ai-action/): No longer costs run-time credits as Tines run-time credits are no longer consumed. Tines no longer incurs a cost when the action is triggered – much like [Automatic mode for Event Transform](https://www.tines.com/docs/actions/types/event-transformation/automatic/). - [Workbench](https://www.tines.com/docs/workbench/) is still a paid add-on, with its cost unaffected by the LLM you choose. > For more on Tines pricing and packaging, read [here](https://explained.tines.com/en/articles/9620399-understanding-tines-pricing-and-packaging). ## **Does using a preferred AI provider affect how the different AI in Tines features are used?** Different LLMs excel at different tasks. For AI features in Tines, we recommend using a model equivalent to the ones Tines supports to experience quality AI outputs. Tenant admins can switch to another available LLM or revert back to the Tines default at any point. ## **How can tenant admins get set up with their own AI model?** Have the AI API key handy for their Anthropic or OpenAI provider. Navigate to **AI settings** - **Providers** - **Custom provider** - choose the provider and enter the API key > Watch a step-by-step [here](https://tines.com/docs/admin/ai/). ## **Can builders bring their own AI provider into a community edition tenant?** Yes, using a custom AI provider in Tines is available for all tenants. ## Can access to an AI provider be restricted to specific teams? Yes. Tenant owners can scope any AI provider to specific teams, rather than making it available to all teams by default. This is useful when you want to manage costs, meet compliance requirements, or roll out a new model incrementally. The team that owns the provider's credential will always have access. All other teams have access by default unless the provider is explicitly scoped. You can configure team access in Settings > AI settings > select the provider > Configure > Access and deselect Grant access to all teams on this tenant" to make changes. ## **Who can builders reach out to with questions or troubleshooting?** - Tines builders should utilize the Tines in-product chat or reach out to their account teams with general questions. - For troubleshooting, builders can start with our Support team; however, they should note that issues may be with their AI provider, not Tines, and should reach out to that vendor. - For builders with self-hosted tenants, we recommend working with Professional Services for effective setup and understanding. > Bookmark our [Admin-AI docs](https://www.tines.com/docs/admin/ai/) and [Use a preferred AI provider in Tines](https://explained.tines.com/en/articles/10371885-use-a-preferred-ai-provider-in-tines) for all available resources on using a preferred AI provider. ## Public cloud cost automation Understanding and managing cloud infrastructure costs is a critical challenge for many organizations, who often view these expenses as OpEx (ie. paid for monthly) rather than CapEx. Without a clear understanding of the expense required to run resources in their cloud provider, some customers are forced to consider moving from public cloud to private cloud specifically due to cost concerns. Tines helps you overcome this challenge by collecting cost metrics and information and displaying it in a meaningful manner. [Watch video](https://fast.wistia.net/embed/iframe/r3763bem4e) ## Unifying cloud cost metrics The Tines platform can be used to gather and analyze infrastructure cost data across your environment. Utilizing tools like [Workbench for Storyboard](https://explained.tines.com/en/articles/13572150-introduction-to-story-copilot), Tines collects key information geared toward showing how much a system or service is costing your organization. We can collect data for various resources, including: - **Compute:** EC2 instances, and Kubernetes environments such as EKS, GKE, and AKS. - **Storage:** EBS volumes and snapshots. - **Networking:** Elastic IP addresses and NAT gateways. All of this data is collected, centralized, and visualized in a single pane of glass. This visualization can provide a complete breakdown of charges, such as costs for EC2 instances versus EKS nodes, an overall count of the resource inventory, and a summary cost report. > Note: While Tines offers a Tines Page for visualization, this information can also be integrated into another application if preferred. ## Visibility across hybrid environments Since most organizations operate in hybrid environments, Tines is built to be cloud-agnostic. It can go out to various platforms and applications, including AWS, GCP, Azure, Oracle Cloud, private cloud providers, or on-premise systems to collect the necessary information. Tines aggregates this complex data at a central point (known as an "implode"), pulling together information from all platforms to provide a cohesive view of your environments. ## Driving actionable cost optimization Once the data is aggregated, you can use Tines to leverage it for proactive cost management: - **Executive reporting:** Roll up the total spend for all environments and distribute it by email to executives. - **Optimization recommendations:** Pass collected cost metrics to a [Tines AI Agent](https://explained.tines.com/en/articles/11541238-get-started-with-agents), which can help you make decisions for cost savings. These recommendations may include right-sizing or configuration drift analysis using a Tines workflow. - **Historical analysis:** Store the cost information in [records](https://explained.tines.com/en/articles/7971187-introduction-to-records) to enable month-over-month analysis. ## Pulsedive Authentication Guide Pulsedive is a threat intelligence platform that combines known community threat intelligence into one place and vets that data to reduce noise and help make determinations. It correlates observed IOCs by ASN or country and more complex characteristics like HTTP headers and PTR records. ### First, get a Pulsedive API key 1. Login to your Pulsedive account at [https://pulsedive.com/login](https://pulsedive.com/login) 2. From your account menu, click "Account" ​ ​ ![](https://downloads.intercomcdn.com/i/o/852347962/b34a31ed7fcb157cedf0c01d/image.png?expires=1781611200&signature=679e0637cc14547a435336a93a24debc9deba106fa287718ed8d7bf8837b9f1d&req=fCUlFc15lIddFb4V1XW4gdTZEqglAnAvZmKVzzgSiXQwE7yUQ4UGl7ps2ea2%0AscrONgOF3Pu%2FUa%2BiWflH3Ahn%2FQ%3D%3D%0A) ​ 3. Copy your API key ​ ​ ![](https://downloads.intercomcdn.com/i/o/852348569/c31548afc6736c5fec099485/image.png?expires=1781611200&signature=00a76c54a3f2554a63f886fa682020f2bfacafc27bfa53c62d57ebb74af41119&req=fCUlFc12mIdWFb4V1XW4gUad2z24YLijHi1dudrNPeQJn7tx49ep1veuUN9C%0AzBM3%2BMOwd0XpTi1IavMyCJ6TFw%3D%3D%0A) ### Then, create a Pulsedive credential in Tines **Pulsedive connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Pulsedive" and follow the prompts to connect. **Manual credential creation** This method is not recommended as the Pulsedive connect flow creates this credential with much less complexity. However, if you need to create this credential set manually, see the following steps below: 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Text" 4. Input the values for the Pulsedive credential 1. **Name:** Pulsedive 2. **Description:** Optional 3. **Value:** Your API key 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API 6. Click "Save" > **Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/pulsedive).** > > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Pulsedive** **stories in the [story library](https://www.tines.com/library?s=pulsedive&view=all)** ​ ## Qualys Authentication Guide The Qualys Cloud Platform gives you a continuous, always-on assessment of your global IT, security, and compliance posture, with 2-second visibility across all your IT assets, wherever they reside. And with automated, built-in threat prioritization, patching and other response capabilities, it’s a complete, end-to-end security solution. Authentication with Qualys is performed via ‘Basic Authentication’. With this method of authenticating, valid Qualys user account credentials are required to make API requests to the Qualys API servers. These servers are hosted at the Qualys platform, also referred to as the Security Operations Center (SOC), where your account is located. > **Important note:** > Qualys user accounts that have been enabled with VIP two-factor authentication can be used with the Qualys API. However, two-factor authentication is not used when making API requests. Two-factor authentication is only supported when logging into the Qualys product. ### Create a Resource and Credential in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Resource" 3. Click "+ New Resource" 4. Input the values for the Qualys resource - **Name:** Qualys\_user - **Description:** Optional - **Builder:** Your Qualys username 5. **Optional** - **Access:** What other teams can also use the resource 6. Click "Save resource" 7. Navigate to the team that will be using the API and click "Credential" 8. Click "+ New Credential" and select "Text" 9. Input the values for the Qualys credential - **Name:** Qualys - **Description:** Optional - **Value:** Your Qualys password 10. **Optional** - **Domains:** Ensure that this credential can only be used when making HTTP requests to specific domains - **Access:** What other teams can also use the credential 11. Click "Save" > **More on creating credentials in Tines [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Qualys stories in the [story library](https://www.tines.com/library?s=qualys&view=all).** ### Using the credential in an action Here is an example Qualys action you can copy and paste onto your storyboard in Tines: ``` {"standardLibVersion":"35","actionRuntimeVersion":"4","agents":[{"disabled":false,"name":"List Reports in Qualys","description":"List Reports in Qualys","options":"{\"url\":\"https://<>/api/2.0/fo/report/\",\"method\":\"get\",\"payload\":{\"action\":\"list\"},\"headers\":{\"X-Requested-With\":\"Tines\"},\"basic_auth\":[\"<>\",\"<>\"]}","position":{"x":1455,"y":1515},"type":"httpRequest","timeSavedUnit":"minutes","timeSavedValue":0,"monitorAllEvents":false,"monitorFailures":false,"monitorNoEventsEmitted":null,"recordType":null,"recordWriters":[],"form":null,"cardIconName":"httpRequest","createdFromTemplateGuid":"d10e9805682e7786d922352f9d00077127037a8ca762627c20b8a33201a311cd","createdFromTemplateVersion":null,"originStoryIdentifier":"cloud:aa47f8215c6f30a0dcdb2a36a9f4168e:d4c15df0f02ba4789095426607003199"}],"links":[],"diagramNotes":[]} ``` ## Recorded Future Authentication Guide Recorded Future empowers organizations to reveal unknown threats before they impact business and enables teams to respond to alerts 10 times faster. To supercharge the efforts of security teams, their technology automatically collects and analyzes intelligence from technical, open web, and dark web sources and aggregates customer-proprietary data. ## First, get a Recorded Future API key If you have already acquired your API token for the Tines Integration with Recorded Future, please follow the instructions below. If you do not currently have access to an API Token for the Tines Integration and are an existing Recorded Future customer please contact your Account Manager to obtain your token. ## Lastly, create a Recorded Future credential in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Text" 4. Input the values for the Recorded Future credential 1. **Name:** Recorded Future 2. **Description:** Optional 3. **Value:** Your API key 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API 6. Click "Save" > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Recorded Future** **stories in the [story library](https://www.tines.com/library?s=recorded%20future&view=all)** ## Records FAQs ## How many record types can I have on my Tines tenant? You can have 50 types of records per team in Tines. ## Is there a limit to the number of characters in a record? Yes. The limit for the text field in a record is 15,000 characters. > To view other limits within records, read our [docs](https://www.tines.com/docs/records/limits/). ## Referencing Credentials This guide explains the different ways to reference credentials and find their IDs within your Tines environment. ## Referencing an existing credential in a story When building a story, you can directly reference an existing credential in a story using `CREDENTIAL.your_credential_name` in the builder, as shown below. Example: `CREDENTIAL.slack_tines` ![](https://downloads.intercomcdn.com/i/o/am0g137l/2107134501/cc482a98d912749295d2cdc7d256/3da72adf-b38a-4a8a-b43d-7d45daa2e132?expires=1781611200&signature=d009d3a42a1dce4b2e4f456c482576f8407f06af7b32c348290e1d9cf3abe209&req=diEnEch9mYRfWPMW3nq%2BgdfekUznZI%2FT56kiUiS3Zuz%2Bnh%2F3bQUfX0ejlzru%0AKqMZWik3YHYlow6ptU%2BqvdmBQ8U%3D%0A) You can also use the credentials List API to retrieve a list of credentials. To learn more about the Credentials API including examples [see here](https://www.tines.com/api/credentials/list). ## Referencing a credential created in a previous action To reference a credential you created in a previous action, use the `GET()` function to get the credential. Example: `GET(CREDENTIAL, previous_action.body.name)` ### Handling name formatting: If the name of the credential from the previous action is not already in snake case, you may need to wrap the name path in the `TO_SNAKE_CASE()` function. Example: `GET(CREDENTIAL, TO_SNAKE_CASE(previous_action.body.name))` To learn more about using the `GET()` function, click [here](https://www.tines.com/docs/formulas/functions/get/). ## Finding the ID of a credential The unique ID for a credential can be found directly in your browser's address bar when viewing the item in your Tines team's console. 1. Navigate to Credentials in the relevant team. 2. Select the specific credential. 3. The ID is the segment of the URL that follows /credentials/. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2107145287/73251265f26b7fbcd01af0020e4e/b71c20c6-d42b-4227-aaab-b6431e68de61?expires=1781611200&signature=35bcdc65cb1057c2b449831d464f2b8bbdd4e0c7a494573c4586ba5053a4d6bd&req=diEnEch6mINXXvMW3nq%2BgVvrK0UMdg3h6Q1oRLkW4zTmN0wAq2hZmp9KHZHm%0AEOLFH8AtK%2FIWCbmtDW50V8G1HnY%3D%0A) ## Removing team members You can remove team members from a team by clicking on your team name in the top left and navigating to your settings. From here, click "Users". Click the three dots beside the name of the user you wish to delete. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1810239922/444407bcd9d2e2056636044e3cd4/CleanShot+2025-11-03+at+10_48_02%402x.png?expires=1781611200&signature=ee7f2e23be5a18baa35328c382a4d4dcd91f07248af7e9e5ff683a3f39ead2ba&req=dSgmFst9lIhdW%2FMW3nq%2BgZ161OLXsF6vFCQkEgMdlZW1cBSGBqPBaz96z8q%2B%0AUPxPHZBBTD52NA9XFBF2KyhC1QU%3D%0A) > **Note:** You cannot undo this action. The user will be deactivated immediately and enqueued for deletion. ### **When a user is deleted in Tines, what happens to their stories, credentials, and resources?** When a user is deleted in Tines, the Stories, credentials, and resources saved in a team will remain available. The deleted user's drafts will be deleted. Any shared credentials in those drafts will also be deleted. ### **What happens to a Tines API key when the user account that created it leaves the tenant?** When a user creates a Tines API key, there are several levels of access they can set during creation: - **Tenant owner:** Access to the entire tenant - **Team:** Role-based access to a specific team on the tenant - **Service:** Access to [tenant permissions](https://www.tines.com/docs/admin/user-administration/#tenant-permissions) - **Personal:** A key tied to your identity and permissions > **Note:** The level of access the user can select at the time of the API key creation also depends on the user's permissions within the [tenant](https://www.tines.com/docs/admin/user-administration/#permissions)/[team](https://www.tines.com/docs/admin/teams/). Let's look at an example. We have a user named Jane Tino, who, within their tenant, is a tenant owner and also a [team admin](https://www.tines.com/docs/admin/teams/#_1-team-admin) of "Team Automation". This would give Jane access to all four access levels mentioned above. Within Team Automation, Jane creates Tines API keys for each level as [credentials](https://www.tines.com/docs/credentials/). - If Jane's account is active in the tenant, all four API keys will work as intended. - If Jane's account exists in the tenant but is deactivated, the *Personal API key* will break (returns a `401` status code), while the other three will still work as expected. If Jane's account is re-activated, the Personal API key will continue working again. - If Jane's account is completely deleted from the tenant, the *Personal API key* will break (returns a `401` status code), while the other three will still work as expected. - If Jane is re-invited back to the tenant, the *Personal API key* will not work (returns a `401` status code), while the other three will still work as expected. In summary, when a user is deactivated or removed entirely from the tenant, the only API key that stops working is their Personal API key. Even if they are re-invited to the tenant, the Personal API key from before will still not work. ## Resources in Tines Resources provide a way to store information in a single, centralized location that can then be accessed from any action within Tines. This eliminates the need to update the same information in multiple places when changes occur. Think of resources as your automation's shared knowledge base—centralized information that can be accessed across your entire Tines environment. Tines supports: - Plaintext resources - JSON objects (such as arrays) - Files (with a 5MB size limit) ### How to create resources Resources can be created in two ways: 1. Selecting "Resources" in the menu opened by clicking your team name in the top left. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1807175220/e05eac8f5bb6169b0ac1886aa220/CleanShot%2B2025-10-31%2Bat%2B17_59_45-402x.png?expires=1781611200&signature=a922f33b550f5aa5ea6fdf05f5564cfd43e60040c396bf3c1b50ee26021ef585&req=dSgnEch5mINdWfMW3nq%2BgShfTVakemfgnw%2FExjYW4igGe9aJxlcAsRRdxVwT%0ArDVuqYWC2pg0%2F5ikOHKJzCA7U70%3D%0A) 2. From the storyboard by selecting the "+" next to the word Resources in the right-hand panel. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1807179140/6c01736b15ffc2d7398e04b7139d/CleanShot%2B2025-10-31%2Bat%2B18_02_49-402x.png?expires=1781611200&signature=c5e39310edd4252c0359d283d1615acdbe1df2d1206cc9ea5f4596b01e5c2d8e&req=dSgnEch5lIBbWfMW3nq%2BgbjNCSGSOrsRCYiC%2BoaGKSH6LWeslFDa9Wlcffmb%0AyqdxltOSksNirR1c2ekU7SY0DdM%3D%0A) To use a resource in an action, you reference it with the `RESOURCE` key in formulas. When the action runs, the resource placeholder is replaced by the contents stored in the referenced resource. > **Note:** If a resource is renamed, its name will change in any of the stories it's used in. ### Resource sharing Resources have configurable access controls: - By default, resources are only accessible to the team they are created within. - The team that owns the resource will always have access to it. - Resources can be shared with all teams in the tenant, including personal teams, by selecting the 'All teams' access option. - Resources can be shared with specific teams by selecting the desired team names. When resources with the same name are shared across multiple teams, a story will use the resource located within the same team as the story. > **Note:** When a user is deleted in Tines, the resources they created and saved in a team will remain available. #### Finding the ID of a resource To find the ID of a resource, navigate to "Resources" in the relevant team, and select the resource. The ID of the resource is shown in the address bar after `/resources/` ![](https://downloads.intercomcdn.com/i/o/am0g137l/1803232577/43feb1309f3f760d1d99de26f691/image.png?expires=1781611200&signature=4423da21939293931302fb1255e95c4fe8803792889706efb9c1f50a0384a697&req=dSgnFct9n4RYXvMW3nq%2BgWm5Gbnhej8xAQJP0Gmen7X7M02hNEMd%2F9NmeRhN%0AxWBr35%2BatnLXk0dZ%2FSF0pqpbzII%3D%0A) ## Duplicating a resource Duplicating a resource within a team makes it easier to create variations of existing resources without starting from scratch. To duplicate a resource, click on the three-dot Actions button beside the resource and click on ‘Duplicate’. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2061498107/6259f64e99325d3f3075d99dcdc6/9636405b-bc6b-48a7-b7c4-a12b45cf311e?expires=1781611200&signature=430549a3bb0a8cf664518401aefa7f89711ca080eff848096835dc4f9ae50721&req=diAhF813lYBfXvMW3nq%2Bge8uzhdZArXt7%2ByhkcJxx%2BVD0Ezz0yz38zjLCLwC%0AkLUlR%2B1vghhUb7%2FAMGIyLzf1r9w%3D%0A) ## Roles in Tines All members of a team or group must be assigned a role in Tines. Each role has a set of permissions assigned to them which will give read and/or write access to objects in the team or group. ## **How do I invite users to a team?** Adding members to a team is simple: 1. Open Tines and click on your team name 2. Click `Settings` and then `Users` 3. Hit `+New` and enter the email address of the user you want to invite. You can separate multiple email addresses with a comma. 4. Optional: Assign teams and roles After a team member accepts the invitation, you can configure their role. [Embedded content](https://demo.arcade.software/UF8NhjRURbTuThvTbQlG?embed) ## Roles These are the roles available in Tines: - Team Admin - Editor - Viewer - Case manager - Workbench User - Dashboard Manager - Dashboard Viewer > Note: A user can only have one role. Roles cannot be combined to grant additional permissions. ### Team Admin This role gives the user unrestricted read and write permissions to all objects in Tines. Team admins can: - Read stories, resources, credentials, events - Read cases - Create / update stories, resources, credentials, cases, records & dashboards - Run an action - Import / export stories - Publish / push stories - Manage team members (add / remove) - Share, move & delete objects (stories, resources, credentials) - Author Workbench presets - Use Workbench presets - Configure dashboards - Edit dashboard layouts and charts - Manage dashboards ### Editor This role gives the user read and write permissions to most objects in Tines, but unlike the team admin role, they cannot delete stories, resources or credentials. Editors can: - Read stories, resources, credentials & events - Manage cases - Create / update stories, resources, credentials, cases, records & dashboards - Run an action - Import / export stories - Publish / push stories - Author Workbench presets - Use Workbench presets - Manage dashboards ### Viewer This role gives the user read-only permission to most objects in Tines. Viewers can: - Read stories, resources, credentials & events - Read cases ### Case manager > Note: This role is only available to customers with cases enabled. This role gives the user read and write permissions to cases, while restricting access to other objects on the team such as stories, resources, credentials and events. This role is useful for users who work with cases and do not need access to many other aspects of the system. Note that while Case managers are not able to access most objects in their team, they are still able to author stories in their drafts and access objects (resources, credentials, stories for "send to story") shared globally with all users. Case managers can: - Read cases - Create / update cases - Create / update dashboards ### Workbench User This role grants access to use configured Workbench presets on the team. Any credentials that are configured on the Workbench preset may be used only through Workbench but cannot be changed or viewed. Workbench users can: - Use Workbench presets > Note: Workbench users cannot access any other part of Tines in that team. ### Dashboard Manager > Note: The Dashboard Manager and Dashboard Viewer roles are only available to customers with cases enabled. This roles grants access to view and configure dashboards, including making changes to layouts and charts Dashboard managers can: - Configure dashboards - Edit dashboard layouts and charts - View dashboards ### Dashboard Viewer This role grants access to view dashboards without the ability to make changes Dashboard Viewers can: - View dashboards ### Custom roles [Embedded content](https://demo.arcade.software/UY8nEVk55IoEKFXTO4VT?embed) If you are looking for information on creating custom roles, click [here](https://www.tines.com/docs/admin/user-administration/custom-roles/). ## Schedules in Tines A Tines schedule is a way to set a workflow or action to run automatically at a specific time or at a recurring interval. ### How do I schedule my story? Only stories **published to a team** can be scheduled. To publish a story, move the story from your drafts to one of your teams. To schedule a story, click on the first action and click "Status". The schedule option will be available as shown below. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1806366831/a919326741f148e5ba86e6e3d869/Screenshot%2B2023-04-28%2Bat%2B11_59_17.png?expires=1781611200&signature=ae31a3284dc4691a94115f0cd0f3b6a70ac949c815b832fe67411138b827d5ed&req=dSgnEMp4m4lcWPMW3nq%2BgQWC46KKMt8Me6L7iaMqGYhZ2ZLajRQ6yDWJZa2j%0AdZ0kMgjA8O%2F2HCptScV21GSDGlY%3D%0A) > **Note:** Actions inside a [group](https://www.tines.com/docs/stories/groups) cannot be scheduled. Groups can be scheduled to run. ### How can I schedule an action in Tines? You can schedule the following actions in Tines. - HTTP Request - Send Email - Event Transform - Send to Story > **Note:** To use them to schedule your story, ensure the scheduled action is the first action in the story flow. To schedule an action, click the action and then "Status" and add the schedule as shown below. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1806367160/bcb38d9b7de84eb5943eb8efc86b/Screenshot%2B2023-09-25%2Bat%2B10_47_46.png?expires=1781611200&signature=f02dec22b22428a347e7ce8aca79532d7209610c51dc252cf4adfba246f2a105&req=dSgnEMp4moBZWfMW3nq%2BgZD63nB0curxE%2FSPgNsoWT5YHDv0duE%2Fjvnrrh9H%0AxTXUyG0BXBLJ7TnO2n%2BsXMY4jSk%3D%0A) You can schedule the action by the minute, hour, day, week, month, or a cron expression. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1806367161/fd2740f0a1d29a9d05a65db4ed32/Screenshot%2B2023-09-25%2Bat%2B10_52_51.png?expires=1781611200&signature=7059823d89f1123d9b581e20e74d0d6a854e43de91d27a9f7731b7e69717785a&req=dSgnEMp4moBZWPMW3nq%2BgZkAkjPRnFA2u3PsiTbght3Y9%2Fk7a6h3wWhJCgcw%0AHNFtf%2BKlmAXOkhw1%2BiELkAnDBRM%3D%0A) > **👉 To learn more about using actions in stories, [see here](https://www.tines.com/docs/actions).** ### Schedule limitations The shortest frequency for [scheduling an action](https://www.tines.com/docs/actions/configuration#common-config) is one minute. The longest frequency (besides setting up a cron schedule) is once a month: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1806369466/6891a6678bebc5fbd5736a1ec238/image.png?expires=1781611200&signature=2f9482de8ddcc3231510fa40b4ece0ee8b057d4dc263a130ddf1159f7c2e333c&req=dSgnEMp4lIVZX%2FMW3nq%2BgaF0OqDs2aLUgcmwkK56JuGPl3eAMx4yH0C%2BNbU2%0AWTCBE2c9TPyRTsNSR84ckNplSaY%3D%0A) > **Note:** Each story run is independent and should not impact other story runs. If you are scheduling your actions on a short frequency, we recommend reducing your story event retention (via **Keep events and logs**) to avoid hitting any potential tenant event limits. ## Script error: "The script payload is too large to be processed" ## Overview When building out Python scripts in Tines, you may run into the following error message after executing the script action: ``` The script payload is too large to be processed. - Request must be smaller than 6291456 bytes for the InvokeFunction operation ``` ## Cause and solution This error is caused by a platform limitation with AWS Lambda, the service we use to execute Python scripts that are built within your stories. The maximum size allowed for the invocation payload is 6MB. > 🟢 **Solution:** We recommend reducing the size of your Python script, for example, by splitting it out into multiple actions. ## Need further assistance? Here are resources to help better understand the behavior surrounding the limitation: - Tines: [Using Python in Tines: a quick how-to guide](https://www.tines.com/blog/python-tines-how-to-guide) - AWS: [Lambda quotas](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-limits.html#function-configuration-deployment-and-execution) ## Security & privacy for AI in Tines All AI in Tines is powered by large language models, running on our infrastructure. By running the models in this way, we have avoided new risks related to data transport, storage, or sub-processing. ## **Language models** Language models (used by [Automatic mode](https://www.tines.com/docs/actions/types/event-transformation/automatic), the [AI Agent action](https://www.tines.com/docs/actions/types/ai-action/), and [Workbench](https://explained.tines.com/en/collections/10398899-workbench)) run directly in our infrastructure provider, AWS. Language model authors (like Anthropic or Meta) do not have access to or visibility of the running model in AWS, and Tines does not maintain a direct relationship with these entities. AWS does not perform any training based on prompt data or usage metadata, nor does it log any input/output model data. ## Private and secure by design Because the language model runs within Tines’ infrastructure, we achieve a very high standard of privacy and security: | ✓ Stateless | x No public networking | | --- | --- | | ✓ Private | x No training | | ✓ In-region | x No storage | | ✓ Tenant-scoped | x No queries or output logging | ## Security Scorecard Authentication Guide SecurityScorecard uses data from publicly available commercial and open-source feeds across the internet to get an “outside-in, hacker perspective of a company’s cybersecurity posture.” A score is a moment-in-time capture of the security profile of a company. ### First, get a SecurityScorecard API key 1. Login to your SecurityScorecard account at [https://platform.securityscorecard.io/#/start](https://platform.securityscorecard.io/#/start) 2. Click on the menu in the top right and select "My Settings" ​ ![](https://downloads.intercomcdn.com/i/o/848700691/f9e3d551ac79d5406ae52e94/image.png?expires=1781611200&signature=fef6dc0d8a23df3719e581a9dadff0236442752d7f8ed0715c4608cf52a12c53&req=fCQvEcl%2Bm4heFb4V1XW4gdCRa9dMRHP7DZDJYt0LJWxXD8ykNTcJ4bOOQVO%2F%0AcbY8waVTRW20KCWmB4pIT8MYHA%3D%3D%0A) ​ 3. Select "API" and then click on "Generate New API Token" ​ ![](https://downloads.intercomcdn.com/i/o/848702080/f65466ac148cc995b6ca82b1/image.png?expires=1781611200&signature=8ce3dbfe71a72a0da5a6bba2135a373c90298cadc275fc3aa201e7c9ceb377ab&req=fCQvEcl8nYlfFb4V1XW4gR4NbC1baHADi5%2FnoOi0ZpAWxO0Z6F1lZweGLtDN%0A5EqOHLztUmQV8HSUsHJGIT1wPA%3D%3D%0A) ​ 4. Read the warning message and click "Confirm" ​ ![](https://downloads.intercomcdn.com/i/o/848702901/b67182b0d6532b79f717c0de/image.png?expires=1781611200&signature=56cea321a48c5b7077c25f15b84f50177245cf4cc4e3046657d83e5d3b5aa7bb&req=fCQvEcl8lIFeFb4V1XW4geoglAhDQsYHS4nzMpH%2B3jOmgLDtIiJfcxw0mnfS%0AgEBeJ5FOj1XuHDN1SSRKwezv8g%3D%3D%0A) ​ 5. Copy your API token ​ ![](https://downloads.intercomcdn.com/i/o/848704156/d98e1e5488259083cfb49d58/image.png?expires=1781611200&signature=a6c78266d12ee939d6ba967b02761b1d3262655a6ba139cf258d95e3e466ca4a&req=fCQvEcl6nIRZFb4V1XW4gciBIRC8Q%2FpAh0eeVP1x95vVUakxMHO%2Ft1blD1%2F5%0Auf9r7MBlVUmcKQPyglmaPTJ4FQ%3D%3D%0A) ### Lastly, create a SecurityScorecard credential in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credential" 3. Click "+ New Credential" and select "Text" 4. Input the values for the SecurityScorecard credential 1. **Name:** SecurityScorecard 2. **Description:** Optional 3. **Value:** Your API token 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API 6. Click "Save" > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of SecurityScorecard stories in the [story library](https://www.tines.com/library?s=securityscorecard&view=all)** ## Send to story Teams regularly need to perform a task or a set of tasks in multiple different stories. For example, a threat intelligence story and a phishing response story may use the same procedure to analyze a URL, similarly, a user de-provision story and a vulnerability management story may require the creation of a Jira ticket. Rather than creating the same set of actions in multiple stories (thus violating the [DRY-principle](https://en.wikipedia.org/wiki/Don%27t_repeat_yourself)), **send to story** allows users to create "sub-stories" to which events can be sent from other stories. When an event is received by a sub-story, the sub-story will perform its action and when finished, emit an event from the calling action. > Learn about send to story and Workbench [here](https://explained.tines.com/en/articles/9855926-using-workbench). ## Sub-stories Sub-stories work the exact same as normal Tines stories. The only difference is that a sub-story has an entry action and an exit action. The entry action must be a [webhook type](https://intercom.help/tines-9c531f867f99/en/articles/6872951-the-webhook-action-type-in-tines) action and the exit action must be a message-only mode event transformation action. ### Enabling a story for send to story (creating a sub-story) From a storyboard, when no actions are selected, in the properties panel there is a checkbox to enable a story for send to story. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2233149261/b641c9b090abfbb1611b0e649f28/enable+send+to+story.gif?expires=1781611200&signature=46f4676c957ca49babe38d3ed2fe98923bd3282d71e41980f8842698bb183894&req=diIkFch6lINZWPMW3nq%2BgfK5gCdfSAtlpEuSsMUEsfkiYqQrYcHx3FOUaqsj%0AKT56HXKlh0joCnIuWIdzd2KABgs%3D%0A) When this checkbox is clicked, you'll be asked to specify entry and exit actions. A sub-story can only have one entry and one exit action. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2233149037/e8ddb857f433b103e72bd65393f8/image.png?expires=1781611200&signature=56b14a2b8e54370ded7182dc559adb6c496d412ca75b14929cbf3242c9c8b3e4&req=diIkFch6lIFcXvMW3nq%2BgYabuUW2hSZMcCAMd8aCvS5DrXobuaG5oL92awAr%0ASm5v5dTXAVH976QzkclI%2FHo%2F4is%3D%0A) ### Entry action When an event is sent to a sub-story, the entry action will emit an event to its receiver actions. > Notes: > > 1. A send to story can have only one entry point. > > 2. The entry point for a send to story must be a webhook action. ### Exit actions The exit actions are the last action in a sub-story and must be message-only mode event transformation actions. The content specified in the exit action will be emitted by the action that originally sent the event to the sub-story. It is best practice to have a single exit action. Read our "one in, one out" best practice guide for send to stories [here](https://explained.tines.com/en/articles/14035443-send-to-story-best-practice-one-in-one-out). ## Access Control who is allowed to send to this story. Either select everyone to allow any team to send to this story, or select the team that owns the story to restrict access. To do this, click on the send to story settings in the right panel. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2233374998/c8c4be24806243c59d155fec34c3/share+access+to+send+to+story.gif?expires=1781611200&signature=20ccb6ab7a204c36b12ba673291cf8bc66bc6b7ab6931a896c7ef8addbdc184a&req=diIkFcp5mYhWUfMW3nq%2Bgax8fHNVM12WbyqPvMH8RvB%2B%2BTM6Opv%2Bq0zxwHHB%0AkVrGfBR5nKs2kNBP36ECXXrZ7yk%3D%0A) > Note: You do not need to share credentials inside the send to story with another team. The other team can send an event to the send to story and receive an event back when done. ## Sending to a sub-story When you need to send data to a sub-story, you should use a send to story action with the `STORY` key in formulas. For example, say we have a sub-story called `substory` we would send events to this sub-story with the following send to story action: ``` { "story": "<>", "payload": { "url": "http://example.com" } } ``` The entry action in `substory` will then emit an event similar to the below: ``` { "receive_url_to_analyze": { "url": "http://example.com", "#event_id": "1029", "#action_id": "21" } } ``` When this event has run down the story, an event will be emitted at the calling send to story action that matches the exit action's configuration. For example, let's say the HTTP request action above was named "analyze URL" and we have the following exit action defined in `substory`: ``` { "mode": "message_only", "uppercase_url": "<>" } ``` When the sub-story is complete `analyze URL` will emit an event similar to the below: ``` { "analyze_url": { "uppercase_url": "HTTP://EXAMPLE.COM" } } ``` ## Send to Story Best Practice: “One In, One Out” ## What is "one in, one out"? One in, one out is a critical design best practice for building send to stories. It ensures consistency and prevents unexpected multiplication of subsequent actions in your stories. For send to stories, this principle mandates that for every single event that enters the story, only one single event should exit. For more information on the send to story action, click [here](https://explained.tines.com/en/articles/6870857-send-to-story). ## How to ensure "one in, one out” To adhere to the "one in, one out" principle, you must merge all data back into a single event before the exit action. The correct technical approach for branching and merging is: 1. **Use conditions:** Use the condition action type at the top of each parallel branch to route the event correctly. 2. **Include conditional bypass:** Implement a conditional bypass (like a "no match") for branches that do not execute. 3. **Use implode action:** Feed the results of all branches and any conditional bypass paths into an **event transform (implode)** action. - The implode action should be configured to expect the total number of branches in your story to ensure it waits for all paths to complete. 4. **Format and exit:** Route the single, consolidated output from the implode action to the final exit action. This ensures that regardless of which branches ran, one consolidated event consistently exits the send to story. > Here is an example story you can import to your own tenant to help you understand: > > [send-to-story-example-one-in-one-out.json](https://downloads.intercomcdn.com/i/o/am0g137l/2151438005/db31b6479407e58e27c58f092532/send-to-story-example-one-in-one-out.json?expires=1774062000&signature=c9b21d53d1a4b50e66f9837d4fb2304e2eceaf233b71b1ea3df1d8533f87ad9a&req=diEiF819lYFfXPMW3Hu4gWTHwfGnVGJsxUA8L8q4iv9dON72JUoPXEV1oiU4%0AxQ%3D%3D%0A) If you need a hand importing a story, take a look at this [article](https://explained.tines.com/en/articles/7228854-how-to-import-a-story-in-tines). ## What happens if "one in, one out" isn’t adhered to? If a send to story processes one incoming event but allows multiple events to reach the exit action (e.g., "one in, three out"), it leads to inconsistencies in the calling story: - **Multiplication of actions:** Any subsequent actions in the calling story will run once for every event that exits the send to story. For example, if three events exit, the next action (like an HTTP request to block a user) will run three times. - **Unexpected behavior:** When you use a send to story action, you expect one event with correlated information back. If you receive multiple, unexpected data streams (e.g. you have multiple exit actions), your flow is compromised, requiring you to account for unnecessary complexity further down the line. Read more about send to story in our docs, [here](https://www.tines.com/docs/stories/send-to-story/). ## ServiceNow Authentication Guide **ServiceNow** allows employees to work the way they want to, not how software dictates they have to. And customers can get what they need, when they need it This guide covers 2 authentication options for ServiceNow: 1. [OAuth](#h_0f8ac5d7b4) 2. [Basic Authentication](#h_f4aeda9a38) ## OAuth You will need to create an OAuth app in ServiceNow. ### Create a ServiceNow credential in Tines #### **ServiceNow connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "ServiceNow" and follow the prompts to connect, selecting 'OAuth'.​ #### Manual credential creation (Client credentials grant) 1. Login to ServiceNow via [https://developer.servicenow.com/](https://developer.servicenow.com/) and access your instance (e.g. [https://dev123456.service-now.com/](https://dev123456.service-now.com/)) 2. Enable the Client Credentials grant type 1. In the Filter Navigator (top left), type: sys\_properties.list and hit Return. 2. Select New. 3. Complete the following fields: 1. Name: glide.oauth.inbound.client.credential.grant\_type.enabled 2. Type: true | false 3. Value: true 4. Select Submit. 3. Navigate to Filter Navigator > System OAuth > Inbound Integrations > New integration > OAuth - Client credentials grant. 4. Create a new application by completing the following fields: 1. Name: name of application 2. OAuth application user: select user 3. Create auth scope->New auth scope and enter scope name 4. Auth scope: select scope created in c 5. Limit authorization to the following APIs: select APIs to limit access to 5. Select Save. 6. In Tines, add a new OAuth2 credential via Credentials > New > Manual creation > OAuth 2.0 > Create credential ​ ![](https://downloads.intercomcdn.com/i/o/am0g137l/2259283310/c368f4dd163e185ea427f234f7d3/Manual%2Bcredential.gif?expires=1781611200&signature=1f57e2f487786c07a1bcd38ad03584429ddad263470e9df7b00ae3043aee4110&req=diIiH8t2noJeWfMW3nq%2BgZvDqwo4XN8r34VFa6ixUcnhgjuxxXVqGCFLjlNK%0Akpz6ob2sCW1Ka4ahCfYOQaHOh%2BU%3D%0A) 1. Name: name of credential 2. Client ID and Client Secret: copy and paste from the application that you just created in ServiceNow 3. Grant type: Client credentials 4. OAuth token URL: https://{service\_now\_instance\_name}.service-now.com/oauth\_token.do 5. Restrict direct access: selected 6. URLs and Domains: https://{service\_now\_instance\_name}.service-now.com/\* 7. Metadata: { "domain": "{service\_now\_instance\_name}.service-now.com" } ## Basic Authentication You will need your ServiceNow username and password. ### Create a ServiceNow credential in Tines #### **ServiceNow connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "ServiceNow" and follow the prompts to connect, selecting 'Basic Auth' #### **Manual credential creation** This method is not recommended as the ServiceNow connect flow creates this credential with much less complexity. However, if you need to create this credential set manually, see the following steps below: 1. Click "+ New Credential" and select "Text" 2. Input the values for the ServiceNow credential 1. **Name:** Required 2. **Description:** Optional 3. **Value:** Your password 4. **Domains:** yourdomain.service-now.com 5. **Metadata**: ``` { "domain": "yourdomain.service-now.com", "username": "yourusername" } ``` 6. **Access:** What other teams can also use the API > Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/servicenow). > > For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines). > > You can find a selection of ServiceNow stories in the [story library](https://www.tines.com/story-library?s=servicenow) ## Shodan Authentication Guide Shodan (Sentient Hyper-Optimised Data Access Network) is a search engine designed to map and gather information about internet-connected devices and systems. Shodan is sometimes referred to as a search engine for the Internet of things (IoT). Applications of the software include market research, vulnerability analysis, and penetration testing, as well as hacking. ## First, get a Shodan API key 1. Login to your Shodan account 2. Click "Account" ​ ​ ![](https://downloads.intercomcdn.com/i/o/893653176/ce3e59d2c450e944b589dddc/image.png?expires=1781611200&signature=30d250c124c094e359aa9fb0a28267ecb1e104ea01bdc6f4b8a11fa6346aeec5&req=fCkkEMx9nIZZFb4V1XW4gUD5bNzsP3b63GjSHiTotV2cDSUH2%2FUjks7cxrb5%0APipmY5tOlf%2FJ4R3KgDEEmReVdg%3D%3D%0A) ​ 3. Copy your API key to a text editor ​ ​ ![](https://downloads.intercomcdn.com/i/o/893653699/a6ada991b09b113a3d79b3af/image.png?expires=1781611200&signature=afef018f31500467207fa638c06caa8d3c70e808da290d0f019b8943dc52fcb3&req=fCkkEMx9m4hWFb4V1XW4gfadGE2BLS%2BaLPqoYCjD3QDle4bFsvk3YR9mz%2B%2BF%0A4bDkQ23XtqqkKgqDonr1%2Fj35zA%3D%3D%0A) ## Then, create a Shodan credential in Tines **Shodan connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Shodan" and follow the prompts to connect. **Manual credential creation** This method is not recommended as the Shodan connect flow creates this credential with much less complexity. However, if you need to create this credential set manually, see the following steps below: 1. Click "+ New Credential" and select "Text" 2. Input the values for the Shodan credential 1. **Name:** Required 2. **Description:** Optional 3. **Value:** Your copied API key value 1. **Domains:** api.shodan.io 2. **Access:** What other teams can also use the API > **Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/shodan).** > > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Shodan** **stories in the [story library](https://www.tines.com/library?s=shodan&view=all).** ## Single sign-on (SSO) SSO is a scalable way to ensure trusted access to your Tines tenant. As security is always a priority at Tines, SSO is available for all Tines tenants. All Tines users can access Tines via their identity provider. ## Enabling SSO To turn SSO on or off for your tenant, go to `Authentication Settings` in the top left menu and follow the instructions. ![](https://tines-f60bb36f92a5.intercom-attachments-1.com/i/o/650206958/4d6eaf7b00e025726771274b/1656002378-admin_sso_menu-d516260af68a5a72ac3259233693b699.png?expires=1781611200&signature=bb5bf45b08c93d3bfabeecba14d606d44acb571f7e7025b6d38366db59c59c4e&req=ciUnFMl4lIRXFb4V1XW4gUENIVb%2BGFeMbIhcNs5zKvlw3GlSUkoVuVWs8p2l%0AHZDVsAFJU8bJAC3th4dnDxTyXA%3D%3D%0A) > **Important note:** SSO only enables users to sign in, not sign up. Users must be invited to gain access. ### SAML configuration Setting up SSO via SAML requires two pieces of information from your external **[SAML](https://en.wikipedia.org/wiki/Security_Assertion_Markup_Language)** identity provider (IdP): 1. A URL, which we’ll redirect users to when signing in. 2. Your IdP’s X.509 public certificate While we discourage this for security reasons, you can instead use a fingerprint, which is a digest of the certificate. This must be generated using SHA-256, such as with **[samltool.com](https://www.samltool.com/fingerprint.php)**. #### Enhanced SAML Security Tines also supports additional SAML security features, such as encryption and signing. Contact our support team if you'd like to enable these for your tenant. ### OIDC configuration Setting up SSO via OpenID Connect (OIDC) requires six pieces of information from your external OpenID provider (OP): 1. Your OAuth client ID. 2. Your OAuth client secret. 3. The authorization endpoint URL - e.g. `https://accounts.google.com/o/oauth2/v2/auth` for Google or `https:///oauth2/authorize` for AWS Cognito. 4. The token endpoint URL - e.g. `https://accounts.google.com/o/oauth2/v2/auth` for Google or `https:///oauth2/token` for AWS Cognito. 5. The issuer or issuer identifier URL - e.g. `https://accounts.google.com` for Google or `https://cognito-idp..amazonaws.com/` for AWS Cognito. 6. The JSON Web Key Set (JWKS) URL - e.g. `https://www.googleapis.com/oauth2/v3/certs` for Google or `https://cognito-idp..amazonaws.com//.well-known/jwks.json` for AWS Cognito. Items 3 to 6 can be found in your OP’s "provider metadata" or "discovery document", which is normally located at a URL that ends with `.well-known/openid-configuration` - e.g. `https://accounts.google.com/.well-known/openid-configuration` for Google or `https://cognito-idp..amazonaws.com//.well-known/openid-configuration` for AWS Cognito. Tines requires that your OP supports the "Authorization code grant" OAuth flow and the "email", "openid" and "profile" OAuth scopes. ### Just-in-time user provisioning With SSO enabled via SAML or OIDC, administrators can optionally enable **just-in-time user provisioning**. When enabled, administrators can provide a json configuration mapping a group on their SSO identity provider to a Tines team and role. Once setup, a user signing into Tines for the first time will automatically be placed in the designated team and role mapped to their SSO group in the configuration json without requiring an invitation to the tenant. > **Important note:** A change to the just-in-time configuration will not update existing users' teams and roles. #### To setup just-in-time provisioning: 1. Enable the checkbox entitled "Enable automatic provisioning of SSO users when first accessing the tenant" 2. Fill in the following blank fields in the json editor: The `group_attribute_name` field should be filled in with the name of the SAML or OIDC attribute containing a user's group name. In the example below the value for this field would be "Group" ![](https://tines-f60bb36f92a5.intercom-attachments-1.com/i/o/701544213/c517fd129593d1a91d841819/1677088092-screen-shot-2023-02-22-at-9-47-27-am.png?expires=1781611200&signature=eee047532305226b874a38d98c415173366f72207dba1e95860a352c466cadbe&req=cyAmE816n4BcFb4V1XW4gV4V9wxFevmMcNLUE%2F1ZhVTwEir3b59WpzejZmNg%0A8JXxqQ9QJXozLsDzLh4vSCa7Ww%3D%3D%0A) ##### An example of a Group Attribute Statement configuration in Okta. - The `tenant_owners_group` (optional). When provided, users in the SSO group matching this field will be provisioned as tenant owners. - An object in the `mappings` array containing an `sso_group` with a value matching the name of the desired group in your your identity provider, `team_name` with a value matching the name of the Tines team users from this SSO group should be placed into, and `role_name` with a value matching the desired team role for those users (team\_admin, editor, or viewer). ## Single sign-on (SSO) SSO is a scalable way to ensure trusted access to your Tines tenant. As security is always a priority at Tines, SSO is available for all Tines tenants. All Tines users can access Tines via their identity provider. > To configure SSO, you must be a **tenant admin** or **owner**. By default, the tenant owner is the person who created the tenant and is the first tenant admin. There can be multiple tenant admins. ### **Enabling SSO** To turn SSO on or off for your tenant, go to `Authentication Settings` in the top left menu and follow the instructions. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1810176456/3b18339fbc4630505d4e9bfc1a4b/1656002378-admin_sso_menu-d516260af68a5a72ac3259233693b699.png?expires=1781611200&signature=739542d79fc88624f7f03c91aa01c24620485d0957643449e3a78d9f522e05c6&req=dSgmFsh5m4VaX%2FMW3nq%2BgXUy7sYtBhZ2RpSEyc0q2%2BRMclkgYJRnWcJZmPTN%0AKI1LgseBfZTGY2Lev2PKFe7%2BSOo%3D%0A) > **Note:** SSO only enables users to sign in, not sign up. Users must be invited to gain access. ### **SAML configuration** Setting up SSO via SAML requires two pieces of information from your external **[SAML](https://en.wikipedia.org/wiki/Security_Assertion_Markup_Language)** identity provider (IdP): 1. A URL, which we’ll redirect users to when signing in. 2. Your IdP’s X.509 public certificate While we discourage this for security reasons, you can instead use a fingerprint, which is a digest of the certificate. This must be generated using SHA-256, such as with **[samltool.com](https://www.samltool.com/fingerprint.php)**. ### **Enhanced SAML Security** Tines also supports additional SAML security features, such as encryption and signing. Contact our support team if you'd like to enable these for your tenant. ### **OIDC configuration** Setting up SSO via OpenID Connect (OIDC) requires six pieces of information from your external OpenID provider (OP): 1. Your OAuth client ID. 2. Your OAuth client secret. 3. The authorization endpoint URL - e.g. `https://accounts.google.com/o/oauth2/v2/auth` for Google or `https:///oauth2/authorize` for AWS Cognito. 4. The token endpoint URL - e.g. `https://accounts.google.com/o/oauth2/v2/auth` for Google or `https:///oauth2/token` for AWS Cognito. 5. The issuer or issuer identifier URL - e.g. `https://accounts.google.com` for Google or `https://cognito-idp..amazonaws.com/` for AWS Cognito. 6. The JSON Web Key Set (JWKS) URL - e.g. `https://www.googleapis.com/oauth2/v3/certs` for Google or `https://cognito-idp..amazonaws.com//.well-known/jwks.json` for AWS Cognito. Items 3 to 6 can be found in your OP’s "provider metadata" or "discovery document", which is normally located at a URL that ends with `.well-known/openid-configuration` - e.g. `https://accounts.google.com/.well-known/openid-configuration` for Google or `https://cognito-idp..amazonaws.com//.well-known/openid-configuration` for AWS Cognito. Tines requires that your OP supports the "Authorization code grant" OAuth flow and the "email", "openid" and "profile" OAuth scopes. > You can choose the session timeout duration when SSO is configured. ### **Just-in-time user provisioning** With SSO enabled via SAML or OIDC, administrators can optionally enable **just-in-time user provisioning**. When enabled, administrators can provide a json configuration mapping a group on their SSO identity provider to a Tines team and role. Once setup, a user signing into Tines for the first time will automatically be placed in the designated team and role mapped to their SSO group in the configuration json without requiring an invitation to the tenant. **Important note:** A change to the just-in-time configuration will not update existing users' teams and roles. ### **To setup just-in-time provisioning:** 1. Enable the checkbox entitled "Enable automatic provisioning of SSO users when first accessing the tenant" 2. Fill in the following blank fields in the json editor: The `group_attribute_name` field should be filled in with the name of the SAML or OIDC attribute containing a user's group name. In the example below the value for this field would be "Group" ![](https://downloads.intercomcdn.com/i/o/am0g137l/1810176457/9fd38ff9e6ee7de5eaf95462f086/1677088092-screen-shot-2023-02-22-at-9-47-27-am.png?expires=1781611200&signature=7e3629995e0dbc5e46d50cb93076807e8c2c229c6ea344f34bf112cc54721be1&req=dSgmFsh5m4VaXvMW3nq%2Bgf4LuIidLdULeq8xvXynwWRRAvnHek%2BDBmAifZ25%0AnTfiLHpmom3e31wmmNbs%2FiW1o%2Fk%3D%0A) ### **An example of a Group Attribute Statement configuration in Okta.** - The `tenant_owners_group` (optional). When provided, users in the SSO group matching this field will be provisioned as tenant owners. - An object in the `mappings` array containing an `sso_group` with a value matching the name of the desired group in your your identity provider, `team_name` with a value matching the name of the Tines team users from this SSO group should be placed into, and `role_name` with a value matching the desired team role for those users (team\_admin, editor, or viewer). ## Slack Authentication Guide ## Introduction Automate workflows across your business with Tines and Slack, allowing you to focus on what matters. Tines is a workflow platform purpose-built to automate and integrate business processes. Teams are too often stuck doing tedious manual work or force-fitting systems together, and it’s our mission to change that. With Tines, you can build connections between systems in minutes and deliver valuable workflows within hours. ![](https://downloads.intercomcdn.com/i/o/911002706/3b24db7246de3e4abc313d36/Connect+to+slack.png?expires=1781611200&signature=b63f5ab3c036542e96627698f4015a1311a4d4a8917d25ca76cbb89070a215b1&req=fSEmFsl8moFZFb4V1XW4gVxdG8nyV5edn2NXvb0dLmZIhgMRts%2B8zxSLE9Uv%0AFl0izsKSvOh10Did%2FyN%2BG6rRgA%3D%3D%0A) ## Steps for installing the app: 1. [Login](https://login.tines.com) to your Tines tenant 2. Navigate to the team that will be using the API and click "Credential" 3. Click "+ New Credential" and select "Slack" and follow the prompts to connect. ### Workflows you can build with Tines and Slack: - Receive and approve or deny requests via Slack - Create new channels and send messages - Automate user reminders for training and compliance - … and a whole lot more! Check out our [library](https://www.tines.com/library/tools/slack?page=1) for even more workflows. ![](https://downloads.intercomcdn.com/i/o/911004856/7d3e2ca60fe3cd5f3ed12d2f/Automate+user+messaging.png?expires=1781611200&signature=85b5a408ac84d126312e2e900f038e16ea589e8080208824e28a3f7b7b153196&req=fSEmFsl6lYRZFb4V1XW4gRRtFkGzYB7zZIOFJ2hsWpU7eKd%2FIMs3gkJtU8ev%0AVSNtJ0rXaPT2Qg4SVFpBRScM9w%3D%3D%0A) ### Get more out of your tech stack with Tines and Slack: While it’s possible to send simple Slack messages straight from most tools, you can use Tines to build tailored Slack messages that aggregate and correlate data between these systems. This makes your alerts less noisy and more relevant for your team. Tools customers use Tines and Slack to see increased value from include: - Cloud providers such as AWS, GCP, and Azure - Ticketing platforms such as Jira, ServiceNow, and Zendesk - Security systems such as Wiz, CrowdStrike, Lacework, Recorded Future, JupiterOne, Tenable, Qualys, Elastic, Splunk, and Panther - Software development tools such as GitHub and GitLab - And other commonly used software such as OpenAI, Salesforce, Okta, and more! ![](https://downloads.intercomcdn.com/i/o/911004935/02c107a06ba15feecd497a37/Build+end+to+end+automations.png?expires=1781611200&signature=2bd78e3e4790708d8394b8f01ddb9f4d2cae67565953a16c89ba5269eef534b5&req=fSEmFsl6lIJaFb4V1XW4gc5wavrbPEl7ExnVblPWC4lVUypHDl50qSassyNa%0AM%2BjRKI90WloFVynqVMjhRZwjyg%3D%3D%0A) > For more on how third-party data is handled, see Tines's [privacy policy](https://www.tines.com/privacy) ## Custom Slack Authentication Guide: If you'd like to choose a custom set of scopes, you can create your own app. Follow the steps below: First, create a chatbot in Slack 1. Navigate to [https://api.slack.com/apps](https://api.slack.com/apps), select Create New App, select 'From scratch' or 'From an app manifest' based on your preferences, and choose a name. When you create your Slack App, you have to choose your workspace. If this is your first time setting up an application, testing it in a demo or development workspace may make sense. ![](https://downloads.intercomcdn.com/i/o/754269715/36d69460b9fda6bd2175eaaf/Screenshot+2023-06-01+at+13.10.11.png?expires=1781611200&signature=f893115e0eda9d505bf2aae00bdccb503d1003a7b40fad7ea7190e70b374fdfa&req=cyUjFM93moBaFb4V1XW4gRsJa5AnwI1X18ayTL%2BdAIzsN5Jv7%2BuTWtyesdgv%0AGzPwsdyymJIVwzxZJ58ivH8LEA%3D%3D%0A) 2. On the next page, you’ll be presented with several options on what features and functionality you’d like for your application: ![](https://downloads.intercomcdn.com/i/o/754270262/127f24a8f1b9ea25e6c212a1/Screenshot+2023-06-01+at+13.10.42.png?expires=1781611200&signature=2f781eb67d08ca112b1e070dc88b6a55f8da8beeb1ab8d33a45ecf6591c56800&req=cyUjFM5%2Bn4ddFb4V1XW4gZIHa2ONNPSLbEAn1duKkq%2B4g0k%2B4hQN72TjBfpT%0AuudKUezf9OudHQzza0stQkg2jw%3D%3D%0A) Configure your bot to your desired specifications. Some commonly used features and functionality include: - **Permissions:** enable various user and/or bot scopes for your app. Follow [this link](https://api.slack.com/methods) view a full list of actions you can do with your bot. Click into the details for your desired actions to understand what permission scopes are needed. Additionally, all Tines Slack templates list the required scopes for each action in the description of the action template as further guidance. - **Interactive Components**: send messages with embedded interactivity to users. For example, send users messages with interactive buttons that can be used to stop and start your automation stories in Tines, upon user input. - **Slash Commands**: allow a user to interact with Tines through specific, user-defined commands e.g. - /searchdomain – search for traffic to a domain in logs - /lookupuser – find user profile information in active directory - /quarantinedevice – quarantine a device proactively ​ 3. Once you have configured your app to your custom specifications, navigate to the OAuth & Permissions feature tab on the left and locate the section 'OAuth Tokens for Your Workspace.' Depending on the permissions scopes you enabled, you may have a User OAuth token or a Bot User OAuth token. Copy the relevant token to use in the next step. ![](https://downloads.intercomcdn.com/i/o/885010944/90c1f5921c5a338c9df6f927/slack+token.png?expires=1781611200&signature=aeb9a189dd76deb681c08ddd11967bf1aad8db17d1b154987ef7703e92d73c19&req=fCgiFsh%2BlIVbFb4V1XW4gRut2HF6ot7AaMJNo2Ch0V%2FlQL11zbBJvDTsshCv%0AcgGrbs3GpHJFW0jBrhe3ZxzUeQ%3D%3D%0A) ### Create a Slack credential in Tines **Slack connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credential" 3. Click "+ New Credential" and select "Slack" 4. Select "Use my own Slack app" and follow the prompts to connect. > Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/slack). > > For more complex capabilities for your chatbot, check out this [blog](https://www.tines.com/blog/chatbots-for-security-and-it-teams-part-3-creating-a-slack-chatbot) > > For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines). > > You can find a selection of Slack stories in the Tines [story library.](https://www.tines.com/story-library?s=slack&page=1) ## Splunk enterprise authentication guide Splunk is a software platform to search, analyze and visualize the machine-generated data gathered from the websites, applications, sensors, devices, and so on, which make up your IT infrastructure and business. There are two types of authentication supported by the Splunk Enterprise API: 1. Access token (recommended) 2. Basic authentication ## Create a Splunk enterprise credential in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Splunk Enterprise" and follow the prompts to connect. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2230883848/b0ddb4437af9719f6b0a47241d66/splunk+add+credential.gif?expires=1781611200&signature=1af8511fb1398c7fd99d7779eb2c17fcb70ce6873a845055180bfb7ebf77ff1e&req=diIkFsF2nolbUfMW3nq%2BgRQkd4zvvVfgbWq3SVXbz7BRCqJ47sC0ik0uNn1%2F%0ArNrlB6YSij31qOL4ALkOVCcdmw4%3D%0A) ## Configure webhook allow list in Splunk By default, Splunk blocks outbound communication from Splunk to a Tines webhook. Follow the steps in [this article](https://help.splunk.com/en/splunk-cloud-platform/administer/admin-manual/10.3.2512/configure-your-splunk-cloud-platform-deployment/configure-webhook-allow-list-using-splunk-web) to add Tines webhook to the allow list. > **Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/splunk-enterprise).** > > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Splunk** **stories in the [story library](https://www.tines.com/library?s=Splunk&view=all)** ## Staying up to date with Tines The Tines product team work hard to get new features and products into your tenant. So, you might want to dig into these in more detail from time to time. There are lots of ways to keep up to date with Tines, including: 1. [What's New feed](#h_01039ede5e) 2. [Tines blog](#h_568951addf) 3. [Newsletter](#h_f0b9ea0091) 4. [Social feeds](#h_d9fc96ab55) ### What's New feed ![](https://downloads.intercomcdn.com/i/o/am0g137l/1807094495/156224239173b18b3e16a2acc874/CleanShot+2025-10-31+at+17_11_37%402x.png?expires=1781611200&signature=c709c4a0d1bcb367cd79aaa6ae48694c29ff8cc5c9193ae1a53b754cb79c570b&req=dSgnEcl3mYVWXPMW3nq%2BgcIupfRUWsX5O3FkENp5QSSFkQp26f7mmt11GSx8%0AvQnCTcJQa2he1P%2Fiq2iNHv5fyxk%3D%0A) All Tines feature updates get posted on the **What's New feed [here](https://www.tines.com/whats-new)**. There are two RSS feeds you can subscribe to, depending on your preference. - Important updates: - [https://www.tines.com/rss/tines-product-updates.xml](https://www.tines.com/rss/tines-product-updates.xml) - All product updates - [https://www.tines.com/rss/tines-product-updates-full.xml](https://www.tines.com/rss/tines-product-updates-full.xml) > **Tip:** Use the filter to the left of the feed to look at specific product categories. ### Tines blog ![](https://downloads.intercomcdn.com/i/o/am0g137l/1807099177/fa87b1f98d495a4dead876b67a3e/CleanShot+2025-10-31+at+17_14_15%402x.png?expires=1781611200&signature=f247b455b3e8a0d087645c0942b63d29dd5ad561897a2373811631eeca9e4263&req=dSgnEcl3lIBYXvMW3nq%2BgdY9j2JiNX0jSIU%2FpVe6p0RJsJG%2FAyS1nBKhaTwW%0AvEurfEQIvzBSIZsajeJkJ%2FKdCmM%3D%0A) The team posts regularly to the **[Tines blog](https://www.tines.com/blog/)** including relevant news, engineering insights and [product updates](https://www.tines.com/blog/product-updates/). The product marketing team shares a What's New post for updates made that month. You can subscribe to the blog RSS feed here: - [https://www.tines.com/rss/tines-blog.xml](https://www.tines.com/rss/tines-blog.xml) You can catch the Tines quarterly look back video on **YouTube** **[here](https://youtube.com/playlist?list=PLrLy59ZkmoJ6aBiJBdTKPDAWFwinWid6F&si=xAe1fqdVXCaJG82j)**. ### Newsletter Get Tines news and updates direct to your inbox with the **Tines newsletter**. You'll be automatically added to this list when you sign up, or you can manually sign up on our [blog](https://www.tines.com/blog/). We won't spam you, promise. Just look for this form near the bottom of the page: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1803124864/b9db61eed09a15dbf75dc1c19222/Newsletter+sign+up.jpeg?expires=1781611200&signature=cd316752eae2c7b89a207384b686685413f937fa3c191bd18033dec51d42f546&req=dSgnFch8mYlZXfMW3nq%2BgcvVd%2B6ry%2FqkB5jA545IwuNPvQtvx7Gm6I%2BwX%2BSn%0Av2KFES37tGBtyKElenCs%2FvgW01Q%3D%0A) ### Social feeds You can always see what we're up to and connect with us on the social platform of your choosing: - [LinkedIn](https://www.linkedin.com/company/tines-io/posts/?feedView=all) - [X (formally Twitter)](https://x.com/tines_hq) - [YouTube](https://www.youtube.com/@TinesHQ) - [Tines Slack community](https://hq.tines.io/pages/6f8b122ccba3cb7e8e0d3531d1b70eb2/) ## Stories in Tines Stories are a collection of interconnected actions working towards a singular goal. Think of them like automated use-cases, or playbooks. For example, you might have a Phishing story, an infected endpoint story, or an employee onboarding story. To begin your first story, simply drag an actions or a template onto your storyboard and connect them like this: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1802430770/65d0941e6f6c7828c88b10a3f159/97f38bbb-56f7-4e30-bdfc-041abfa6995c.gif?expires=1781611200&signature=8d58d2379e06289db852a848c6aa28e273f28ed40d044c87364e3834ccb62d7d&req=dSgnFM19nYZYWfMW3nq%2Bgb0ELO8nJcMpfdjx4g%2Fw9bap7NzqNhrmFbJHPGOg%0AOW3He6U0uNZOvNMSu4lP3NBJ5vg%3D%0A) You can also create your first story by importing one from our [Story Library](https://www.tines.com/story-library) from right inside Tines, like this: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1802430772/edff7c91c807f657696429461520/d603a6c9-8924-4f30-b3a9-a5a238c15008.gif?expires=1781611200&signature=90d90595c5b90f947e4edefa370b170953eabc73af5bb7a99736fbc7864c7a78&req=dSgnFM19nYZYW%2FMW3nq%2BgTLjGnMGEVe8nMGYv8NEbL67NlXSsF1ezkCp%2BVgR%0AvDUDucrpNgF9Z%2Boda%2BwXDUd4UbI%3D%0A) Another way to get started with stories is with the default stories available to you when you first create your Tines tenant: - **The Simple Story**: A short story that demonstrates how actions and events interact to automate workflows. - **Simple Story - VPN Notification**: This story demonstrates how automated threat detection and response can be performed on corporate VPN connections. - **Analyze URL in URLScan**: This story demonstrates how Tines actions can be used to analyze suspicious URLs. So you can better understand what a completed story might look like, here is an example of a story designed to automate threat detection and response of corporate VPN connections: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1802430773/b2a223a3bc3e3f7246df19d2f029/1654856057-quickstart_story-7171552b5404f4622813b966a19384a1.png?expires=1781611200&signature=600903772aa002f0d462114977304db08708e8146c23c22d6fccf7b91d694f5f&req=dSgnFM19nYZYWvMW3nq%2BgYcXlSCj4Yz6MZG3o8jWEBA8FwJloPJXoK7AvoM9%0AftadyLVZeKApzGRvZI9p7PXrpsM%3D%0A) When you start creating a new story, it is unpublished by default. An unpublished story is similar to a draft. It will be restricted in that it will only run while you're working on it. Unpublished stories do **not** count toward your stories quota. > **👉 For more detailed docs on how stories work, [see here](https://www.tines.com/docs/stories).** #### **Backing up your Tines stories** You can export your stories from Tines, which will be stored in a JSON format. For more information on exporting stories, [see here](https://explained.tines.com/en/articles/7228646-how-to-export-stories-and-actions-in-tines). You can also use the Tines API to export stories. For more information on exporting stories using the TInes API, [see here](https://www.tines.com/api/stories/export). Here are some stories that can be used to back up, export, and import Tines stories. - [Backup Tines stories to Github](https://www.tines.com/story-library/87728/backup-tines-stories-to-github) - [Save Tines story in AWS S3](https://www.tines.com/story-library/87683/save-tines-story-in-aws-s3) - [Import Tines story from AWS S3](https://www.tines.com/story-library/87682/import-tines-story-from-aws-s3) ## Story outputs and values ## Customize output The customize output setting allows you to modify the event data that an action produces. Customize output is available to all action types and can be found via the action configuration → **\+ Option** button: ![](https://downloads.intercomcdn.com/i/o/am0g137l/2258017313/544097fb130d6336866d22194fa5/custom+output.gif?expires=1781611200&signature=c27c86468e7e841ecc0cdf2a73e10bc07db66180d2d0292c7f7b315307c74c15&req=diIiHsl%2FmoJeWvMW3nq%2BgboNUEN%2BHBMdIAcUyZHq%2Fep2jbsYoRygLKwe0H0u%0AaFhWMzAsVojCz0VaY9SzhD4t9gc%3D%0A) Before getting started, we recommend familiarizing yourself with the surrounding functionality this article covers: - Tines: [Actions](https://www.tines.com/docs/actions) ### What can customized output be used for? #### Enhance story readability Use the customize output setting to format your payload data in one action, reducing the amount of actions in your story. In this example, we want to `MAP` out the "`email`" key from an array of objects. ``` { "users": [ { "name": "Angie", "email": "angie@tines.com" }, { "name": "Shelby", "email": "shelby@tines.com" }, { "name": "Lasse", "email": "lasse@tines.com" } ] } ``` Normally, we would have two actions, one for the data and one for formatting it. Using customize output, we can transform this data in one action instead of two: ![](https://downloads.intercomcdn.com/i/o/am0g137l/2258016508/46225231b23e0559585d72311b3b/image.png?expires=1781611200&signature=1af5ae987d50c62d5fbbae181d059cb06661c47af7dd2038f9b6747424bc2880&req=diIiHsl%2Fm4RfUfMW3nq%2BgT5OJs7HUYjSw4aCVzKWa72cf8JeCUKndoEsj3ZR%0AkS%2BETdwxZ4uyUIazFcf6x%2BImMEc%3D%0A) #### Optimize downstream processing Use the customize output setting of your HTTP request action to strip the information you don't need. In this example, the Poke API usually returns a lot of information. Using customize output, we can filter the response to only return the data we want: ![](https://downloads.intercomcdn.com/i/o/am0g137l/2258016509/d290b8d8dca62930e8f2c882f64f/image.png?expires=1781611200&signature=1b0d0b5c0db57455a44c1ff2045e0fe5dd25eba5a85fa62b8a93e0634d90ed38&req=diIiHsl%2Fm4RfUPMW3nq%2BgRbwTQigorlXMuNbqRqYhhGDVCD2mIOAyuJSRG4v%0Avrc136y3g5wjVQMuIvpi1EvAQ0M%3D%0A) #### Set secret encryption Use the customize output setting of your action to encrypt and store a token as a Tines credential, hiding the value from event details: ![](https://downloads.intercomcdn.com/i/o/am0g137l/2258016507/af25253a15dc5bce0cf5f405d230/image.png?expires=1781611200&signature=ed2f3f8c2749f015054f4bbeb4b12c1a5a957d433132124c431c1059e8d2a27c&req=diIiHsl%2Fm4RfXvMW3nq%2BgbzZutOyJQuOkoN4OnEX%2FMQ%2FW0rdWMwYKNlySP0W%0AtOwGXe3Jj6rX8XZlCS0D8tAVcSA%3D%0A) ### Limitations The following limitations for the customize output setting are: - Input or event data from a different action cannot be included within another action's customize output configuration. - Key path auto-completion is not available. - Output preview is not available. ## Working with value options This video explains how to use the different value options available in Tines. [Watch video](https://www.youtube.com/embed/v5NDAEMPKD0?rel=0) When working with an event transform action, you can change the different types of values to format or enrich data. You can start by pulling an event transform action into your story. ### Using key-value pairs and adding fields By default, an event transform action will contain “message : This is an automatically generated message from Tines”, which is a key-value pairing. You can replace this and add your own fields by hitting the plus button to add more objects or key-value pairs. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2258957027/755da61d76f9bf8711548850395e/addd+key+value+pairs.gif?expires=1781611200&signature=4c38261876d930c06d412adc3fea6e3da02a5ee0381aee06f4d04ef0be47816f&req=diIiHsB7moFdXvMW3nq%2BgRLoD6yVPG%2BHf2FDsVZ8AdAZ53AxV2P2W1cd0AdX%0Ai1fKaj5A8oEl1eC80TmNNkG%2FQN8%3D%0A) ### Switching value types If you do not need all fields for a single action, you can delete them. If you intend to use the action for a single value (such as a number or text), you can click on the value type to see different options. You can switch the value to an array, null, true, false, number, formula, or text. For example, if you only wanted the message to say "this is an automatically generated message from Tines," you would switch the value type to text. When using single value items, the action will only contain that one item. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2258959302/320c552a922c602245232414fa3f/switch+value+types.gif?expires=1781611200&signature=2d747c3f3d33c83674ef0a995a4fdaaca66e6d8ca32dcb62e233f7ea0549f2ea&req=diIiHsB7lIJfW%2FMW3nq%2BgZCjZbue5dnL7IXfOA8UspQLtbP6RCgX62a06e%2FA%0AilWyJlESvv%2FvUW8uloz5No2T4%2Fc%3D%0A) ### Add an object You can also combine different value types. For instance, you could add an object called "data set." Instead of it being a plain text value, you can click on it to switch it to another object containing your nested key-value pairs. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2258962159/3f91a72f3dd776502b0a860f8596/add+an+object.gif?expires=1781611200&signature=23e315ded04258d34bc084d8341cea614316d7443ecc4b49aaca75e1a8a20bfb&req=diIiHsB4n4BaUPMW3nq%2Bgf1ePeZueg1NSIleYGkEcohOjndoVW%2F%2FJNsf7fWH%0AF0eV%2Bvkf%2BqzfK30Y1pB4iOBxQ8s%3D%0A) ### Add an array In addition to data sets, you can add an array to create a quick list, such as an "application list". When adding items to the array by hitting the plus button. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2258964933/dcfa5f9e46c6b32b5358598bb9e1/add+an+array.gif?expires=1781611200&signature=9129c768a08a3f9a014ebe176b0f074539e7312caf8aa1107bcfd30ce0703fb2&req=diIiHsB4mYhcWvMW3nq%2BgQzg5IpnNwKWGk%2BLKC39xuKb0QIw8m3qZ1qDpUkk%0AC8mZ5dXe0s5mGdbc9yMrD8jTuTM%3D%0A) ## Leverage local values Using local values within Tines allows you to store the results of calculations to reference within your action payload. ### Defining local values Local values are available in all [action types](https://www.tines.com/docs/actions#action-types) within Tines. To define a local variable within an action: 1. Within your Tines tenant, click on the relevant action tile to open up the action's configuration panel. 2. If the **Local values** section is not visible, add it to the configuration via the **\+ Option** button: ​ ![](https://downloads.intercomcdn.com/i/o/965474476/e83aa8a3fa7e380a390fb270/Screenshot+2024-02-16+at+11_46_20+AM.png?expires=1781611200&signature=af3142162bb19b644b9956d01fc66151b6517c8ca3670030fff9b09048ab8c04&req=fSYiEs56mYZZFb4V1XW4gWeVcelhcqOKPhvqd5BPeYo0RivLVWs8wcEPVygY%0ALJWD1rpV1CrQtcn2%2FmA56iaYMg%3D%3D%0A) 3. Within the **Local values** section, configure the value. 4. Reference the local value in your **Payload** -> **Builder** as `LOCAL.[value]`, as needed. You can reference `LOCAL` from within the Local values object but it will only be able to refer to keys that were defined earlier, otherwise they will resolve to null. > For examples and more information on local values, visit our [Tines University page](https://www.tines.com/university/builder-expert/advanced-functions/local-values/). ## Story performance and execution ## Check how long it takes a story to run When you are in your story, click the 3 dot menu in the top right corner. Select **Story Runs** from the menu. You’ll now see the most recent story runs, the route taken, and any actions executed. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2252504496/938306f7bdc67a10ee7c0d7498bf/story+runs.gif?expires=1781611200&signature=31c116a3431c5e149af8d8de3ef961f7f2b57235d423abe618d651672128bde8&req=diIiFMx%2BmYVWX%2FMW3nq%2BgW5aui0JpWt17slnNqOGblKnXOJkS4aAzEYCGk9p%0AA7N7qBBl1vIj34l%2F0hU3huUQxEw%3D%0A) In this view, you’ll also see the number of events, start time, finish time and story run duration. > Read more about story runs in our docs [here](https://www.tines.com/docs/stories/story-runs/). ## Action run orchestration In Tines, it's important to consider the issue of fairness regarding action runs. How do you ensure a single story doesn't monopolize all of the compute power for action runs on a stack, thus stunting other stories? This question applies to single and multi-tenant stacks, where all of the stories share action run computing capacity. To address this issue, we have a concept called "fair orchestration." "Fair orchestration" guarantees that each story on a stack receives a fair amount of worker time to process action runs. ### How does it work? The system uses two mechanisms to ensure fair resource distribution: concurrent run limits and token buckets. These are checked in sequence for every action run. ### Concurrent run limits The system allocates a percentage of total Sidekiq workers for concurrent action runs per story: - Multi-tenant stacks: 30% of total workers - Single-tenant stacks: 50% of total workers This allocation prevents any single story from monopolizing the available workers. The system tracks the number of currently running actions for each story in Redis, and only allows new runs if they won't exceed these limits. ### Token bucket system If concurrent capacity is available, the system then checks token availability. Each story has a token bucket that refills proportionally based on the time elapsed since its last update, up to a maximum capacity of 1.5 million tokens. These 1.5 million tokens represent 25 minutes worth of worker time per minute. For high-priority stories in single-tenant environments, this limit is doubled to 3 million tokens (50 minutes of worker time). > **Notes:** > > - 1 token = 1 millisecond of worker time > > - 1,000 tokens = 1 second of worker time > > - 1.5 million tokens = 25 minutes of total worker time > > - High-priority stories (single-tenant only) get 3 million tokens = 50 minutes of worker time > > - Worker time refers to Sidekiq workers processing capacity the actual CPU time used to execute action runs As actions in a story execute, tokens are deducted from the story’s token bucket. From the time an action run starts, every second 1,000 tokens are deducted from the story's bucket until the action run is complete. This token consumption is tracked through a dedicated background thread to ensure accurate accounting of active runs. If a story depletes its tokens, new action runs for that story will be pending until sufficient tokens have accumulated through the time-based refill system. For example: - Let's say a system has 100 total Sidekiq workers: - For multi-tenant stacks: 30% allocation = 30 maximum concurrent workers - For non-multi-tenant stacks: 50% allocation = 50 maximum concurrent workers - A story starts with 1.5 million tokens and attempts to run 8 actions simultaneously: - 1\. First, the concurrent capacity check: - System checks if adding another run would exceed the worker allocation (30% or 50% of total workers) - Only actions within this concurrent limit will be allowed to start - The remaining actions wait in a ‘pending’ state until there is capacity (either concurrent action usage falls below the limit, or sufficient tokens are available) wait for capacity - 2\. Then, for the running actions: - Each action running for 10 seconds consumes 10,000 tokens (1,000 tokens/second × 10 seconds) - Total consumption is 50,000 tokens (5 actions × 10,000 tokens) - The story still has 1.45 million tokens available - 3\. When any of the running actions complete: - Concurrent capacity becomes available - The system checks token availability (1.45 million remaining) - If tokens are available, the next waiting action can start ### Autoscaling to keep up with the demand We ensure that our workers can auto-scale to match story run demand as needed in the Cloud. This is based on the percentage of workers currently available to process action runs on a stack. If the system notices that the percentage of workers available is less than the defined set of thresholds, workers are automatically scaled up. We do this preemptively to ensure action runs are not queued for too long. Implementing fair orchestration in our action run logic ensures all stories receive an equitable share of compute time, and to ensure action runs are processed consistently with balanced worker allocation across the stack. Our goal here is to guarantee your action runs are getting enqueued and started as swiftly as possible, always. ## High priority stories Tines allows you to designate specific stories as high priority. This is useful when you have critical workflows, such as incident response or time-sensitive alerting, that must process action runs as quickly as possible, even during periods of high load across your stack. ### What does high priority do? When a story is marked as high priority, its token bucket capacity is doubled from the standard limit: | Story type | Token bucket capacity | Worker time equivalent | | --- | --- | --- | | Standard story | 1.5 million tokens | 25 minutes | | High Priority story | 3 million tokens | 50 minutes | This means a high priority story can sustain significantly more concurrent action run processing before its token bucket is depleted, reducing the likelihood of action runs entering a pending state during heavy usage. > Note: High priority only affects the token bucket limit. Concurrent run limits (50% of total workers for single-tenant stacks) still apply equally to all stories. ### How to mark a story as high priority To designate a story as high priority: 1. Open your story in the storyboard. 2. In the properties panel, locate the High Priority setting. 3. Select **High priority**. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2329217106/7d411393e6fbb7ca2e7d3afd2318/high+priority.gif?expires=1781611200&signature=ada5956569683545026fdcb2be3257b337c1f2f6b1a9552f28e8dee24505941a&req=diMlH8t%2FmoBfX%2FMW3nq%2BgZBNRYB65HumodbnPOJ0d9iHMyacju214boL8EmX%0AmEBWb%2F3zf6T%2F7yrcT%2FX5BR07wd8%3D%0A) > Note: The High Priority setting is only available on single-tenant Tines deployments. It is not available on multi-tenant (cloud) stacks. ### When should you use high priority? Consider marking a story as high priority when: - The story handles critical security incident response where delays are unacceptable. - The story is a time-sensitive alerting pipeline that must process events ahead of other workflows. - You have identified that a specific story is frequently entering a pending state due to token exhaustion during peak load > Tip: Use high priority sparingly. Since all stories on a stack share the same pool of workers, designating too many stories as high priority may reduce the benefit for each one. Reserve this setting for your most critical workflows. ## Story toolbar The story toolbar in Tines includes our actions, tools, and templates. It is a fully customizable floating toolbar that appears as a floating panel on the storyboard, designed to help you build faster. Actions are grouped by function so you can find what you need at a glance. > Read about the storyboard in Tines in [this article](https://explained.tines.com/en/articles/12709994-introduction-to-the-storyboard). ![](https://downloads.intercomcdn.com/i/o/am0g137l/2332295854/51eb81bf7c5cce2511dde12a6b14/Storyboard+UI.png?expires=1781611200&signature=9ebe65c6414526903f7c9b958afd856d8cb5ffe74ee1c8b5a641657f973fa485&req=diMkFMt3mIlaXfMW3nq%2BgRjpAGFORIwG%2Bsz2XIlNGxx4OhYNrhgzx29%2FHNmd%0A%2BdmxfpTzxKPdqBM7wiwYVu1MZIE%3D%0A) ## Accessing the toolbar The story toolbar appears as a floating panel on your storyboard. Click on the toolbar to expand it and access the full set of actions, tools, and templates. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2325596862/18c9967a78a455dccd91739a33fc/toolbar+location2.gif?expires=1781611200&signature=b876eb0fae7522502ccbb5a0c7f9a030115bb83603f71baccac364ebefce86dd&req=diMlE8x3m4lZW%2FMW3nq%2BgXOIISpu3%2Bnvs8vPjn0dS8ODyVFsB9%2BZogLASvCO%0Al6qZ5fHoGOKo3UT3CoxZyPdAsFY%3D%0A) > **Note**: By default, you'll see the most commonly used actions ## Opening action modes Some actions in Tines have different modes, such as the event transform and AI agent actions. To access these action's modes in the toolbar, click on the actions that have an arrow in the corner of the icon. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2325286138/9e403cc920d342e534385061a35b/9f9d3037-6cb7-4917-8438-5feca6e6b734?expires=1781611200&signature=5296c8b078077788b510ce50a52b5f5408af5517e63ad192aa489308d8fc8c8f&req=diMlE8t2m4BcUfMW3nq%2BgQM1apSkfrZRTgOko3jfLT373g2YMXxEPmTbIcq0%0A13VbTc3PVmJO2uP2URgfoCiGieg%3D%0A) ![](https://downloads.intercomcdn.com/i/o/am0g137l/2325659843/b3e0db552a4c0e355117ab954792/toolbar+modes2.gif?expires=1781611200&signature=27c6aed4cbba5d7dcb78b19873328fac917370b03da6ad63b04c2642320f66c9&req=diMlE897lIlbWvMW3nq%2BgS7RJEfReZmfXsx6aOhG38hXEAP3vTXVGtDC7d4O%0AYI3G1zzI5zeN%2Bxb66GrvcyNT7Tc%3D%0A) > Read about actions in Tines [here](https://explained.tines.com/en/articles/6872936-what-are-actions-in-tines). ## Template library Templates in Tines are pre-built actions that are ready to deploy in seconds rather than building from scratch. > Read about templates in Tines [here](https://explained.tines.com/en/articles/12709787-templates-in-tines). The template library can be found within the HTTP request action. Click on the HTTP action to open up the library. Here, you can use the search functionality or navigate through the templates. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2325674120/ba578e888544b0c114d1ebbfc5f4/toolbar+templates2.gif?expires=1781611200&signature=fa007729322b41d943fcb9baa4c8651018a5a22115ab343bbe17bc7abd4432b4&req=diMlE895mYBdWfMW3nq%2BgRT7mjTwm6tt5B7xU17CImRJ5xIRKWZZDlWUFhIg%0AXyk5oIiJUUVd86M2WpYL1N%2FIAYA%3D%0A) > **Tip**: Press T on your keyboard to go straight to the templates menu ## Customizing the toolbar There are a number of ways you can modify the story toolbar to suit your own preference. A custom toolbar is saved for each user, per tenant — so every team member gets a toolbar tailored to how they work. ### Add an item to the toolbar Simply search for a template or action, then drag and drop it onto the toolbar. You can search by either using the search functionality in the toolbar or by navigating through the actions. > **Tip**: Press A on your keyboard to open the search in your toolbar ![](https://downloads.intercomcdn.com/i/o/am0g137l/2325625884/e8b0761e6c73dc8b67b9eb04aca0/toolbar+add2.gif?expires=1781611200&signature=b889c96088b7c18b35eeef1fb7fd68e5e3a2c2fb5f373af0e6aea8e00b25972c&req=diMlE898mIlXXfMW3nq%2BgRunpqlC1i4QY%2BoTBeqhYhiTGw8tL3A%2Boi2umfkH%0AhB9YkHR8S%2Fuc1fXaYfjZjQrkp40%3D%0A) It is possible to add specific action modes to the toolbar. For example, you can add the explode mode for the event transform action directly on your toolbar. > **Note**: There is a 14 tool limit on the toolbar. ### Remove an item from the toolbar To remove an item from the toolbar, open up the popup menu and drag the item you wish to remove. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2325608837/09efa91836244de4dd16753eacdf/toolbar+remove2.gif?expires=1781611200&signature=7bdcd2e159a61fc08cdc8a102205d7256e11d389e195487ce65921af2291624d&req=diMlE89%2BlYlcXvMW3nq%2BgRiuZg9DoD7sCRyUHmAvkRT4kFEktrlHlCcTMKvQ%0Avz4hC6lOUs%2BL2OeP2gFLDl8Obc4%3D%0A) Alternatively, you can right click on an item and click on **Remove from toolbar**. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2359869946/96734ec6bce36d382dbf31e43297/CleanShot+2026-05-07+at+09_25_35%402x.png?expires=1781611200&signature=62b7205f0884904df7c4b9d433f2823dea91104de27945d27c61499bddd90869&req=diMiH8F4lIhbX%2FMW3nq%2BgTmiVka8%2FPsAJnQHUyxEHPYzNZPKI4hvWPLdjq7w%0Ad5TUzj0BODh7fiPnvkoH3UcEvEA%3D%0A) ### Rearranging the toolbar You can easily rearrange the order of your items in the toolbar. Just drag and drop the items you wish to move around. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2325589295/f342ea65743724fb29a43099e816/Toolbar+rearrange2.gif?expires=1781611200&signature=5d09c1cd2986a53a3eed1cc776a4406c4db8cfcfa620aab0428753f8b2707574&req=diMlE8x2lINWXPMW3nq%2Bgd8VAtrgdskJqMzjTmzsn5aEniDw0GyITKFEH913%0A0G1DMJvAtWdgv4LBNCu%2B2abUISw%3D%0A) ## Sublime Security Authentication Guide Sublime is the world’s first open email security platform that lets anyone write, run, and share rules in a universal domain-specific language (DSL) to block email-borne attacks, hunt for threats, and more. ## First, get a Sublime Security API key 1. Login to your Sublime Security account at [https://platform.sublimesecurity.com/login](https://platform.sublimesecurity.com/login) 2. Click "API" and then click "New Key" ​ ​ ![](https://downloads.intercomcdn.com/i/o/860298960/bea303388aa428477d0ba713/image.png?expires=1781287200&signature=989e173eb3bda798ce75aa453bda58d94a639cc60a220e5dd5174dc478d1f981&req=fCYnFMB2lIdfFb4V1XW4gQgXFrNwXDvqGYwi5YIDHf0X6SvsyxW0evSa2WAo%0AgBMZyqhQEtvHBzMde6H%2F3HYpfg%3D%3D%0A) ​ 3. Name the key and click "Create" 4. Copy your "API key" to a text editor ​ ![](https://downloads.intercomcdn.com/i/o/860299289/41ac8b5cdbe041e6879454e0/image.png?expires=1781287200&signature=295739bcbac5070c991a9cc45c68d90c92d040cb5702ebdba517415d3b2160d5&req=fCYnFMB3n4lWFb4V1XW4gT3ZOGCCIc4a4CzNk4kBezq9p%2BFM4hiId%2Bu7O0Bd%0AgX1J2uXaujlTmpF%2F6771vqrNtQ%3D%3D%0A) ​ ## Then, create a Sublime Security credential in Tines **Sublime Security connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Sublime Security" and follow the prompts to connect. **Manual credential creation** This method is not recommended as the Sublime Security connect flow creates this credential with much less complexity. However, if you need to create this credential set manually, see the following steps below: 1. Click "+ New Credential" and select "Text" 2. Input the values for the Sublime Security credential 1. **Name:** Required 2. **Description:** Optional 3. **Value:** Your copied API key value 1. **Domains:** Your Sublime Security API domain. For Sublime Cloud customers, it is \`https://api.platform.sublimesecurity.com\` 2. **Access:** What other teams can also use the API > Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/sublime-security). > > For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines). > > You can find a selection of Sublime Security stories in the [story library](https://www.tines.com/library?s=sublime%20security&view=all) ## Sumo Logic Authentication Guide Sumo Logic enables customers to deliver reliable and secure cloud-native applications. They help practitioners and developers ensure application reliability, secure and protect against modern security threats, and gain insights into their cloud infrastructures. Customers around the world rely on Sumo Logic to get powerful real-time analytics and insights across observability and security solutions for their cloud-native applications. ## First, get a Sumo Logic Access Key and Access ID 1. Login to your Sumo Logic account 2. Click on the user menu and click "Preferences" 3. In "My Access Keys", click "+ Add Access Key" ​ ​ ![](https://downloads.intercomcdn.com/i/o/929250434/7fe83cd58250e157489bffa9/image.png?expires=1781611200&signature=91845313ab74937d29c312a77a7a88ac19c26a2c8b27faf05e71b6c0379635d8&req=fSIuFMx%2BmYJbFb4V1XW4gSg5HBdoUeRgxO6bgZZoBghsqtI%2FZC1vJ9aFyxO%2F%0AsCP5ujJpjWyoS0ZyU1TWPIs8CA%3D%3D%0A) ​ 4. Name the Access Key and click "Create Key" 1. Optionally, you can add domains to the allowlist one at a time by clicking "Add" ​ ![](https://downloads.intercomcdn.com/i/o/929250997/571812ba9dcee90a25194c50/image.png?expires=1781611200&signature=d5e20bb2afad945bea1fffeaf0099ec3fd5660c9bd20e777afa7f218890709b1&req=fSIuFMx%2BlIhYFb4V1XW4gc7DEcIBeDnIKS1IUk4YlWX8P5bfwBmdkWdTl3Bw%0AXepjytd5kMBuPcp5%2FxcJDgvfmg%3D%3D%0A) ​ 5. Copy both your Access ID and Access Key to a text editor and click "Done" ​ ![](https://downloads.intercomcdn.com/i/o/929252269/a7c8407c772bb767dfb82ba5/image.png?expires=1781611200&signature=016c3460411b3dcb0c52d256808ffa702242326258b07a36f56909a2d569b5c7&req=fSIuFMx8n4dWFb4V1XW4gZLiQE8LtV3clxgSNCfUJrQ3RhNQJ0%2BFkK2oEZ44%0An4nP7vPaEtGIGNhxUqFOWNWVyg%3D%3D%0A) ## Lastly, create Sumo Logic credentials in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Sumo Logic" and follow the prompts to connect. > **Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/sumo-logic).** > > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Sumo Logic** **stories in the [story library](https://www.tines.com/library?s=sumo%20logic&view=all)** ## Sysdig Authentication Guide Sysdig is a universal system visibility tool with support for containers. What makes Sysdig special, is that it hooks itself into the machine’s kernel and segregates the information on a per-container basis. ## First, get a Sysdig API key 1. Login to your Sysdig account 2. Hover over your username and select "Sysdig API Tokens" ​ ​ ![](https://downloads.intercomcdn.com/i/o/905910928/69f7ad8c6527d3210c3a3612/image.png?expires=1781611200&signature=9197d51d7c746382606ab3930ef490613317b4ca60afeb3f11590028ae905f0c&req=fSAiH8h%2BlINXFb4V1XW4gcGvmW7YSnY%2BuvJT3Zyjca%2Bz6xycbMreP0sD8w66%0AoVDIJGdE7%2Bm68iDNVzx86s7QnQ%3D%3D%0A) ​ 3. Copy your API Token ​ ​ ![](https://downloads.intercomcdn.com/i/o/905911241/6a37fdefbccade9127f9e643/image.png?expires=1781611200&signature=393360e761349b481544fec63b60ff8e316285ec919eb9a9ab60bcb23f8d9361&req=fSAiH8h%2Fn4VeFb4V1XW4gW5YbipKaC7Y1GiESs%2Bbcb2byjeUB1djdW9S7PNW%0AANZuvqjyRC%2BBBAe0F3R6wXxmRw%3D%3D%0A) ## Lastly, create a Sysdig credential in Tines **Sysdig connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Sysdig" and follow the prompts to connect. > **Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/sysdig). > For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Sysdig** **stories in the [story library](https://www.tines.com/library?s=sysdig&view=all)** ## Tanium Authentication Guide Tanium is a cloud-based endpoint management solution, which assists large enterprises and government organizations with firewall management and threat monitoring. Key features include policy enforcement, status tracking, incident management and reporting. ## First, get a Tanium API key 1. Login to your Tanium account 2. Click on "Administration" and the click "API Tokens" ​ ​ ![](https://downloads.intercomcdn.com/i/o/929238060/fda0ca69a635af5ffec3175e/image.png?expires=1781611200&signature=4bcda61bd4018fbc9f5aa2785efe1c77b6d375b80ce2327dee266efc386287e3&req=fSIuFMp2nYdfFb4V1XW4gSqOY6SAr2B8SuxPgPTikePv2n58PKOpcGFMDqeJ%0AEtSqHwiRXgPOqhz3meaZCnumAQ%3D%3D%0A) ​ 3. Click "New API Token" ​ ​ ![](https://downloads.intercomcdn.com/i/o/929239997/b458690929c785443d2d4a9c/image.png?expires=1781611200&signature=d43a1258203e69d8422995a8fa42131cd89103da1ed00cca439dee7b1927265b&req=fSIuFMp3lIhYFb4V1XW4gYRkjZX804BHzUoaORFTWhfHGnLubRzDOmX9oaNT%0AGBKyuV6qyzmnSgm43BsGMzj8Pw%3D%3D%0A) ​ 4. Give the token a descriptive note, set an expiration, add a trusted IP address and click "Save" ​ ![](https://downloads.intercomcdn.com/i/o/929240102/ffb61257fc3caadda8f90819/image.png?expires=1781611200&signature=ed73c0b75d211cf776ba337d5f77dde439410a86059b50ce95b45e7c7dfe1216&req=fSIuFM1%2BnIFdFb4V1XW4gc0D5aq5rpU0vBHv0AKRzwW7JF5jVQQzSg%2Bk5KJg%0A6uSHt3rc%2BwsZlXGvE5p%2FmI%2FqPQ%3D%3D%0A) ​ 5. Click "Yes" ​ ​ ![](https://downloads.intercomcdn.com/i/o/929240224/62eec815efef71e687ec1d62/image.png?expires=1781611200&signature=0ebe9168d3f85796a65ff8008ac6228d7d7a3ee843a6c81d813043d230eb7654&req=fSIuFM1%2Bn4NbFb4V1XW4gXsaIOMDGKQ%2F3dSuXr7rBA%2BYvpInmElvKzp14B2H%0APfwDn5pQxXeRTjSR0zaTg%2B2T%2BQ%3D%3D%0A) ​ 6. Copy your API Token to a text editor ​ ​ ![](https://downloads.intercomcdn.com/i/o/929241529/96ef48583fef0f973055b1b4/image.png?expires=1781611200&signature=f4f18b61f9a9ef604e467dfa307972a6e6665f90b59b1599650ff011b8d4376e&req=fSIuFM1%2FmINWFb4V1XW4gS%2BiU0ROfPfsAWlTgYVU3hVCmue6ck6mS2Ky5UqC%0AiyxTVDhOWDwLP%2FzvULOf5fVVNg%3D%3D%0A) ## Lastly, create a Tanium credential in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Text" 4. Input the values for the Tanium credential 1. **Name:** Tanium 2. **Description:** Optional 3. **Value:** Your API Token 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API 6. Click "Save" > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Tanium** **stories in the [story library](https://www.tines.com/library?s=tanium&view=all)** ## Teammate credential access ## Creating credentials Users with **admin** or **editor** roles within Tines can create credentials. ## Viewing credentials Users with a **viewer** role have the ability to "look" at the credential by clicking it under "Credentials" in the team, so they could look at how a credential is configured. They can only see \*\*\*\*\*\*\*\* for any sensitive data. ## Deleting credentials Tenant owners can delete any credentials across all teams Team admins can delete credentials created within their assigned teams. > **👉 Learn more about roles in Tines [here](https://www.tines.com/docs/admin/teams/).** ## Technical Limits Included below is a list of some of the limits to be aware of when building in Tines: | Item | Limit | | --- | --- | | Event | 100MB | | Record File Attachment | 10MB | | Page file upload | 20MB | | HTTP Request | 30MB | | Event Transform | 50MB | | Webhook Payload | 30MB | | Resource | 5MB | | Downloads | 75MB | ## Templates in Tines Templates are your secret weapon for building powerful automation quickly and consistently. Think of templates as pre-built action patterns that are ready to deploy in seconds rather than building from scratch. ## Template types There are two types; public and private templates. ### **Public templates** These ready-made configurations connect to popular services and products. Simply drag the product onto your storyboard, select your task, and the template handles the complex configuration details automatically. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1807150992/84908a0f923b8862b64a5cd232db/templates.gif?expires=1781611200&signature=30910d2d7f4938a9f77d86585335bbd84ceac66ea8b5b4aeb5095aed785ab978&req=dSgnEch7nYhWW%2FMW3nq%2BgXpuovctCMf0UOxiIPMEi4d5NgzNWYh5WRnlWT%2Ff%0AWa3mwC0VV6oxpVfSvNtpr9s0oC8%3D%0A) ### **Private templates** Create your own reusable patterns for team-specific needs. These custom templates become your automation building blocks, ensuring consistency while dramatically reducing build time. To access your private templates, click on your user menu → **Templates**: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1806474981/42f3a15d47c6f93486dd918d4cbc/Screenshot%2B2024-02-12%2Bat%2B11_39_53%2BAM.png?expires=1781611200&signature=5f0e88cc866fea7e777ea4c42701627c01917de441813aee03fe5e12945431b3&req=dSgnEM15mYhXWPMW3nq%2BgRVHVX2jr7TF4kUgLEiFQ7Jzq%2BpzcY50yUcDOtG4%0A3wn0HBNu1QddJJE%2F%2B9FrDH%2B7W3s%3D%0A) #### **Edit private templates** To edit a private template: Within the **Templates** menu, click on the template you wish to edit to open the **Edit Template** window: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1806474980/e78918e44254bdde5dbd37092eb3/Screenshot%2B2024-02-12%2Bat%2B11_44_35%2BAM.png?expires=1781611200&signature=d06f1ebba8ae22b2b5cc6668cb8a8073ef6c34c6b0d6d55c70ee822a00fd3b7c&req=dSgnEM15mYhXWfMW3nq%2BgRXoTaQMHWlVDa03TWPBsQo%2FNPQHw8LUnTGt3l61%0A8kGstmKFjsyuZvMuhelBDk19A%2BE%3D%0A) #### **Delete private templates** To delete a private template: Within the **Templates menu**, click on the three-dot menu next to the template you wish to delete → **Delete**: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1806474979/8e88eaa10363855ac352102a6c18/Screenshot%2B2024-02-12%2Bat%2B11_45_52%2BAM.png?expires=1781611200&signature=e49952c8079e1025d43f3273e303786b95c4eb96f5ee0359205362957ccb0d8f&req=dSgnEM15mYhYUPMW3nq%2BgbjXKzLWVAaG4jjFycMQaAqb%2B7puiOpYnL0VtYkR%0AGlq%2BZeYzYiMcAmBPZDsjpTKNWrQ%3D%0A) #### Filter private templates Filter your private templates by product by clicking the All Products drop down menu at the top of the templates menu screen. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2269941859/b6c6463c2ca5baafe22f574d9727/filter+templates.gif?expires=1781611200&signature=4aae625130474553c4f30b3e96cb8546641ae54f705de8035b7289f18dfe345c&req=diIhH8B6nIlaUPMW3nq%2BgQa51B7dsJevK%2Bm2ovMSBOZKqGMNUYo8fcFlltAx%0A9DY6qziFKPmJDmtlWmCg7fByonA%3D%0A) > **👉 For more information on private templates, see [here](https://www.tines.com/docs/actions/templates/private-templates).** ### Templates best practices To get the most from templates: - Start with templates, then customize: Begin with a template and adapt it to your specific needs rather than starting from zero - Create templates for repetitive patterns: If you find yourself building the same action structure repeatedly, convert it to a private template - Document your custom templates: Add clear descriptions so your team understands when and how to use each template - Keep templates focused: The best templates solve specific problems rather than trying to be all-purpose ## Tenant event limits: Best practice guide Effectively managing your event limits in Tines is crucial for ensuring the smooth and continuous operation of your intelligent workflows. By proactively configuring limits and setting up timely alerts, you can prevent a single active team or runaway story from consuming your overall tenant capacity. [This article](https://explained.tines.com/en/articles/12688669-what-s-an-event-in-tines) will give you a refresher on what an event is and what the event limits are for each plan in Tines. Here are the best practices for managing your tenant event limits: ## Allocating limits to teams A best practice for tenant owners is to strategically allocate event limits to individual teams. ### Prioritize active teams Allocate a higher number of events to your most active teams. This prevents one busy team from exhausting the overall tenant limit and impacting other teams. For example, a tenant owner can assign 15,000 events to the security team from the 20,000 total tenant-wide limit. > Note: While stories within your Personal team do not count towards licensing (as they cannot be published), they do count toward your overall tenant-wide event limits. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2196116345/177a38dfaa19e3c637bc3ecf7fbb/tenant+team+limit.gif?expires=1781611200&signature=623005f3354c42809c99aee300209a75d82480b91f8a30e10b1671ec08dfe3b2&req=diEuEMh%2Fm4JbXPMW3nq%2BgYCsvvjSwGDhkSBuyImHhu0Il4dBZmmR%2BJRYUJ1Y%0AfxpDXt40mL4m%2BrrG8567SB0Ejiw%3D%0A) ### Tenant health You can utilize the tenant health page in Tines to identify which stories and teams to prioritize. The tenant health page includes a "Most active stories" graph that you can see in the below image along with a list of the most active stories (via action runs) and their associated team for a given timeframe (default: 7 days). ![](https://downloads.intercomcdn.com/i/o/am0g137l/2196116667/cbcb1f300f8f373cd58e34e860d2/d4795f2f-6eff-4e20-ba75-ec843e6e588f?expires=1781611200&signature=31853d59391ec6fc51749a491bc5eaac3bec7cef7a51833d9cbacefa57c5aed7&req=diEuEMh%2Fm4dZXvMW3nq%2BgQvubeg29XhZWiwQVdwZot6F5fKVYATEXnsXAKGT%0ARG6ffrLssANyxeh5PcQg4zzpUko%3D%0A) You can use this information when allocating team event limits, especially in longer-standing tenants where your teams' needs change. ## Configuring timely notifications Timely alerts are essential for staying ahead of your event usage. Automated notifications are sent to story owners and tenant owners once usage reaches 80% and 100% of the daily limit by default. Tenant owners can manage event limit settings for tenant-wide, team, and global story thresholds. ### Set custom thresholds Utilize custom notification thresholds to receive alerts before reaching critical limits. You can set notifications to trigger when an event limit from 40% is reached. ### Choose your notification method Alerts for event thresholds can be delivered via two primary methods: - **Email**: Send notifications via email to configured recipients. - **Webhook action**: Route notifications through a [webhook action](https://www.tines.com/docs/actions/types/webhook/) to external platforms such as Slack, Microsoft Teams, or Jira. This method allows you to build a story that sends alerts from the webhook action to a specific channel or automatically opens a ticket when limits are approached. ### Notification recipients When managing event limits, you can specify who receives notifications for threshold alerts, this includes both users and webhooks. You can also specify which team's limits they should be notified about. For example, a team admin for the security team can be configured to receive alerts specifically for that team's limits, without having visibility into the tenant-wide limits. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2196118942/60d26707113d09bd92d1edb29dc8/4327f3c8-7fac-4115-98c8-08972dfa7180?expires=1781611200&signature=c7281d61d689a7136f7d34bfc8c470d768f18d6a34f3ea6b49cb8241b0c04579&req=diEuEMh%2FlYhbW%2FMW3nq%2BgQu6kK1MuC3TAmTyToHtarmy5dgVZhUCyK8jpnpP%0AF6%2Bf9rq9d224neVw%2BSqRN%2Ft5HUc%3D%0A) ## Increasing your event limits If your tenant is consistently hitting its maximum daily event limit, you will need to discuss an increase with your account owner. > Note: Tenant wide and global story event limits are configurable on self-hosted tenants. Read more on event limit settings in our docs [here](https://www.tines.com/docs/admin/event-limit-settings/). ## Tenant owners > **Note:** A Tenant owner is required to create another tenant owner. If the existing tenant owner is unavailable, [contact](https://www.tines.com/getting-answers-to-your-tines-questions) us—we’re here to help. Tines can promote ***existing*** users to tenant owners for your tenant. Contact [Tines Support](https://www.tines.com/contact) and provide the following information: - The full tenant URL. (i.e. `https://your-tenant-domain.tines.com`) - The user's email tied to the account within the tenant. - Someone within the tenant (it cannot be the requester) will need to provide us with a secondary approval for this change. They can send an email to [support@tines.com](mailto:support@tines.com) that states “I approve (user's email here) to be added as a tenant owner." Once we have obtained this information, our team can begin processing your request. Requests can typically take up to 48 business hours to complete. > **Tines Tip:** For more information around tenant owners and other roles, read more here: [User administration](https://www.tines.com/docs/admin/user-administration) You can also create tenant owners within your tenant. Select the menu at the top left. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1810213921/f2dc528f4a55ec1e5e68d87918e7/Screenshot%2B2024-08-27%2Bat%2B09_42_04.png?expires=1781611200&signature=b9d432b40b6f1cef6115d002bd06dfc005041fe6fc4bb9ee7d6008a65b62b93c&req=dSgmFst%2FnohdWPMW3nq%2BgRvs5wYBQ1idUrzdsmXTPHhiqFAMQpCHD1KprUG1%0AjQaw2qri6jRC3Zm1Vzle31yJ3Rs%3D%0A) Select "Users" and double-click on the user you wish to make an owner. Toggle the "Tenant Owner" button as needed. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1810215242/3db5da3a3a81d7f014b1b5c98949/CleanShot+2025-11-03+at+10_33_35%402x.png?expires=1781611200&signature=6d71bdf00cc6eb807a04429708bc508a853884b18f28b349d2ee73f4cdd2611e&req=dSgmFst%2FmINbW%2FMW3nq%2BgRqv7tjJmTHKpx4iS%2FZ0sWbFxIxVVUDjKmAan%2F3u%0AAZy%2BI7XBNoouSOKCDKg9omSSJo0%3D%0A) > **Note:** To receive emails regarding your tenant and tenant limits, you must be a tenant owner. ## Tenants and teams Understanding the structure of tenants and teams in Tines is essential for building a scalable, secure automation program. This organizational framework determines who can access what and how your automation assets are managed. Tines' tenant and team structure provides: - Clear boundaries between different automation domains - Appropriate access controls for sensitive workflows and credentials - The ability to share resources selectively across teams - A foundation for scaling your automation program as it grows ### **Understanding the Hierarchy** **Tenants** are your organization's Tines instance that are created when you purchase a Tines plan or sign up for the community edition. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1807124667/5923d8e8c0a467880723413765e6/CleanShot+2025-10-31+at+17_22_56%402x+copy.png?expires=1781611200&signature=9ebe367db2d658dca7446457e4cd63b97f4b24447ff32030a7d1c6a7cddac546&req=dSgnEch8mYdZXvMW3nq%2BgWqOg%2Ft50F0Dz0%2FjU%2Fg470LicDH6lEYkD2oP4X6h%0AheadfSDhb%2F7noQL%2BHjC0qSQNERw%3D%0A) **Teams** are workspaces within your tenant where specific groups collaborate. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1807125144/49197cbd27d36f6f0c1239831511/CleanShot+2025-10-31+at+17_22_56%402x.png?expires=1781611200&signature=2f4e0e0a994a100b18293b17b49f8167f0e00f8e5f9ba7e33dca85cbcc156efe&req=dSgnEch8mIBbXfMW3nq%2BgUegOTGXF264snVWcsAV1K9bd3caGHIZK4FqzYBI%0AaCUdY2AfqNFexNKIGOML9Y97CCc%3D%0A) Each team has its own: - Members with defined roles (Admin, Editor, Viewer) - Stories (workflows) - Resources and credentials - Access controls ### **Best Practices for Tenant and Team Organization** To build an effective automation ecosystem: 1. Structure teams around functional areas: Create teams based on departments or functions rather than projects. 2. Use roles strategically: Assign team roles based on what members need to do - not everyone needs admin access. 3. Share resources thoughtfully: Make common resources available across teams while keeping sensitive credentials restricted. 4. Plan for growth: Design your team structure to accommodate your organization's future needs. By thoughtfully designing your tenant and team structure, you create an automation environment where collaboration is enabled while maintaining appropriate security boundaries. ## Tenant settings Tines settings provide tenant owners and administrators with centralized control over their workflow environment. From managing user access and authentication to configuring security controls and AI providers, settings enable you to customize Tines to meet your organization's specific requirements. ### Where to find settings To access settings in your Tines tenant: 1\. Click on your team name in the upper left corner 2\. Select "Settings" from the dropdown menu ![](https://downloads.intercomcdn.com/i/o/am0g137l/1811007303/c5dfcf5e19ad3538823f35fb533d/CleanShot+2025-11-03+at+17_23_55%402x.png?expires=1781611200&signature=6b7c0b16727663be8d423fff92ee8f3b3a79d673acee114708a71f180b2009c2&req=dSgmF8l%2BmoJfWvMW3nq%2BgT24PGLoB8oMf8Nwj5oGiPlhFUXmQFsP0ofEnstd%0AcxyfO0ePwtAJSA8XtDurbte5H6Q%3D%0A) The settings interface is organized into these main categories: - Misc. - Configurations - Access & security - Monitoring > You can hit **/** anywhere within your settings to start a search. #### Misc. These are commonly used settings: - **Users:** Manage who has access to your Tines tenant, assign roles, and control permissions. Add new team members, adjust their access levels, and organize users into appropriate teams for collaboration and security. - **Templates:** Create, edit, and organize private templates for your team. - **Credentials:** Search through all connected credentials and control which teams can access specific credentials. Credentials can be deleted from here too. New credentials cannot be created from this view. - **Page access:** Review pages created in Tines. View in story, preview and customize from this view. New pages cannot be created from this view. #### Configurations - **Action settings:** Configure default behaviors and parameters for actions across your Tines environment. Manage code execution, page settings and MCP server settings. - **Al settings:** Manage how AI capabilities are integrated within your Tines environment. Control access to AI agents, configure model preferences, and set usage parameters to balance capability with security requirements. - **Change control:** Implement governance for workflow modifications with draft and approval processes. Enable version control for your stories to prevent unauthorized changes to production workflows and maintain a history of modifications. - **Feature flags:** Toggle experimental or optional Tines capabilities on or off for your environment. Control access to new features, beta functionality, or specialized tools based on your organization's needs and readiness. - **Event limit settings:** Manage the maximum number of events that can be processed within your Tines environment. Set event threshold alerts and add notification recipients. #### Access & security - **Authentication:** Configure how users access your Tines environment. Set up single sign-on (SSO), enable session timeout duration, force session expiry and configure user provisioning. - **API keys:** Create, rotate, and revoke API keys that allow external systems to interact with your Tines instance. - **Login notice:** Customize the message displayed to users when they log into Tines. Create informational banners, compliance notifications, or important announcements that appear during the authentication process. - **Action egress:** Configure an IP or FQDN allowlist to restrict access to the destinations where HTTP Request Actions are allowed to make requests. - **Custom cert authority:** Upload and configure custom CA certificates to enable Tines to establish trusted connections with internal systems using self-signed or private certificates. - **Story allocation:** Manage story capacity by allocating story limits to the teams within your tenant. - **Sender emails:** Add custom email sender addresses used when Tines sends notifications. #### Monitoring - **Audit logs:** Review a comprehensive history of activities within your Tines environment. Access detailed records of user actions, system changes, and automation executions for security monitoring, compliance reporting, and troubleshooting. ## Text Mode vs Formula Mode: Handling Complex Data in Tines ## Overview When building workflows in Tines that pass complex data structures between actions, you might encounter errors when APIs expect specific data types but receive incorrect formats instead. This commonly occurs when working with structured data like arrays or JSON objects that need to maintain their format when passed between actions. You, as a Tines user building workflows with structured data, need to understand the difference between text mode and formula mode when referencing data. This behavior occurs specifically when referencing output from one action in another, particularly when working with data types that need to preserve their structure rather than being treated as strings. ## Cause and solution ### Cause One The default "Text" mode in Tines treats all referenced values as strings, even if they're actually arrays or objects. When you reference the output of an action that returns a complex data structure using the default text mode, Tines adds quotes around the entire structure, converting it to a string. The receiving action or API then tries to process this as the original data type but finds a string instead, causing errors. > **🟢 Solution:** Change the data type from "Text" to "Formula" in the action configuration panel. In the properties panel on the right side of your action, locate the field where you're referencing the data, click on the data type indicator (which shows "Text" by default), and select "Formula" instead. This preserves the original data structure rather than converting it to a string, ensuring that arrays remain arrays and objects remain objects when passed between actions. > > ![](https://downloads.intercomcdn.com/i/o/am0g137l/1801567440/0d4a1fd5cfbb9463f7fefedc6721/image.png?expires=1781611200&signature=919d7f80386e05c7f26ec7f1320b4ca2c7862d85ab6c4bb95fca2814cf734b9d&req=dSgnF8x4moVbWfMW3nq%2BgTtHdyetX0lt5EZkXYF0oOth1KtkOGjffBI9DmwV%0AKCHmyKp%2BQn27xTxIX7I4%2F5VLg%2FY%3D%0A) ### Cause Two The data structure you're trying to pass might not match what the receiving action or API expects. Even with formula mode enabled, if the underlying data structure doesn't match the expected format, you'll still encounter errors. > **🟢 Solution:** Verify that the data you're passing matches the structure expected by the receiving action or API. You can check this by adding a debug action or examining the event logs to see the actual structure of your data. If needed, use Tines formulas or script actions to transform the data into the correct format before passing it to the next action. ### Troubleshooting checklist ✅ Check the data type setting for fields that contain complex data - switch from "Text" to "Formula" mode. ✅ Verify the structure of your data matches what the receiving action or API expects by examining it in the event logs ✅ Use the TYPE() function in a formula to check what type of data you're working with (e.g., TYPE(action\_name.output)) ✅ For script actions, ensure you're returning data in the correct format (arrays as arrays, objects as objects) ✅ Test with simple examples first to understand how different data types are handled ✅ Remember that formula mode preserves data structure, while text mode converts everything to strings ## Need further assistance? When contacting Tines Support about data type issues, please provide: > **ℹ️ Additional context:** > > 1\. The exact error message you're receiving (if any) > > 2\. A screenshot of your action configuration showing the field where you're referencing the data > > 3\. The output of the action providing the data (with any sensitive information redacted) > > 4\. The expected structure of the data according to the receiving action or API > > 5\. Any troubleshooting steps you've already tried, especially whether switching to formula mode resolved the issue ## TheHive Project Authentication Guide TheHive is a scalable Security Incident Response Platform, tightly integrated with MISP (Malware Information Sharing Platform), designed to make life easier for SOCs, CSIRTs, CERTs, and any information security practitioner dealing with security incidents that need to be investigated and acted upon swiftly. Here's our guide for authenticating TheHive for use with Tines: ## First, get a TheHive API key 1. Log into TheHive. ![](https://downloads.intercomcdn.com/i/o/753626641/53dbdf02c00dbd16711a51ff/Untitled+%289%29.png?expires=1781611200&signature=bcd2a20ea423744700dbda43e4e94c707d103acb0eb498d4944c674c7660b5c7&req=cyUkEMt4m4VeFb4V1XW4gYh5gxBfh7OIf6lZdMNjI9bqtSgd18tceXvisEsJ%0A6jSXsLp0myMtAMFw2LFSgjp5JQ%3D%3D%0A) 2. In the top right corner, click the profile icon and select "Settings" ![](https://downloads.intercomcdn.com/i/o/753626822/6933a81685d470d5183acca3/Untitled+%2810%29.png?expires=1781611200&signature=cf43cb3e6aac8617d78f6fe0371076f61afc48a90f59b78a8d57dd767f480ff5&req=cyUkEMt4lYNdFb4V1XW4gfODsFMv%2BfoJ1970%2B3%2FgyhF%2BiZF6i8WZlvMGAl5u%0Aqi5vyXtiUk3hXt4ZXNlLSYnz3A%3D%3D%0A) 3. Choose "Create" under the "API Key" tab. ![](https://downloads.intercomcdn.com/i/o/753626937/594c901bfeca5cb3a4e7a4ec/Untitled+%2811%29.png?expires=1781611200&signature=6026208984f1aaac23f5c6125a9e439a5b60fe8e781f74d790056ef0d7fd99be&req=cyUkEMt4lIJYFb4V1XW4gWK1lWvW7XP0EeXr7QXp8vldTuR4oTvEurAkonZg%0AxWxpTp8ozlcpJFk64VMhTq1GwQ%3D%3D%0A) 4. Copy your API key ![](https://downloads.intercomcdn.com/i/o/753627058/0dc3a2b1585cc5dd4dcc2d10/Untitled+%2812%29.png?expires=1781611200&signature=deb44b31278792a058b856af15200506c98ad134f01e29352f166b923f11d033&req=cyUkEMt5nYRXFb4V1XW4gU2zqsmYxtb7d7k%2FG94IzPzZ4MOeV52YvVCGXWMr%0Akk5CVHkjNvtFYbIUk5FGp8F7HA%3D%3D%0A) ### Lastly, create a TheHive credential in Tines **TheHive Project connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "TheHive Project" and follow the prompts to connect. **Manual credential creation** This method is not recommended as the TheHive Project connect flow creates this credential with much less complexity. However, if you need to create this credential set manually, see the following steps below: 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credential" 3. Click "**\+** New Credential" and select "Text" 4. Input the values for the TheHive credential 1. **Name:** Required 2. **Description:** Optional 3. **Value:** API Key 4. **Metadata:** Select 'Enable metadata' and then paste in the following in Plain code mode. Replace the sample URL below with your TheHive Project URL. ``` { "url": "https://thcp1.aws.thehive-cloud.io/0abc1234-5678-9d01-234e-567890f123g45/thehive" } ``` 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API > Learn more about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/thehive-project). > > For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines). > > You can find a selection of TheHive stories in the Tines [story library.](https://www.tines.com/story-library?s=hive&page=1) ## The Tines Dictionary ## **A** ### API You can connect to any tool that has an API with Tines. API is an abbreviation for Application Programming Interface. APIs serve as intermediaries that facilitate communication between two applications. In Tines, we typically use API as shorthand for *web* APIs involving HTTP requests between web servers. You can even [build your own APIs with Tines](https://www.tines.com/blog/build-apis-with-tines). ### Action [Actions](https://explained.tines.com/en/articles/6872936-what-are-actions-in-tines) are the building blocks of all stories in Tines. They emit events to other actions in your story. Once you drag an action onto the Storyboard in Tines, you have started building your first story in Tines. ### Action bar The action bar is the small menu of options that appears when you select an action on your Storyboard. You can do things like run your event, test your event, and see event data for that action. ​ ![](https://downloads.intercomcdn.com/i/o/am0g137l/1937026741/eca15a499521053aabf77ebd0b30/HvgTSz49IAGvurG5eL19j1yiGG3Mw_WLzEIXq1SXcMm0vmxVNSM2_2kwRuIKefPh1n-PYynKShjY7mBvADYxBxvbocutMiryS4l7l28KxWdvg5dsJr-P7XqdGrtmB68C_OKAxOBYcPG8UxmEwaTsMnI?expires=1781611200&signature=8cf47f3b0e9b09f398b03af84363b2e1caa6a30a1ecf7547d2d62721606537cd&req=dSkkEcl8m4ZbWPMW3nq%2BgSCv3rz6xyW1brJvpgDRm%2Bst20%2F3j57CnwmYZE8G%0AuQkloRWQ7uGewuF1GOSQ%2BzjOinE%3D%0A) ### AI agent action type A type of action that's available on Tines plans with AI features which allows you to securely and privately run a large language model (LLM) at any point in your workflow. It supports two modes of operation: task and chat, enabling both behind-the-scenes automation and interactive user experiences. It allows you to configure system instructions (how the agent should behave) and a prompt (the task to be performed). You can also add tools to be used by this action. Read more [here](https://explained.tines.com/en/articles/11571096-introduction-to-ai-agents). ### **AI Lexicon** | | **Definition** | **Examples** *These are not exhaustive and are subject to change.* | | --- | --- | --- | | LLM | Large language models are the underlying transformative AI technology that both generate text and support the use of textual instructions to be turned into operations. | - OpenAI: GPT-5.2 - Google: Gemini 3 Pro / Flash - Anthropic: Claude 4.5 Opus / Sonnet - Meta: Llama 4 Maverick - Mistral: Mistral Large 3,Pixtral 2 | | MCP | Model Context Protocol is a web standard for a service to define what tools an AI system has access to. MCP is a way for an AI powered application to communicate with other applications, through a “client-server” relationship. (Essentially APIs for LLMs.) | | | MCP Client | Clients are LLM powered applications (agents, software applications etc) that want access to external tools. | - Tines: AI action - Other: ChatGPT, Claude Desktop, MS Copilot, Cursor, etc. | | MCP Server | Servers are the collections of tools that an application can make available to MCP clients. This enables MCP clients to access resources and take action. | - Tines: build MCP servers in Tines - Other: Glean MCP server, Notion MCP server | | Tools | Tools are functions an LLM invokes to achieve a task which may involve other systems. | - Tines: A create Case tool enables an LLM to create a Tines case with a custom title, description, and more. - Other: Google Workspace MCP server allows you to create a new Google Doc or gDrive. | | Agent | Agents are models acting autonomously using tools in a loop e.g. thinking, then using a tool, then thinking etc. until its purpose is achieved. | - Tines: Task Agents - Other: Glean AI agents | | Copilot | Copilots are LLM powered applications that work with a user in accomplishing a specific task. | - Tines: Workbench, Chat Agents - Other: Microsoft Copilot, Salesforce Einstein Copilot. | ### AI monthly credits All Tines plans receive a monthly allocation of credits: • Community Edition: 50 credits • Paid Editions: 5000 credits Credits reset on the first of each month and don't roll over. Each credit is equal to $0.01 USD. You can monitor the dollars in the reporting dashboard. For community users, the 50 monthly credits can be used for AI actions and Workbench (limited to 20 daily messages tenant-wide). ### AI agent system instructions System-level instructions that define the rules, context, and constraints for the AI agent action. In chat mode, this should define the agent's goal, where the chat ends when the goal is achieved. ### Apps You can build apps with Tines by configuring an exchange of user input and background automation. Think of the app’s backend as the Story run, while the user-facing page as the front end. ### Archived story A Story that has been placed into a temporary pre-trash location so that they can be recovered. These stories are not deleted until you choose to delete them. ### Audit logs Any time a user changes any piece of data in your Tines tenant, through the UI or API, it is automatically captured as an audit log. You can view your audit logs via your tenant admin menu in the top left of your dashboard when you click the Tines logo. ## **B** ### Build tab A tab in the properties panel used to configure your actions. ![](https://tines-f60bb36f92a5.intercom-attachments-7.com/i/o/789436003/21f8554e796f9f15e60d7a11/UjZVae5zJ3nCVqHxbDKM4an-zOJEnwCb5kRfVJjXJapsc7l0nPUblcRRLStp3vbFm-4R4wuQrvbHD8tWBg7MmrkQe8xMIkpwV2mkeBFwKKGTgO988_dcimcD1pPkRKCrK63c_C1stpq4AX_EGp27hMI?expires=1781611200&signature=35ccfcbd33bcdf78461e311cf74b4ebca24025687c18feba6923c1fc32e844da&req=cyguEsp4nYFcFb4V1XW4gYa%2F1Mb7qPPM19Lo6uj74eGo5K74mEiqSz7Pfaly%0AJ7oISS2TRPL9uUzNq1Y45XGKKQ%3D%3D%0A) ## **C** ### Case With [Cases](https://explained.tines.com/en/articles/7971194-introduction-to-cases) in Tines, you can work together, comment, and track activity for any alert or incident. ### Case blocks Case blocks are discrete, reorder-able sections. Each block has its own title, color, type, and visibility settings. ### Case fields Case fields let you capture custom, structured data within your cases – like ticket IDs, affected systems, or investigation outcomes – beyond built-in case properties like name, status, and priority. ### Case input A form-based input mechanism that allows users to manually provide data into a Case, typically surfaced through a Tines Page or form associated with the case. ### Case input validation option A rule or constraint applied to a Case Input field to ensure the submitted data meets certain criteria (e.g., required, specific format, value range) before it is accepted. ### Case template Pre-built structures for cases that include pre-defined fields, notes, and metadata. These types of templates allow you to quickly create new cases without starting from scratch, which is especially useful for workflows your team handles repeatedly. ### Change control With [change control](https://www.tines.com/docs/stories/change-control) in Tines, you have two working spaces for each Story; test and live. These environments run independently of each other without any interference. You can enable Change control in the manage dropdown menu above your Storyboard. When your story is ready, admins can push story changes from test to live. ### Credentials Authentication keys for the various systems and services you connect with Tines. Your [credentials](https://www.tines.com/docs/credentials) are saved in Tines, and accessible via the team they are saved within. ### Command menu You can access a list of quick actions by using command+K in Tines. ### Command over HTTP [CoHTTP](https://www.tines.com/docs/admin/command-over-http/) is an add-on feature that allows your Tines tenant to make programmatic calls to systems running on your private network, which may not have HTTP interfaces. It is deployed as a container service within your network, and has the capability to execute Python, Bash, and PowerShell scripts there. ### Condition action type One of the eight action types in Tines. With a condition action type you can define the rules or conditions that determine what happens in your story. The condition action compares the contents of a field from an incoming event with predefined rules. When the rules match, an event is triggered. ### Condition rules Rules determine when and how condition actions should fire. Connect flow The mechanism in the Tines tool which guides users through the process of creating a credential for a specific product or tool. Each [connect flow](https://www.tines.com/docs/credentials/connect-flows/) is unique to its product and via secure browser window-to-window communication, will create a credential for the user in the team where the flow was completed. It supports creating various types of credentials including managed OAuth-type credentials (not available for self-hosted tenants). ## **D** ### Deduplicate mode A mode of the event transformation action. Deduplicate mode is available in any [event transform action](#h_b344acf839). You can specify a field in an incoming event and only emit the event if that field contains a unique value. ### Delay mode A mode of the event transformation action. With delay mode, you can deliberately pause a story for a set number of seconds before emitting an event. More in our docs [here](https://www.tines.com/docs/actions/types/event-transformation/delay). ### Dedicated cloud tenant A **Tines dedicated tenant** refers to a separate, isolated instance of the Tines automation platform that is set up exclusively for a single customer or organization. In other words, it’s a private version of Tines where all the data, workflows, and automations belong to that specific customer, ensuring security, customization, and resource allocation tailored to their needs. ### Deleted story A story that has been permanently deleted after having been archived. These types of stories, cannot be recovered. ### Description The descriptive text you can provide about your story, action, page, record, or other story components. ### Drafts A private place to build stories on your own before moving them to a team when you’re ready. ## **E** ### Editor An editor in your team is a user that has read and write permissions to *most* objects across a team, but they cannot manage member access to the team or perform destructive actions. This role is helpful for most users who need the ability to create, edit, and run Stories in Tines. ### Element Actions, tools, or templates you can pull onto the Storyboard to begin a workflow. ### Emits The process by which an action generates and sends an event to subsequent connected actions within a Story. ### Event transformation action type (ETA) One of the eight action types in Tines. Use the [event transformation action type](https://www.tines.com/docs/actions/types/event-transformation) to modify and transform incoming events or data for further downstream processing. It has several modes: message-only mode, extract mode, explode mode, deduplicate mode, delay mode, implode mode, and throttle mode. ### Events Structured data sent between actions within your stories. Every time an action runs, it produces an event that describes the outcome or result of the action. This event is passed to other actions connected downstream. More about events [here](https://explained.tines.com/en/articles/6877834-what-are-events-in-tines). ### Event viewer A panel that appears at the bottom of the Tines storyboard UI when viewing the event details for a selected action. This panel will also show the event details for upstream actions. ### Extract mode A mode of the event transformation action. Extract mode allows you to use regular expressions to extract text from fields in incoming events. ## **F** ### Favorites View a list of your favorite stories in your tenant. Favorites are available in the top left menu in your dashboard. ### Flow A flow is a connected set of one or more elements, that can run automatically. In product terms, it is defined as: • 2 or more connected elements that can run autonomously • 1 or more scheduled elements ### Folder Stay organized by sorting your stories into folders in your teams. ### Formulas and functions Just like in spreadsheets, [formulas](https://www.tines.com/docs/formulas) allow you to transform data in Tines. You can reference event data from upstream actions or other data sources like resources and then use one of our 150+ built-in [functions](https://www.tines.com/docs/formulas/functions). For example, to count the number of items in an array, you could use a formula like \`SIZE(upstream\_action.array)\`. ## **G** ### Group Organize and categorize related actions in a story together. Groups enable a better organization of complex stories by extracting well-defined branches of a story into a group. ## **H** ### HTTP request action type (HRA) One of the eight action types in Tines. With this action type you can send/fetch data to/from any API on the web. ### HTTP request payload The primary data that you send over in a http request. This is commonly known as "request body" outside of Tines. ## **I** ### Implode and explode mode These are modes of the [event transformation action](#h_b344acf839). With explode mode, you can specify a field in an incoming Event that contains an array, and Tines will emit individual Events for each element of the array. With implode mode, you can collect and reassemble a previously exploded array into a single event. Some examples include reassembling an array of 'exploded' URLs from a previous action in the story or consolidating API paging requests into a single event by setting the size to the number of pages available. ### Import You can import a story into Tines in two ways: selecting a pre-made story from our Story Library or importing a story file from your computer via the import button at the top of your Tines Dashboard. ### Input action An action entry point for either a send to story action or a Workbench request which contains defined values that either Workbench or the sub-story needs in order to run. These actions must be of type webhook. ### Integration You can build integrations through Tines. An integration can be as simple as an action on the storyboard (see action templates) or it can be an entire story that's integrating multiple systems. As a vendor-agnostic platform, we can integrate with any API. ## **L** ### Local values A place to do upfront formula calculations before an action runs. Then, when it runs, you can refer to the results of those calculations here. ### Lock story There is the option to lock a story in the top right corner of the screen. Anyone viewing the story then needs to unlock it in order to configure actions or edit connections. ### Logs tab A tab inside the properties panel to the right of your Storyboard. Here you can spot errors and analyze logs generated by your actions. ### Looping An operation performed using the Event transform action to iterate through a list of objects & apply the same logic to each item in the list where the output would be a new list with the specified data. Read more [here](https://www.tines.com/docs/actions/types/event-transformation/message-only/#looping). ## **M** ### Message-only mode A mode of the event transformation action. Use message-only to produce a new piece of data and emit it as an event for use downstream. You can use formulas to refer to upstream event data, and even use the loop configuration option to iterate over a list of data to transform it. ### Monitoring You can turn on monitoring for your entire story. It will notify you when any action fails. You can also turn it on and configure it for individual actions. ## **N** ### Note Add annotations or comments to provide additional information or instructions within your story. Available within the story toolbar Notes support rich formatting including toggle headings (H1, H2, and H3), which allow you to collapse and expand sections to keep your notes organized. Type `/` in any note to access formatting options including toggle headings. ## O ### Output value An action exit point or last action in a sub-story for which the output content is emitted by the originating send to story action or Workbench request. These actions must be of type event transform using the message-only mode. ## **P** ### Page A web page you can make using Tines. Your end users can use it to fill out forms or consume information. You can build powerful apps with pages; they can display information from events, a workflow to end-users, and pass data from users to actions via forms. ### Page container A grouping of multiple page elements on a page for which conditions and layout options can be applied. They can be created by dragging page elements on top of each other or by creating copies of a page element. Read more [here](https://www.tines.com/docs/pages/layout-and-containers/). ### Page element When creating a Page in Tines, you can choose from a list of display elements that make up your page. These include title, divider, image, rich text, map and table. ### Page input field When creating a page in Tines, you can choose from a list of input fields for your end-users to interact with. These include long text, short text, date, URL, email, file upload, and more. ### Page theme You can organize and share visual preferences between your pages with themes. Themes store the logo, color, and width settings for a page so they can be applied to other pages. You can create a new theme by opening an existing page and clicking on the theme dropdown. ### Pill The Tines term for an entity which retrieves a dynamic variable data value. It's sometimes just referenced as "value pill" or a "data value pill". These are primarily used to call event data from upstream actions. In software development, these are similar to local variables. ### Presets Presets allow team admins (or custom roles with the permission to manage the team) to pre-configure a set of templates (with credentials), stories, and custom instructions; making available to all team members for rapid and consistent use. ### Private templates Team-scoped [templates](https://www.tines.com/docs/actions/templates/private-templates/) which are pre-configured actions created by someone on your team, and are visible to everyone on the team where they're created. ### Prompt The specific details about the task or assignment that you want an AI agent to handle. For clarity, this can include an example of what you want the agent to output. ### Properties panel There is a properties panel for your story, and another for each action item in your story. From the properties panel you can access everything from the story name, tags, credentials, to the story description. At an individual action level you can access the build pane, the status pane, the logs pane, and in the case of a HTTP request, the summary pane. ## **R** ### Receive email action type One of the eight action types in Tines. The receive email Action emits events when it detects new emails on an IMAP server or when emails are sent to a uniquely generated email address hosted by Tines.Trigger workflows based on receiving emails or perform actions on incoming email messages. ### Recent stories This story list is organized by your most recently edited stories in your tenant. ### Records Capture and store data or information encountered or generated during the execution of your stories. You can drag a record onto your Storyboard to capture the data at specific points in your story. ### Re-emit The operation of resendng the last event that was processed by an upstream action so that it can be (re)processed by downstream actions. ### Reporting Tines reporting provides an overview of your Tines tenant and action performance. Reports include, story usage, time-saved per story, most activity by, story, action, credential, and resource. ### Resources Manage and organize reusable pieces of data like text, objects, arrays and files for use across multiple stories. ### Run The operation of executing an automation. Since the build and execution environments are the same in Tines, your most important workflows are ready to run and make an immediate impact. ## **S** ### Schedule You can schedule your story to run at a specific time. Select the first action (or group) in your story, then go to status, and set your schedule there. ### Section A visual container that can be used to associate a set of actions. They're meant to improve understanding and clarity by visually organising actions, making complex workflows easier to follow and interpret. ### Send email action type One of the eight action types in Tines. Automate sending emails as part of your workflow processes. ### Send to story action type (STS or S2S) One of the eight action types in Tines. Route events or data to other stories for further processing or analysis. ### Status tab A tab in the properties panel where you can monitor and manage the status of your story or action or page. ### Story A collection of actions connected together to achieve a specific automation goal or objective. It is the building format of a Tines workflow that may include multiple independent units. ### Storyboard The canvas on which you plan for and build stories in Tines. This is where most of your work will occur. ### Story library A repository or collection of reusable stories or workflow templates that can be shared and reused. ### Story runs A story run allows you to trace the exact path an event took through a Story. It contains the Actions and their emitted events allowing you to easily troubleshoot and benchmark your automation stories. ### Story toolbar The [story toolbar](https://explained.tines.com/en/articles/14781675-story-toolbar) in Tines includes our actions, tools, and templates. It is a fully customizable floating toolbar that appears as a floating panel on the storyboard, designed to help you build faster. Actions are grouped by function so you can find what you need at a glance. ### Sub-story A Story that gets triggered by another Tines story via the send to story action. It may contain a set of actions that can be used in multiple stories to send data results back to a main story which triggered it. It can be used to perform a common action or set of actions. All actions within this type of Story must be connected as separate since unconnected sets of actions, are not supported. The exit action(s) must be in the same connected flow as the entry action. ## **T** ### Tags Tags are used in a few ways in Tines. You can assign tags to categorize and organize your stories in the story library, or your [cases](https://explained.tines.com/en/articles/7971194-introduction-to-cases); for easier searching and filtering. There is also a [tags feature used in formulas](https://www.tines.com/docs/formulas/language#tags). ### Team With teams in Tines, you can organize your users, credentials, resources, and stories. Team members will only be able to access the configuration items of teams that they are a part of unless they are a tenant owner. ### Team story allocation If you have multiple teams in a tenant, the tenant owner can provision story limits by team. You can find this option in your tenant admin menu. ### Template Templates are pre-configured actions or groups of actions that you can use straight out of the box with Tines. You can browse and select them directly from the HTTP request action in the story toolbar. These are also known as public templates. ### Tenant When you sign up to Tines you and your team are organized together in a shared workspace known as a tenant where you can collaborate together. ### Tenant owner Tenant owners can perform actions on any object, regardless of the team that owns it (users who are not tenant owners can only perform actions on objects owned by a team they are a member of). ### Throttle Mode A mode of the event transformation action. Allow events to be emitted at a consistent, limited rate. Throttle mode helps you to respect rate limits when interacting with 3rd party APIs. This logic is applied to all events regardless of which story run they are from. ### Tines Bootcamp A program that provides hand-on guidance for building stories in Tines. It's found [here](https://www.tines.com/bootcamps/). ### Tines Command Runner (TCR) Powers the run script action on self-hosted infrastructure. It runs Python with access to packages like \`requests\`, \`pandas\`, \`cryptography\`, and \`boto3\`. Adding libraries is straightforward, just point [TCR](https://www.tines.com/docs/self-hosting/additional-applications/run-script-for-self-hosted/) at a public or local PyPI server and install what you need. ### Tines University A learning resource that can help you to get certified with Tines. It's found [here](https://www.tines.com/university/). ### Tines What's New The name of Tine's change log, found [here](https://www.tines.com/). ### Tools In addition to the eight action types available in the menu next to your Storyboard, you can also drag on one of 4 tools. They are; group, page, note, and Record. ## **U** ### User An individual in Tines with access to view, edit, or manage stories and/or the tenant. ## **V** ### Version Story-versioning allows teams to back up, inspect, clone, export, and restore any workflow. You can access version history via the clock icon at the top-right corner of your Storyboard. ### Viewer As a viewer, you have **read-only permission** across a team. You can view, but not edit, objects in a team. This role is useful for situations where a colleague or auditor needs oversight or understanding of an automated workflow, without the ability to alter it – or even accidentally break it. ### Value types Value types are options for creating the payload in certain types of actions (like Send to story and Event transformation. A value can be text, formula, number, true/false, null, an object or an array. [You can learn more here.](https://explained.tines.com/en/articles/7229130-how-to-use-different-value-options-in-tines) ## **W** ### Webhook action type One of the eight action types in Tines. A webhook enables communication between two applications in real-time. To create a new webhook, simply drag it onto your Storyboard to create a URL which can receive HTTP data. ### Webhook API Capture and process the responses received from external systems via webhooks. ### Webhook rules Criteria that must be met in order for an event to be emitted by a Webhook action. ### Workbench A Tines-powered AI chat interface. When connected to stories, [Workbench](https://explained.tines.com/en/articles/9822635-introduction-to-workbench) can take actions and access proprietary data in real-time, privately and securely. You can interact with this using natural language (NL) or use a template. ### Workbench for Storyboard (formerly Story copilot) AI-powered chat interface to build, understand, and optimize flows on the storyboard. You can use it to start from scratch or to work with an existing story. [Workbench for Storyboard](https://explained.tines.com/en/articles/13572150-introduction-to-story-copilot) makes Tines accessible to the whole team, regardless of skillset. ### YDWWT - You Did What With Tines? A contest where you can submit a Story that demonstrates the overall concept of a use case handled using the Tines service. It's found [here](https://www.tines.com/you-did-what-with-tines/). ## Thinkst Canary Authentication Guide Canary devices (hardware, VMWare Images, AWS AMI's or GCP machines) are deployed onto your networks in minutes mimicking high-value targets. External attackers and even malicious insiders tip their hands and reveal their presence by touching them. ## First, get a Thinkst Canary API key 1. Login to your Thinkst Canary account 2. Click "Settings" ​ ​ ![](https://downloads.intercomcdn.com/i/o/866589605/8c02c3640ae92c862400152c/image.png?expires=1781611200&signature=6b8f77603b4d0ef965e15c3bbdde98323407165516d68e7c06ec4727f8fb6929&req=fCYhE8F3m4FaFb4V1XW4gavhNTaHr6OuY5PF0%2FlA8EvL7GavsB3aJTfIpQDa%0AOWxYSBucJtQ%2FUUi0VpgQkMAJvQ%3D%3D%0A) ​ 3. Click the "API" tab and then the "Add new Global API Key" ​ ​ ![](https://downloads.intercomcdn.com/i/o/866601167/1f0c3afa9859eabf0a03acaf/image.png?expires=1781611200&signature=39f876e026d46740692cd436f2ba987239c228317e6746565c61e2af31150351&req=fCYhEMl%2FnIdYFb4V1XW4gQB3A6%2BwiqxevI7sn3msrRoF83UkGkK454070%2F%2BE%0AFXOXBEtckqlCMzv5dVEx%2F0B%2BaA%3D%3D%0A) ​ 4. Choose the appropriate key type, name the key and click "Create" ​ ​ ![](https://downloads.intercomcdn.com/i/o/866612215/4a60aa9d750d280ace0cb869/image.png?expires=1781611200&signature=9a3c2d80b9a808394ee372e5d6aa23819bc017d69ccaf18c3350e63f7838dbd2&req=fCYhEMh8n4BaFb4V1XW4gR8bTdmQ39L7bs3ThmRsDx6ExDSfJhixtHwcleC0%0Aw93ErvbBlUBMtchoFJTDGYwrUA%3D%3D%0A) ​ 5. Copy the API Key ​ ​ ![](https://downloads.intercomcdn.com/i/o/866613493/d1f7271bd9bf249df03e53bc/image.png?expires=1781611200&signature=64aedab8e2f23088dcf090058da8f6df6f8a398800cca462f11a07f1ef0b253b&req=fCYhEMh9mYhcFb4V1XW4gd40zi2WEMM%2FrVG%2BXz4gLujfcWSelaAUHCHxko6r%0AulHJcgOIa0FmmXiYvbv%2BPdG3Vw%3D%3D%0A) ## Lastly, create a Thinkst Canary credential in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Text" 4. Input the values for the Thinkst Canary credential 1. **Name:** Thinkst Canary 2. **Description:** Optional 3. **Value:** Your API key 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API 6. Click "Save" > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Thinkst Canary** **stories in the [story library](https://www.tines.com/library?s=thinkst%20canary&view=all)** ## "This HTTP Request Action's URL did not match any of this credential's supported domains/URLs." Error ## Overview When executing an [HTTP Request action](https://www.tines.com/docs/actions/types/http-request/) that requires authentication, you may run into the following error: ``` This HTTP Request Action's URL did not match any of this credential's supported domains/URLs. ``` ## Cause and solution The "`This HTTP Request Action's URL did not match any of this credential's supported domains/URLs.`" error message is directly tied to the **URL** value being passed in the HTTP Request action and the used **[Credential's](https://www.tines.com/docs/credentials/) [URLs and Domains](https://www.tines.com/docs/credentials/credential-configuration/domain-restriction/)** setting. ### Cause one: Incorrect credential usage The credential that is being used in the HTTP action is not the correct credential to authenticate the HTTP call. > 🟢 **Solution:** Ensure that you are using the appropriate credential relevant to the HTTP action you are attempting to execute. To avoid this, we recommend naming your credentials so that it is easy for you and your team to identify which platform they are intended for. ### Cause two: Invalid credential URLs and Domains configuration The credential's **URLs and Domains** setting is formatted incorrectly or contains the wrong values. > 🟢 **Solution:** Ensure that the URLs, domains, and server hosts passed in the configuration align with the setting's [supported syntax](https://www.tines.com/docs/credentials/credential-configuration/domain-restriction/#supported-restrictions). If you have multiple values, make sure that they are *space-separated* within the **URLs and Domains** setting. ## Troubleshooting checklist ☑️ Verify you are using the correct credential for the HTTP action you are executing. ☑️ Verify that the credential's **URLs and Domains** setting is configured correctly. ## Need further assistance? Have questions or still seeing the error after working through the sections above? We are happy to help! ⬇️ [Contact Tines Support](https://www.tines.com/contact#support) **with the information below**: > ℹ️ **General Information:** > > - Describe the behavior in detail, including steps to replicate (*we recommend providing this information via a screen recording*). > > - The time and date of the reported behavior. > > > ℹ️ **Story Details:** > > - The impacted story's URL. > > - The impacted credential's **URLs and Domains** value(s). > > - The impacted HTTP Request action's: > > - **ID:** Click on the action tile within your story; its ID is located at the end of the browser URL. > > - **Configuration**: You can copy and paste actions into a code block; this will provide the configuration of the action(s) in JSON format so that Tines Support can view it within our test environments. ## "This page is not ready yet." Error ## Overview While working with [Pages](https://www.tines.com/docs/pages/), you may run into the following error when trying to access the page URL: ``` This page is not ready yet. ``` ## Cause and solution Within a story flow, if a [page is at the top of a story](https://www.tines.com/docs/pages/distribution-and-access-control/#pages-which-kick-off-story-runs), then it will have a static URL. However, if a [page is located mid-story](https://www.tines.com/docs/pages/distribution-and-access-control/#downstream-mid-story-pages) (i.e., has a connecting action before it), then the page's URL is dynamically generated for each [story run](https://www.tines.com/docs/stories/story-runs/) (this is typically used when referencing the page dynamically in the story via the `PAGE.page_name` variable). ### Cause One: The story run hasn't reached the page yet If you try to access the dynamic page URL before the story run has reached the page, you will see the "`This page is not ready yet.`" error. > 🟢 **Solutions:** > > - Check the associated story run for any potential interruptions and correct them. > > - Confirm that the actions are properly connected to each other within your story. ### Cause Two: The page URL has expired When working with a dynamic page URL, you can run into the "`This page is not ready yet.`" error if any of the executed events of the story run related to it have been: - Manually deleted by a user. - Deleted due to the event retention of the **Keep events and logs** settings of the story. This causes the instance of the page to expire. > 🟢 **Solutions:** Check to see if any events were deleted related to the dynamic page URL: > > - **Manually deleted by a user**: > > - Validate the upstream events of a page via the **Story runs** option in the three-dot menu of the story. > > - If you have [Audit logs](https://www.tines.com/api/audit-logs/) enabled, search for the `ActionsEventsDeletion` operation on the story. > > - **Story event retention**: Check the **Keep events and logs** setting via the story configuration panel to validate that the timeframe of retained events align with the expiration of the dynamic page URL's creation. > > ![](https://downloads.intercomcdn.com/i/o/am0g137l/1660695470/c29a3eebd88fb9e618a158168bb4/image.png?expires=1781611200&signature=7f3a85f33bff862e26f7353602b84d83805dfd9d56a38f6591cd58e1aa8b4fe6&req=dSYhFs93mIVYWfMW3nq%2BgWTWtJQPMmU6ndeYZa7YjqKWfPUd4FULtwznf2jk%0AFngafwWNkyAL6CxZ2MurvghXVpU%3D%0A) ## Troubleshooting checklist ☑️ Verify that you are using the correct page in your `PAGE.page_name` variable when referencing it in other actions within your story. ☑️ Verify that you are not trying to access the dynamic page URL too early. ☑️ Verify that the events of the story run associated with the dynamic page URL have not been deleted. ## Need further assistance? Have questions or still seeing the error after working through the sections above? We are happy to help! ⬇️ [Contact Tines Support](https://www.tines.com/contact#support) **with the information below**: > ℹ️ **General Information:** > > - Describe the behavior in detail, including steps to replicate (*we recommend providing this information via a screen recording*). > > - The time and date of the reported behavior. > > > ℹ️ **Story Details:** > > - The impacted story's URL. > > - The impacted page's action ID (click on the page tile within your story, its ID is located at the end of the browser URL). > > - The impacted page's URL. ## ThreatQ Authentication Guide ThreatQ improves the efficiency and effectiveness of existing security operations by fusing disparate data sources, tools, and teams to accelerate threat detection and response. ## First, get ThreatQ OAuth Client Credentials ##### Hosted deployment 1. Contact [support@threatq.com](mailto:support@threatq.com) to have a ticket created to generate OAuth Client Credentials using the name “Tines" ##### On-Premise deployment 1. SSH into your ThreatQ instance 2. Run `cd /var/www/api` 3. Run `sudo php artisan threatq:oauth2-client --name "Tines"` 4. Copy the credentials to a text editor ## Lastly, create a ThreatQ resource and credentials in Tines ##### Resource 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Resource" 3. Click "+ New Resource" 4. Input the values for the ThreatQ resource - **Name:** ThreatQuotient Domain - **Description:** Optional - **Builder:** Your ThreatQ instance hostname, i.e. `tenant.threatq.online` 5. **Optional** - **Access:** What other teams can also use the resource 6. Click "Save resource" ##### Text type credential 1. Navigate to the team that will be using the API and click "Credentials" 2. Click "+ New Credential" and select "Text" 3. Input the values for the ThreatQ credential 1. **Name:** ThreatQ Client Secret 2. **Description:** Optional 3. **Value:** Your ThreatQ OAuth Client Secret 4. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API 5. Click "Save" ##### HTTP request type credential 1. Click "+ New Credential" and select "HTTP Request" 2. Input the values for the ThreatQ credential 1. **Name:** ThreatQuotient 2. **Description:** Optional 3. **URL:** `https://<>/api/token?grant_type=client_credentials` 4. **Content Type:** JSON 5. **Method:** post 6. **Headers:** 1. `Accept: application/json` 7. **Basic auth:** 1. **Username:** ThreatQ OAuth Client ID 2. **Password:** `<>` 8. Click "Run options", navigate to the `access_token` key and double click on the key 9. **Location of token from response:** Paste the path to the token in the value pill, `<>` 10. **TTL:** 3599 3. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains 2. **Access:** What other teams can also use the API 4. Click "Save" Your credential should look like the following: ![](https://downloads.intercomcdn.com/i/o/889026595/5393cec823fa57e7a6aabac0/image.png?expires=1781611200&signature=eeaff3cf8e8a58adbe431dc0a12e468ad2121f7242d17d3526503a5650fe4308&req=fCguFst4mIhaFb4V1XW4gfbJkTex7u5OTi65cE%2F6gngCI7r06TaYdV0e8xRy%0AWsg4X3ibrZA3AOE80NVwG90q%2Bw%3D%3D%0A) ![](https://downloads.intercomcdn.com/i/o/889026738/66f4e5f13035c20c0aaa4e02/image.png?expires=1781611200&signature=477e215b136986f252ccf638e813d350da9635b11c5812f87c6558954dd1fc52&req=fCguFst4moJXFb4V1XW4gXhmROUNF3U2hb9xVrythoghXV3lJTfQ59ogFMgr%0AGExjmFT1lzdzD2UqZ9rph6jqQA%3D%3D%0A) ![](https://downloads.intercomcdn.com/i/o/889026913/1c7dd5bf742c5874d9036492/image.png?expires=1781611200&signature=aa99aa0b304df7ccf5782f310bc27206ecd1c570e7c37890b6c5c83ec00c3cb5&req=fCguFst4lIBcFb4V1XW4geEkBmwjgfwzXQgTL9NR2A3IHJKXdV6X57Be%2Fro1%0A3MBQUF5PwbI%2BegqYJvnYKY%2Faww%3D%3D%0A) > **More on creating credentials in Tines [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can also find a selection of ThreatQ stories in the [story library](https://www.tines.com/library?view=all&s=threatq).** ## Tines API 504 status error: "Net::ReadTimeout with #" ## Overview When you [create an API workflow in Tines](https://www.tines.com/docs/stories/apis), you may run into the following error: `"connection_error": "Net::ReadTimeout with #"`. This article covers common causes and solutions to this behavior. ## 504 Status Error: Cause and solution ### Cause One: "Enable webhook API responses" is not configured properly If your story's "Enable webhook API responses" setting is not enabled or configured correctly, this error can occur. > 🟢 **Solution**: > > - Turn on "Enable webhook API responses" in your story configuration: > > > ![](https://downloads.intercomcdn.com/i/o/1003486680/0d822854a1f1dfb4f058cd11/image.png?expires=1781611200&signature=b26c46f8788929b32668f1e88e76db8566fabbc07cd45681e262fb7ed9e01bb3&req=dSAnFc12m4dXWfMW3nq%2BgfEmtav%2FwyeyuPRklNl4d6HP0oTD2Rz34eLwUTE8%0AyTnRe4ZG8yiJ51uD5IKGdQo3tYo%3D%0A) > > - Configure entry and exit actions for your webhook API responses: > ​ > > ![](https://downloads.intercomcdn.com/i/o/1003487431/a68d5a6bda6830da7e146d90/image.png?expires=1781611200&signature=b51474143eade2bc6a44a515e27c65d5bbee2e82fafc6e47a693cb65fddc8716&req=dSAnFc12moVcWPMW3nq%2BgbMiVsBr88wJ0FIbsWCf3UDMHScF10fat9kGAOqm%0AAFh4NmfPw2bHZyXppMkwSdcfD9g%3D%0A) ### Cause Two: The HTTP request timed out The 504 status error can occur when the HTTP request times out before it is completed. > 🟢 **Solution**: Increase the "Timeout" setting of your HTTP action (default is 30 seconds): > > ![](https://downloads.intercomcdn.com/i/o/1003490931/fa0ca419418ee8d6ab44c3c8/image.png?expires=1781611200&signature=8a31f1f8e876eabdcebb140238dbf110552a31947777e7c5a4c565cd2d0fdbc9&req=dSAnFc13nYhcWPMW3nq%2BgTc5xSdSM3jCrP%2FnM0HL%2Fwyfv%2BdakbIp5X2tb2Bm%0A%2FgDyyvgHMB8Q9UUjcFh03Q7DQpM%3D%0A) ## 504 Status Error: Troubleshooting checklist ☑️ Confirm "Enable webhook API responses" is enabled for your story (see [Cause One](#h_9f96227821)). ☑️ Confirm Entry and Exit actions are configured in your "Enable webhook API responses" setting. (see [Cause One)](#h_9f96227821). ☑️ Configure timeout settings in your HTTP Request action (see [Cause Two](#h_012d3fc713)). ## Need further assistance? Have questions or still seeing the error after working through the sections above? We are happy to help! ⬇️ [Contact Tines Support](https://www.tines.com/contact#support) **with the information below**, when available: > ℹ️ **General Information:** > > - Describe the behavior in detail, including steps to replicate (*we recommend providing this information via a screen prerecording*). > > - Date and time of the reported behavior. > > > ℹ️ **Story Details:** > > - Impacted Story's URL (include all URLs if there are multiple stories impacted). > > - Impacted Action's ID (include all IDs if there are multiple actions impacted). > > - The action configuration(s): > > - You can copy + paste actions into a code block; this will provide the configuration of the action(s) in a JSON format so that Tines Support can use it into our test environments. ## Tines Tunnel FAQs ## Do I need to open inbound ports to use the Tines tunnel? No, you do not need to open any inbound ports on your firewall to use the Tines tunnel. All connections from the Tunnel are outbound and initiated by the Tunnel. ## Is there a limit to the number of tunnels that can be used with Tines? There is no limit to the number of tunnels you can use with Tines, but there is an additional cost for each tunnel. ## What does the number signify next to the tunnel status on the Tunnel Configurations page? This number represents the total active client connections that are currently routed through the tunnel between the container and Cloudflare's edge proxy. Each container can maintain up to four active connections, but this can fluctuate during retries, for example, temporarily increasing the count. Fluctuations are normal and can be caused by things like: - Cloudflare maintenance or updates. - Network disruptions, causing reconnection attempts. - Changes in traffic volume, leading to more connections. > **👉 For more details on the Tines Tunnel [see here](https://explained.tines.com/en/articles/6883952-deploying-and-using-the-tines-tunnel).** ## Tines Workbench demo recording [Watch video](https://fast.wistia.net/embed/iframe/1pxrphrbql) ### Video transcript Hi. I'm Rosie, product manager at Tines, and I'm very excited to introduce you to Tines Workbench, our AI powered chat interface. If you're familiar with or you've tried out other AI powered chat tools in the past, you know that they have a really powerful and impressive general knowledge capability. Workbench has this general knowledge capability, but on top of that, it's actually able to connect to your proprietary systems in real time, send you real time data about them, and even take actions for you. And similar to all of our other AI offerings and times, your data is going to be kept within your tenant and it's going to be private. Let's look at an example to see Workbench in action. Say you received an alert that an AWS bucket was made public by a user. You could probably go to any AI chat tool and ask it, what do I do if an AWS bucket let's give it the name too, times demo twenty four, was made public by a user. And any AI chat tool will probably tell you, the context of what that means and maybe a series of steps that you should then take in that tool, for how to solve this problem. And you'll see that we have that here. It's a potential security risk. First, we should verify the current status, but Workbench is now going one step further with the ability to access your AWS instance already. So it's it's suggesting we run this AWS CLI command. Let's go ahead and confirm that. And now it's gonna go ahead and in real time, I don't have to write the CLI command. I don't need to log into my AWS. It's going to actually access my AWS and get the real time status of this bucket. It looks like the bucket isn't currently public. Looks like the access control shows that the owner has full control over the bucket, but Workbench is going to check the bucket policy to be sure. Similar to that last time, we can check the CLI command. I'm gonna confirm that, and now it's going to check this. So what this is is actually a template that I've enabled on the left hand side here. These templates are provided out of the box by times, and then you're able to enable them and connect them to your system and even select which actions of these templates you would like Workbench to have access to run or do. It looks like we've heard back from Workbench. The bucket policy reveals it is indeed public, so it looks like our alert is still relevant and that it recommends we remove the access immediately. Before I do that, maybe I want to take a look at who this user is. Maybe they had a reason for making it public. So let's switch gears and say, who is Steven O'Brien? We were just looking at our AWS resource information in real time. Now we're going to be looking into our various systems, to find details about Stephen O'Brien. This lookup user, you'll notice, doesn't actually have any sort of product associated with it. That's because it's a story. So while the templates are provided out of the box by times, you can build as many custom stories for Workbench to call and run as you'd like. Maybe you have specific custom steps you'd like to take. Maybe it's more than just an individual action template, and that is, fully supported by Workbench here on the stories tab too. So it looks like we have some frame information from Steven. We checked Okta. We checked Tynes. We checked Slack for this data. And based on this, it actually looks like his last activity was in August and it's now September. So let's actually check in BambooHR, that's our HR system, if Steven is out of office. If he hasn't been online since August and it's now September and he's currently making changes to AWS bucket policies, he might that that sounds a little odd. Right? So let's go ahead and look at who's out. It's going to get a list of who's out from BambooHR. Go ahead and run that for me, and it looks like Steven is in fact out of office for the whole month of September. So this now seems like Steven's account may be potentially compromised or he's on vacation making bucket changes, which probably isn't likely. So I think his account has been compromised. Can you reset his active sessions and password? Now we're going to go ahead and take action, reset Steven's account password and active sessions in Okta. Once again, calling a story that I created here and we have confirmation that the password has been generated and reset with some suggested next steps. Yeah. But I actually wanna go back now that we've handled the user, part of this and maybe go ahead and make that change back for the bucket to be private again. Right? So can you make that bucket private? Now I'm being kind of intentionally vague just to showcase that I don't need to restate the bucket's name. It has full context of our conversation here. So it knows the bucket is times demo twenty four. It knows that it was public from our prime previous messages, and now it's going to remove any public access settings first. Great. Once again, we could view that CLI command like we did previously. It once it runs that, we're gonna get some data back. Awesome. Now we're going to remove the policy that allows public access. Perfect. And once again, you know, I'm being supported by Workbench, but I'm still driving this. I'm deciding that I wanna take this action on my AWS bucket. You know, there there isn't that potential issue of Workbench going rogue or something and and taking actions that I haven't enabled or allowed it to or confirmed. Great. Now let's verify that the bucket is private by checking its policy. So we've taken actions, and now Workbench recommends let's go and actually pull the status in real time again, check that those actions did in fact successfully take on our bucket, and once again, we have confirmed there's no bucket policy, that's what we wanted, And then we're gonna check the ACL. And we have a nice summary of our perfectly private bucket now. So in the span of just a couple of minutes, we've taken a number of actions. We've gotten information in real time about AWS buckets. We've then actually gone ahead and changed to the bucket status and policies themselves and gotten confirmation that those changes have taken place. We've looked up information on a user. We've also then reset their password and sessions, all within this one chat that has all my context. Maybe I want to give a nice summary. So summarize this info and update the case. And what was my case? Three seven five two four in a comment. So I'm gonna update this case comment in times. If you wanted to make a new case in another system or send an email or send a message in Teams or Slack or something, that is also possible. So this is just one example of many for summarizing or updating, but here is our nice summary here summarizing all that we've done. And then now we're going to add that information as a comment to that case. That's perfect. And so it's going to once again call that times template update a case. Now looking here, let's just check. So this looks like it's gonna update the description. I'm actually gonna say no, make it a comment because I just want comment rather than a full description update. So once again, you can check that and then if you don't confirm, it's not going to do it. And now we will update it as a comment. Great. Looks like we're commenting on the case. Let's confirm that and then go ahead and check that out. And we have this nice security incident update here on the bucket, on Steven's account, on any next steps. There's so much more we could do and so many more use cases that we could dive into, but I really appreciate you tuning in to just this quick look into Workbench. Thank you so much. ## Traceable.ai Authentication Guide Traceable AI combines the power of end-to-end distributed tracing, cloud-native integrations, and advanced ML-powered behavioral analytics to deliver API and application security from user to code. Traceable's platform works in the background even as application architectures change, development methodologies evolve, and new attack vectors and threats emerge. ### First, get a Traceable AI API token 1. Login to your Traceable AI account at [https://auth.traceable.ai/login](https://auth.traceable.ai/login) 2. From your account menu, select "My Preferences" ​ ![](https://downloads.intercomcdn.com/i/o/852338257/b4c9af94f7e70b7f8e7c20df/image.png?expires=1781611200&signature=0e44fce7c46a07a70c2a198e6f9cf6ad0dc1137c7e4d7857385f4e2812b7b523&req=fCUlFcp2n4RYFb4V1XW4gQ069hsVFyLtRWKV4kt1D%2BmghNAf1iAYxxqS8sDW%0APykBGVDJtTDkG1hnh1mUssSIFg%3D%3D%0A) ​ 3. Click on the "API Tokens" tab and click "Generate API Token" 4. Name the token and click "Generate" ​ ![](https://downloads.intercomcdn.com/i/o/852338629/f294bc76885a3e21023157af/image.png?expires=1781611200&signature=85d8b78b3105927c820cbb68dea5d73d6a38919169706823787e2af0a04a064d&req=fCUlFcp2m4NWFb4V1XW4gfa9vSWhMfDy8V3GFeuqy8xxuH9N3TmIScI2ejku%0AT4iPOPfml7%2Bre2bcbRMeHPy9DQ%3D%3D%0A) ​ 5. Copy your token and click "Okay" ### Lastly, create a Traceable AI credential in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Text" 4. Input the values for the Traceable AI credential 1. **Name:** Traceable AI 2. **Description:** Optional 3. **Value:** Your API token 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API 6. Click "Save" > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Traceable AI** **stories in the [story library](https://www.tines.com/library?s=traceableai&view=all)** ​ ## Trello Authentication Guide Trello is the visual tool that empowers your team to manage any type of project, workflow, or task tracking. Add files, checklists, or even automation: Customize it all for how your team works best ### First, get a Trello API key 1. Login to your Trello account at [https://trello.com](https://trello.com) 2. Navigate to [https://trello.com/power-ups/admin/](https://trello.com/power-ups/admin/) and click "New" ​ ![](https://downloads.intercomcdn.com/i/o/852357211/c9116d4e28840c1696d68ec9/image.png?expires=1781611200&signature=0f6fcaf9a4d9074f5519333e325ff6412439fb19500410cbc836cb460d7d21b4&req=fCUlFcx5n4BeFb4V1XW4gfLttl75r26S6gpDQBgUrOoxo5IOdP2NvKJbueo0%0AxnevxFFlPFYqRRDbvUmVjzEsWg%3D%3D%0A) 3. Name the integration, choose a Trello workspace, add your email address, and click "Save" ​ ![](https://downloads.intercomcdn.com/i/o/852357977/db180170f639b04d987eda01/image.png?expires=1781611200&signature=bc802c7fd7f73ead639373c38538721105f7c0015aca871cdd9e3f7f0ff52f85&req=fCUlFcx5lIZYFb4V1XW4gWJQNGTfZliO3kJAFl%2FwjyMqCyl7eHxb1R9TO6Gw%0ALpw26vkO9TmrpzOtdJctU%2Bjqww%3D%3D%0A) 4. Click on "API key" and click "Generate a new API key" ​ ![](https://downloads.intercomcdn.com/i/o/852358498/1a78a9295f42fda3dae75d8c/image.png?expires=1781611200&signature=fb6a22fa757fd8f59eeb493b55a3518df8fe37d8a78431dff191d4d91149d7d9&req=fCUlFcx2mYhXFb4V1XW4gYnqyg8ad%2BIXzmMw%2BOmK2sRh1f%2F6MGG1GPIU%2FagC%0AIw%2BJexFPdS5Q1oWyWWl9H4Xvgw%3D%3D%0A) 5. Copy your "API key" to a text editor 6. Click on the "Token" link to generate a token ​ ![](https://downloads.intercomcdn.com/i/o/852360011/f41260eb911244f2dc54ac7f/image.png?expires=1781611200&signature=7e92990576ae6eccf2595210666e0ef0a6bdc8788eefc01a965b924922d75604&req=fCUlFc9%2BnYBeFb4V1XW4gSz8wzvxEnPpoXpvhYCtNN8SjcpIze5apH2AgvZ0%0AhhM8KZ04hYj33cx2B50qrLSNZg%3D%3D%0A) 7. On the authorization page, scroll down and click "ALLOW". 8. Copy the token to a text editor ​ ![](https://downloads.intercomcdn.com/i/o/852361293/3716fa6b33aa6468c5ab7f77/image.png?expires=1781611200&signature=9ce78d98d34b865e26b3a75a7fc7c2c16d1b9368c53ae47d995bd2011b288cd0&req=fCUlFc9%2Fn4hcFb4V1XW4gSVjDnTCr0%2FFMcpJqwsHSpMasQdyGeMT4JADDxWW%0Az%2FCvq%2F5lxUROWVCOFH5KO5NzXg%3D%3D%0A) ### Lastly, create a Trello credential in Tines **Trello connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Trello" and follow the prompts to connect. > **Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/trello).** > > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Trello** **stories in the [story library](https://www.tines.com/library?s=trello&view=all)** ## Troubleshooting guide - UI latency diagnostics This guide is designed for technical administrators and users to identify the root cause of UI latency, confirm system health, and perform self-service diagnostics before escalating to support. ## Step 1. Verify backend system health Before diagnosing local issues, confirm that the platform itself is fully operational. - **Check platform status:** Navigate to Tines’ dedicated status page here - [https://status.tines.com/](https://status.tines.com/). - **Action:** Confirm that all core backend systems are reporting as operational and that there are no known incidents or periods of degraded performance. If the status page indicates an ongoing issue, no further troubleshooting is required; wait for the platform to recover. If the status is operational, proceed to step 2. ## Step 2. Client-side and network diagnostics The majority of reported performance issues stem from client-side environment factors, such as network settings or browser configuration. ### Network environment checks These checks help isolate whether the latency is related to your connectivity. - **Test connectivity:** If possible, test the UI performance on a different network (e.g., a private connection versus a corporate one). If the issue is isolated to your current network, contact your local network administrator or internet service provider (ISP) for assistance. - **Isolate VPN interference:** If you are using a virtual private network (VPN), temporarily disable or remove the VPN and retest the UI performance. A significant improvement in performance indicates that the VPN configuration is the likely cause of the latency. - **Check bandwidth saturation:** Ensure that other applications (e.g., streaming, large file downloads, or aggressive torrent clients) are not consuming all available bandwidth, which can prevent the UI from resolving pages quickly. ### Browser environment checks Browser configuration and accumulated data can severely impact UI responsiveness. - **Use incognito/private mode:** Open a new incognito or private browsing window and reproduce the issue. This minimizes interference from existing login sessions, stored cached data, and browser extensions, offering a cleaner environment for testing. - **Disable extensions:** Temporarily disable all non-essential browser extensions, particularly security tools, ad blockers, or any extensions that modify page content or interfere with network requests. - **Clear browser cache:** Clear the browser's disk cache and cookies. In chrome, a good practice is to open developer tools and perform an empty cache and hard reload. - **Check for stable version:** Verify that you are running a stable and up-to-date version of your web browser. - **Disable hardware acceleration:** If operational lag persists, navigate to your browser's settings and temporarily turn off hardware acceleration. Relaunch the browser and retest. ## Preparing for support escalation If the UI latency issue persists after completing all checks in step 2, you may be experiencing a genuine platform issue. Gather the following diagnostic data before submitting a ticket. - **Reproduce and capture:** reproduce the latency issue reliably while recording network traffic. - **Capture a HAR file:** generate an HTTP archive (HAR) file. This file captures all network requests and responses, providing support with the data needed to pinpoint where the performance delay is occurring (client-side versus server-side). ### Escalation criteria Open a support ticket only after you have: - Confirmed the platform status page shows operational. - Completed all diagnostics in step 2 without resolving the issue. - Confirmed the issue is reproducible by other users in different client environments (different networks or devices). When submitting the ticket, include the following information: - The captured **HAR** file. - A clear description of the issue, detailing what you expected to happen versus what actually happened. - The exact troubleshooting steps you performed from this guide. - The exact date and time (including your timezone) when the issue occurred. ### Contact support With all the information gathered, please contact [support](https://www.tines.com/contact/#support) to raise an issue. ## Understanding Tines pricing and packaging ## **Your journey to intelligent workflows starts here.** At Tines, we've designed our product packages to grow with you at every stage of your intelligent workflow journey. Whether you're just beginning to explore automation or scaling intelligent workflows across your enterprise, we offer the perfect solution tailored to your organization's unique needs and maturity level. ### Simple, transparent, and powerful We believe powerful technology should come with straightforward pricing. Our intuitive model is designed to provide maximum value while eliminating complexity: - Strategic feature sets: Access the capabilities you need based on your current workflow maturity and business objectives - Generous usage allocations: Enjoy ample capacity for stories, teams, users, and daily events that scale with your selected tier - Flexible enhancement options: Customize your experience with targeted add-ons that extend capabilities or increase usage limits as your needs evolve > **Note**: On June 25th, 2025, we introduced enhanced packaging options for new customers. These improvements are available to all existing customers as well. For details specific to your account, please connect with your dedicated Tines account manager. * * * ## Choose your path to success **Community Edition |** *Learn how to automate* Our forever-free version gives you hands-on experience with Tines' powerful capabilities. Perfect for proof-of-concepts, learning, and building your business case for broader implementation. Experience the platform's intuitive design with select features and usage parameters. **Business Edition |** *Scale your workflow program* Everything ambitious teams need to transform their operations through intelligent workflows. This comprehensive edition provides the essential tools, capabilities, and capacity to establish and grow a successful workflow program that delivers measurable business impact. **Enterprise Edition |** *Transform your organization* Our enterprise edition includes our complete suite of enterprise-grade features, expanded usage limits, and a dedicated environment. Designed for organizations implementing intelligent workflows at scale across multiple departments with the highest levels of security, control, and support. > Both Business and Enterprise Editions are available for self-hosting. ### **Edition comparison** Below is an overview of the difference between our community edition and paid editions of Tines. | **Feature bucket** | **Community Edition** | **Business Edition** | **Enterprise Edition** | | --- | --- | --- | --- | | Workflow Essentials | ✔ | ✔ | ✔ | | Workflow Controls | ✔ | ✔ | ✔ | | Security Essentials | SSO only | ✔ | ✔ | | Team Essentials | | ✔ | ✔ | | Advanced Workflows | | ✔ | ✔ | | Enterprise Tenant Management | | | ✔ | | Dedicated Cloud Tenant | | | ✔ | *✔ indicates that the bundle unlocks in this edition, please speak to our team for specifics.* **Available add-ons** Increase the capacity of your current plan without moving to a new level. | **Add-ons** | **Community Edition** | **Business Edition** | **Enterprise Edition** | | --- | --- | --- | --- | | Cases | | ✔ | ✔ | | [AI run-time credits](https://explained.tines.com/en/articles/12801399-ai-usage-and-credits) | | ✔ | ✔ | | Tunnels | | ✔ | ✔ | | Tenants | | ✔ | ✔ | | [Flows](https://explained.tines.com/en/articles/10860654-what-is-a-flow-in-tines) | | ✔ | ✔ | | Teams | | ✔ | ✔ | **Usage limits** Generous usage limits are set across our editions. | **Usage** | **Community Edition** | **Business Edition** | **Enterprise Edition** | | --- | --- | --- | --- | | Flow limits | 3 | Starting at 30 | Contact Tines | | Licensed teams | 1 | Starting at 1 | Contact Tines | | User limits | 1 | 100 | Contact Tines | | Event limits | 25,000 monthly | 1.5M daily | Contact Tines | | AI run-time credits (monthly) | 50 | Contact Tines | Contact Tines | ## Feature sets designed for your success Our thoughtfully organized feature sets bring together powerful capabilities that maximize value for your needs. As we continuously expand the Tines platform, these feature sets grow to deliver even more possibilities. Each set is carefully defined to provide clarity and predictability, helping you understand exactly what you're getting today and what enhancements you can expect tomorrow. We're committed to maintaining a clear structure that makes it easy to identify which Tines plan delivers the right combination of capabilities for your organization. Our customer-focused approach means we only introduce new feature sets when they represent truly transformative capabilities that deserve special attention. This ensures you always have access to a clear, understandable path to the workflow solution you need. The list below is accurate as of: 1 May 2026 | **Feature set** | **Definition** | **Example features** | | --- | --- | --- | | Workflow Essentials | A robust feature set to build, run, and monitor your most important workflows. | - Reporting - Pages - Send To Story - Action Templates - Notifications - Resources - Credentials - **AI Agent action** - **Workbench** - **Workbench for Storyboard** | | Workflow Controls | Ensure your most important workflows are running as expected. | - Scheduling - Monitoring - Story locking - Smart retries - Version History - Custom Tenant Name | | Security Essentials | The essential security features to protect your most important workflows. | - SSO, all plans - Audit logs - Tines Roles | | Team Essentials | Everything multiple teams need to collaborate, work on, and manage workflows together. | - JIT Provisioning - Custom Object Sharing - Change Control - Private Templates - Saved story runs | | Advanced Workflows | Beyond process automation, do more with your workflows with these advanced cross-story capabilities. | - Records - Dashboards - Dashboard manager role - Workflow as API - Collections - SSO group support for Pages - Pages & prompts: custom domains | | Enterprise Tenant Management | The feature requirements for an enterprise organization to build, run, and monitor their most important workflows. | - Custom Roles (RBAC) - Custom Email Senders (5) - Priority Processing - SCIM Provisioning | | Dedicated Infrastructure | This moves you to a dedicated infrastructure which gives you an isolated environment which gives you greater control and customization options. | - Priority processing - Custom domain - Allow-listing incoming IPs | ### Historic pricing models If you moved to a paid edition before June 25, 2025, you are most likely on one of our older pricing models. While similar, there could be core differences. For more information on your pricing model, please reach out to your Tines contact and we’ll be happy to help. ### Talk to a product expert What to expect: - Zero-pressure, technical demo of the Tines platform - Walkthrough of a relevant use case - Overview of products and plans - Insight into API and integration capabilities [Let us show you Tines](https://www.tines.com/book-a-demo?utm_source=intercom&utm_medium=product&utm_campaign=explained) ## Updates to the assigned IP address for Tines cloud tenants coming on August 16th. We are changing the assigned IP addresses for your Tines cloud tenant. ### What are we changing? We are adding a second IP address to your Tines tenant. There will be no interruption to service while making this change. ### Why are we doing this? This is to increase the performance and redundancy of your Tines cloud tenant. ### When are we making this change? This will be implemented on August 16th, 2023. If there are any updates, this article will be updated, and a message will be sent to all users. ### How do I know what my IP addresses are? To see the egress IP addresses for your tenant, visit `https:///info` ### What do I, the Tines user and administrator, need to do to avoid disruption? If you have the existing IP address of your Tines tenant to an allowlist, you will need to add the new IP address to it, also. > If you require assistance, please contact [support@tines.com](mailto:support@tines.com) or from within Tines, as shown below. > > ![](https://downloads.intercomcdn.com/i/o/786739203/0248cf8de1012ac68a23c5a2/Screenshot+2023-07-17+at+14.48.32.png?expires=1781611200&signature=1c6873aa4f6ac0934d38d74927113c8ceadc69bb021badf9e54a3b6a0b2b1cb5&req=cyghEcp3n4FcFb4V1XW4gaCbsyoQobEqquStpnmMNx0s4llNahdx6DmyR8QP%0AjFBZZnlo8ZUp7OA6riV6TJtQEQ%3D%3D%0A) ## urlscan.io Authentication Guide [urlscan.io](https://urlscan.io/) is a free service to scan and analyze websites. Here's our guide for authenticating urlscan using Tines. ## First, get a urlscan API key: 1. Navigate to [www.urlscan.io](http://www.urlscan.io) and click "Login", New urlscan users can create a new account via the "Create one!" link ![](https://downloads.intercomcdn.com/i/o/750315542/9fabec39bf7c82f448a5f716/Screen+Shot+2023-03-27+at+4.41.03+PM.png?expires=1781611200&signature=a6cac62d9f421a0683f9eaad592a40a80ca8e5cda43a65a3fdff1e154bfd1cc6&req=cyUnFch7mIVdFb4V1XW4gT1wZ5wie8xAW7FyEV6eYHncMr9Bc6a1fuoeNCk3%0AIzl5Q%2BSnK7%2F4YsFigmVRG5etqw%3D%3D%0A) 2. On the left-hand side, click "Settings & API" ![](https://downloads.intercomcdn.com/i/o/750315769/ef344ee1465d44f8ddb9a195/Screen+Shot+2023-03-27+at+4.42.04+PM.png?expires=1781611200&signature=3e0c97332230c5c8b7d825211fe429af56e297a40b452a760d09a0e75f3665a0&req=cyUnFch7modWFb4V1XW4gdiras0HcVBPMzWu14m%2Fw6ONy5BXMUXOYOsgTizP%0ATP%2Fx87%2BtvtOzf6xQ8nLlzMTaVQ%3D%3D%0A) 3. Click "Create New API key" ![](https://downloads.intercomcdn.com/i/o/750315946/9f5be69c20288a7ef5754221/Screen+Shot+2023-03-27+at+4.42.55+PM.png?expires=1781611200&signature=4954cd5d366258255784aaabc331e8d770882ff67b658b1cee8729a23dc24a91&req=cyUnFch7lIVZFb4V1XW4gVuRBgcOboubMxsv4jgJPajbE1Y69vOnBJMGYnfW%0AnBsOE7cqtHZoWRV557%2BvpuhCZQ%3D%3D%0A) 5\. Copy the API key. ## Lastly, create a urlscan credential in Tines **URLScan.io connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "URLScan.io" and follow the prompts to connect. **Manual credential creation** This method is not recommended as the URLScan.io connect flow creates this credential with much less complexity. However, if you need to create this credential set manually, see the following steps below: 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credential" 3. Click "+ New Credential" and select "Text" 4. Input the values for the credential 1. **Name:** Required 2. **Description:** Optional 3. **Value:** API Key 5. **Optional** 1. **Domains:** Ensure that this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API > Learn more about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/urlscan-io). > > For more on creating credentials in Tines click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines). > > You can find a selection of urlscan.io stories in the [story library](https://www.tines.com/story-library?s=urlscan) ## Use a preferred AI provider in Tines When you create a tenant in Tines, you automatically gain access to AI capabilities in Tines features and Workbench. Tines offers models from both AWS Bedrock and OpenAI but you can choose to use a different LLM. ## Getting started Before bringing in your preferred AI provider into Tines, you must first understand your organization’s AI infrastructure. **Consider the following questions:** - What AI models does your company support? - Are the models schema-compatible (input and output) with either Anthropic or OpenAI? - *A model may not be schema-compatible if your company wrote its own API or hosts a model other than Claude, OpenAI, or Ollama.* - Is your Tines tenant on the cloud or self-hosted? ### Available providers Tines lets you connect with the following AI providers, configurable via the below customizations: | **Provider** | **Base URL** | **API key** | **Custom models** | **Custom headers** | | --- | --- | --- | --- | --- | | Anthropic | ✅ | ✅ | ✅ | ✅ | | OpenAI | ✅ | ✅ | ✅ | ✅ | | AWS Bedrock | ✅ | ✅ | ✅ | ✅ | | Mistral | ✅ | ✅ | ✅ | ✅ | > Notes: > > 1. While we support the above providers directly, we’re able to support any OpenAI or Anthropic spec-compatible providers or observability tools. Refer to the [AI Admin docs](https://tines.com/docs/admin/ai/) for the most current list. As with all features, this list will continue to evolve. > > 2. Each model running locally will have to expose an OpenAI compatible API so that Tines may connect to it. Systems running on Ollama already provide this. ## Add your own provider Tenant admins can follow these steps to add your own AI API key: 1. Navigate to **Settings** - **AI settings** 2. Toggle on **Use custom provider** 3. **Choose the provider** 4. **Enter the API key** [Watch video](https://fast.wistia.net/embed/iframe/oz5ohm7c7a) ### **Scope a provider to specific teams** By default, all teams in your tenant have access to every configured AI provider. Tenant owners can now restrict access to specific teams, giving you more granular control over which teams can use a given provider and its models. To scope a provider to specific teams: 1. Navigate to Settings → AI settings 2. Select the provider you want to configure 3. Under Access, deselect "Grant access to all teams on this tenant" 4. Update the specific teams that should have access ![](https://downloads.intercomcdn.com/i/o/am0g137l/2269215454/d4064c83fcb3c4f987a52c7177d8/team+level+ai+access.gif?expires=1781611200&signature=4b696f5d7fef29c416093085502a28e5c75581f055a60eb194fa604efc9a5762&req=diIhH8t%2FmIVaXfMW3nq%2Bgfr%2FoSOYQ7iBo4LZHyoKQWyTnUMM7MyIaI2Mq3D3%0Au8tJIsZ9%2F6%2B%2BesIKpEamba06z3U%3D%0A) The team that owns the provider's credential will always retain access. This is useful for managing costs, enforcing compliance requirements, or gradually rolling out a new model to specific teams first. ## Additional resources - Explained - [AI in Tines Explained articles](https://explained.tines.com/en/collections/9473753-ai-in-tines) - [How to pitch AI in Tines to your GRC team](https://explained.tines.com/en/articles/10389755-how-to-pitch-ai-in-tines-to-your-grc-team) - [Frequently asked questions: preferred AI providers](https://explained.tines.com/en/articles/10389743-frequently-asked-questions-custom-ai-providers) - [How do I turn on or off the AI-powered features](https://explained.tines.com/en/articles/9396326-how-do-i-turn-on-or-off-the-ai-powered-features) - [Workbench Explained articles](https://explained.tines.com/en/collections/10398899-workbench) - Library story - [Compare prompts across LLM models in Openrouter](https://www.tines.com/library/stories/1281993/?name=compare-prompts-across-llm-models-in-openrouter) - Docs - [AI Agent action docs](https://www.tines.com/docs/actions/types/ai-action/) - [Automatic mode in Event Transform docs](https://www.tines.com/docs/actions/types/event-transformation/automatic/) - [Workbench docs](https://www.tines.com/docs/workbench/) - [Admin - AI docs](https://tines.com/docs/admin/ai/) - Blogs - [AI on your terms: introducing preferred AI providers in Tines](https://www.tines.com/blog/preferred-ai-providers) - [Securely bringing your own AI to Tines](https://tines.com/blog/securely-bringing-your-own-ai-to-tines/) by Matt Muller ## User administration If you're a tenant owner, you can invite and manage additional users for your tenant. There are two levels of user access: user and tenant owner. In addition to tenant-level access, tenant owners can provision more granular access at the team level. Users must be added to a team in order for them to collaborate on Stories with other users. [Learn about teams and permissions in our article here](https://intercom.help/tines-9c531f867f99/en/articles/6883947-using-teams-in-tines). ### **About tenant owners** Tenant owners have ultimate authority over the tenant. This includes: - Provisioning user access - Removing users from a tenant - Deleting queued or retrying jobs - Pushing changes to live in change control - Manage object sharing permissions ### **User Management** To manage users, follow these steps. 1. **View a user.** From the menu beside your team name, select "Users" ([`https:///admin/users`](https://\/admin/users)). This opens a window with a list of users, teams and roles, and last seen time. 2. **Edit a user.** Click on the user's name to view more information and edit their profile. 3. **Invite a user.** Click "New user" from the window and input the users' information. Click "Save" and an invite email will send with instructions on how to complete their registration. ### **Sign-in Activity** Tines retains 2 years of sign in activity for each user. When a user signs in, Tines will record metadata such as timestamp, IP address and the user agent associated with the sign in. These events are made available for download in CSV format from the [audit logs](https://www.tines.com/docs/admin/audit-logs/) page by filtering for `Login` operations. > **👉 Visit the Teams [page](https://intercom.help/tines-9c531f867f99/en/articles/6883947-using-teams-in-tines) for more information on team user roles.** ### **How do I make a user an admin in Tines?** From the users menu in your settings, click on the user's profile. From here, you'll be able to update their details, including their role. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1810212590/abc8913d35bbe2f7f42369b11efd/CleanShot+2025-11-03+at+10_31_32%402x.png?expires=1781611200&signature=1b52a031f45bb6b00d417203003b62405e4400007967e78825ab9b9455c4dbe2&req=dSgmFst%2Fn4RWWfMW3nq%2BgZCW%2BAmxTQaNXcTonhM1Sl3YrYJ31JOouGFUcsWK%0Ad9nRgBJjdpISPYgKrwI9gdLpTts%3D%0A) ## User administration in Tines If you're a tenant owner, you can invite and manage additional uses for your tenant. There are two levels of user access: user and tenant owner. In addition to tenant-level access, tenant owners can provision more granular access at the team level. Users must be added to a team in order for them to collaborate on Stories with other users. [Learn about teams and permissions in our article here](https://intercom.help/tines-9c531f867f99/en/articles/6883947-using-teams-in-tines). #### About tenant owners Tenant owners have ultimate authority over the tenant. This includes: - Provisioning user access - Removing users from a tenant - Deleting queued or retrying jobs - Pushing changes to live in change control - Manage object sharing permissions ### User Management To manage users, follow these steps. 1. **View a user.** From the menu beside your username, select "Manage users" (`https:///admin/users`). This opens a window with a list of users, their current status, tenant role, and last active time. 2. **Edit a user.** Click "Edit user" from the "Actions" dropdown menu to edit a user's profile. 3. **Invite a user.** Click "New user" from the window and input the users' information. Click "Save" and an invite email will send with instructions on how to complete their registration. ### Sign-in Activity Tines retains 30 days of sign-in activity for each user. When a user signs in, Tines will record metadata such as Timestamp, IP address, and the user-agent associated with the sign-in. These events are made available for download in CSV format. Visit the Teams [page](https://intercom.help/tines-9c531f867f99/en/articles/6883947-using-teams-in-tines) for more information on team user roles. ## Use the event transform action ## Overview The event transform action (also referred to as ETA) offers great versatility, with its primary purpose being to "transform" your event data in a highly flexible manner. ## Tines references Before getting started, we recommend familiarizing yourself with the surrounding functionality this article covers: - [Tines - Event Transform Action](https://www.tines.com/docs/actions/types/event-transformation/) - [Tines - Events](https://www.tines.com/docs/events/) ## Make it happen ### ✅ Check one: What do you need the event transform action to accomplish? With its multiple modes, the event transform action can cover a variety of use cases: | **Mode** | **What it does** | **When to use it** | | --- | --- | --- | | [Automatic](https://www.tines.com/docs/actions/types/event-transformation/automatic/) | Leverages AI for data transformation | You want to utilize Tines AI to perform data calculations in one action. See also: [tips for automatic mode](https://explained.tines.com/en/articles/9369122-tips-for-automatic-mode). | | [Deduplicate](https://www.tines.com/docs/actions/types/event-transformation/deduplicate/) | Only allow unique values to flow through based on a provided identifier. | Your user attempts to open multiple, duplicate tickets to an IT team, and you need to remove the duplicates so that only one is actually created. | | [Delay](https://www.tines.com/docs/actions/types/event-transformation/delay/) | Create buffer time before the next action. | You submit a request via an HTTP request action to a service, but need to wait a few minutes before the result is ready. | | [Explode](https://www.tines.com/docs/actions/types/event-transformation/explode/) | Execute every item in an array as a separate element and its own event. | You have an HTTP request and need to give it individual items and not a whole array. | | [Extract](https://www.tines.com/docs/actions/types/event-transformation/extract/) | REGEX to extract data | You want to use a REGEX expression to extract specific values from a string. | | [Implode](https://www.tines.com/docs/actions/types/event-transformation/implode/) | Assemble an array from multiple events that occurred previously in the story. | You have event data that you want to pull together into one event, either from an explode or from a [story fork](https://explained.tines.com/en/articles/9823926-example-approach-story-forks). | | [Message only](https://www.tines.com/docs/actions/types/event-transformation/message-only/) | Leverages dynamic/static event data to emit | You want to restructure your data before the next action. | | [Throttle](https://www.tines.com/docs/actions/types/event-transformation/throttle/) | Allow event data to emit at a rate that you determine. | You are reaching out to an API service that has a rate limit. | ### ✅ Check two: Familiarize yourself with each mode's configuration and options A large aspect of Tines is configuring your actions to run the way you want. Let's take a look at some important tactile concepts. When you pull an event transform action onto your storyboard, it defaults to Message only mode. You'll see that there are key components of the action, such as it's name and description, in the config panel on the right. As you use different modes of the event transform action, you'll see these change. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1306538459/3d5e970961e288c7c1c6734b2480/image.png?expires=1781611200&signature=9ad00dded3cd51d3a0e38e8f2a332b21b2e48738ac93b10258c656bdecb4d670&req=dSMnEMx9lYVaUPMW3nq%2BgZxZ3ERjYqr4ERnhK7jj86BEio4hpcdtl%2FZUxAEl%0AxHFKhdCX84JvhvBg0B1DTToCy9g%3D%0A) > **Tines Tip:** Built out your action, but need help naming it? Use our AI "Generate name" feature next to the action name ( ✨ icon) to automatically generate an action name based on what it's doing! When creating an action, you'll find a **\+ Option** button at the bottom of the config panel. Some settings here can [apply to all modes](https://www.tines.com/docs/actions/configuration/#common-options), while others are [specific to the selected mode](https://www.tines.com/docs/actions/types/event-transformation/). Exploring these options over time can help you customize actions more effectively. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1306545292/0edd0184c2b3f62c90c3cc147b05/image.png?expires=1781611200&signature=cf5ab79cfd06c97bcdaddf373f7bba374fb13a1e33dbfbaaacb8c30df367eccb&req=dSMnEMx6mINWW%2FMW3nq%2BgQD0LaT2FCleb2574dXzORkPiMYYwx5vHSu%2BTypQ%0AQAUzSXaKMFESA25br1CmBBq%2Bd44%3D%0A) ## Using Dashboards Dashboards are designed to help you monitor and report on your data. This article will help you set up a dashboard in Tines. Read our introduction to dashboards [here](https://explained.tines.com/en/articles/9521649-introduction-to-dashboards). ## Create a dashboard To create a new dashboard, click on the ‘+ New’ button. Give the dashboard a name and click ‘Save’. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2203614303/8b06d1a534f910f8819df7da72c4/Dashboards+-+Create+New.gif?expires=1781611200&signature=db08ca334011602e8e9ef3181629e93a93e9303dcee81797fc79588e2e130506&req=diInFc9%2FmYJfWvMW3nq%2BgRf4OfDKRHhHNEJuAuXtwynNZUtalOTGJQm6ydNy%0A1oQMADqH%2F7AIKqry8BUQVKSHqzo%3D%0A) ### Teams and groups Dashboards can be created within a team or a case group. You must select the team or group to view their dashboards. Dashboards are not inherited from a group up to the team. > Note: The data available to a dashboard is scoped to the group or team it was created in. ## Duplicating dashboards Dashboards can be duplicated within a team or group. You can also duplicate a dashboard from a team into one of its groups. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2203479707/6606a38b4f6db7255a5e0f90ad32/duplicate+dashboard.gif?expires=1781611200&signature=14e3560ff33e1da52b86d76c94865d4488a907b2c3f2374d12f9e03409237986&req=diInFc15lIZfXvMW3nq%2BgXAcRw9qyzpxsuR73iR0LqJz6vLmot5Zxm3Vyw5v%0ABD6BskquAV2nH60ZNRd2eG58xzc%3D%0A) > Note: The name must be unique and can be edited at any time. ## Adding components to your dashboard There are three main components for building out a dashboard: - **Cases visualization:** Create a chart, graph, list, or number block representing case data. - **Records visualization:** Create a chart, graph, table, or number block representing records data. - **Notes:** context to provide alongside the charts or lists with markdown support ### Adding a cases chart Use this option to build a filtered view of cases data. Cases charts are can be created within dashboards residing within a team or a case group. Follow these steps to add a cases chart to your dashboard: ![](https://downloads.intercomcdn.com/i/o/am0g137l/2203615025/8645134e240063b274dc11b53b75/Dashboards+-+Add+Chart.gif?expires=1781611200&signature=34bd5f103f77111e37bece1cda8c5ebbaf984b22914aff294713d10c091610eb&req=diInFc9%2FmIFdXPMW3nq%2Bgbz4PlEr5iFPmT1j8TIVBPJM3JXMc88qMCyvrJ4s%0A509U5v45k%2Bfg83ppGr3E0fOeAP8%3D%0A) - Click on ‘Add Chart’ or click the + icon and select visualization (if you already have graphs in your dashboard) - Select the “cases” toggle at the top - Give your chart a name - Select your: - Data source - Chart type - Style - Set the maximum results you want to return (if applicable) - Add filters to narrow in on specific data (optional) > Note: depending on your choice of data source, you will have the option of the following chart types: > > - Line graph > > - Number block > > - Pie chart > > - List > > - Bar chart ### Adding a record Use this option to build for a view of records data. Records charts can be created within a dashboard residing only within a team. Follow these steps to add a records chart to your dashboard: - Click on ‘Add Chart’ or click the + icon and select visualization (if you already have graphs in your dashboard) - Click on the ‘Records’ tab ![](https://downloads.intercomcdn.com/i/o/am0g137l/2203621313/741e5459b5df88b5119053480344/Dashboards+-+switch+to+records.gif?expires=1781611200&signature=d51e4fcf3ab7a27977ad3cede5ca7646c1b61010fe2f0661d71cdfb121f19530&req=diInFc98nIJeWvMW3nq%2BgX9cAzvgUSiSvVs2dgDLeKJ5G0nh3AcfrYyiQwTD%0AfiRAiX8XRXPD1yYJCAgFtn7Zwss%3D%0A) - Give your chart a name - Select your: - Data source - Chart type - Summarize - Time Frame - Style (if applicable) - Maximum results you want to return (if applicable) ### Adding a note Notes let you add explanations and context to your dashboard. In the toolbar, click the + icon and select ‘Note’. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2203616337/cea9e34f878142165d9a5341a505/d0eeba67-a3dd-417a-b198-dfb41d82e035?expires=1781611200&signature=bcb6576c9fec3f103fa1aacc1f51a5bdb4abb7f49be76bacef10ea7d9d66b378&req=diInFc9%2Fm4JcXvMW3nq%2BgY6W4JNZPWmhEt%2Br%2Fy2gzbSMeKVx5IOew8UKGQtN%0AoUt%2FwGrCK243t9NX5Up0HxDsyjI%3D%0A) Once added, you can add the following to your note: - Text - Links - Checklists - Images ## Drill down Drill down functionality is available in both your charts and record views. This is useful because it allows you to view the specific, related cases that make up a particular section of a chart or record view. - Float over a section of your graph - Hold command and click on a section of your graph > Note: Hold ‘Shift’ to select more than one section - The related cases from that section will open in a new tab Learn more about building dashboards in our [docs](https://www.tines.com/docs/records-cases/dashboards). ## Using explode and implode This article and video explains how to use the explode and implode modes within the event transform action in Tines to process, clean, and reassemble array data. This is useful for manipulating data elements, such as removing unwanted characters, that would otherwise be difficult to do individually. [Watch video](https://www.youtube.com/embed/nQivWrTMprM?rel=0) > **Tines Tip:** For more background information on Implode and Explode actions, read here: > > - [Explode mode](https://www.tines.com/docs/actions/types/event-transformation/explode) > > - [Implode mode](https://www.tines.com/docs/actions/types/event-transformation/implode) ## Steps ### Initial setup (the kickoff action) The process begins with an action (referred to here as the kickoff action) that contains an array of data. In this example, the data includes email, name, and id fields for several people. Each field contains an unwanted extra character, a dollar sign ($), which needs to be removed. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2249230677/e8d3e17ff42f22b95a9958e7dc77/7b29f9d5-db2d-4734-89ab-3c26293930de?expires=1781611200&signature=f80dfc5d99467d46261c828298d9c0ebbc8e78499519e6cdec1a0736a87694dc&req=diIjH8t9nYdYXvMW3nq%2BgVHXgw96fYH3Yyh%2BlnwJdIn7DSFMBeiMCfYzast8%0Adj%2BYzFn8i2NLsgIgpxM2J9yE1KM%3D%0A) Here is the data if you want to follow along: ``` [ { "email": "john$$doe@example.com", "name": "John$$ Doe", "id": "133445" }, { "email": "jane$$doe@example.com", "name": "Jane$$ Doe", "id": "198876" }, { "email": "jessie$$doe@example.com", "name": "Jessie$$ Doe", "id": "192837" } ] ``` ### Step 1: Explode the data To process the data points individually, pull in an event transform action and connect it from the kickoff action. This is the explode step. 1. Name the action (e.g., Explode). 2. Set the mode to "Explode". 3. Set the path to reference the source data array (e.g., `kickoff`). - By default, the exploded items are named `individual_item`, but you can rename this if desired. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2249233662/925de1e379553c3ba4ddde89100e/Explode.gif?expires=1781611200&signature=28bbd7d3d5766080e1c8b5a1638a1c089807ec6e7fbc846b948bc8b19911f4f1&req=diIjH8t9nodZW%2FMW3nq%2BgSO4ZtjWgP0SnGpI8Mm7fqezN0kpIRTxwFCj%2BPrN%0AjiSsegtPh9wlB5Uqr7qvEDcczHU%3D%0A) Running the workflow will cause the Explode action to generate multiple events, one for each item in the original array. The unwanted characters are still present at this stage. ### Step 2: Format and clean the data Next, pull in a second event transform action and connect it from the explode action to clean and format the data. 1. Name the action (e.g., Format Data). 2. In the message field, set up the desired key-value pairs (`email`, `name`, and `id`) to maintain the original data structure. 3. For the value of each key, use a formula to reference the exploded item's data and remove the extra character. The `REMOVE` formula is often the simplest method for this. - Example formula for email: `REMOVE(explode.item.email, '$')` - Apply this same formula logic to the name field, adjusting the data pill reference (e.g., `REMOVE(explode.item.name, '$')`. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2249240712/e47830ae952def5aa83dcb0599f8/f5746ebd-d1cc-4a5d-8f78-375f9ada9206?expires=1781611200&signature=a7705c03a177c2736e163799802dd52df7863e60a5bb94e051b12963f3a5fa86&req=diIjH8t6nYZeW%2FMW3nq%2BgRiZX4SxvUKaJKISIGR9%2BESoSpZzSMV8E5melhyS%0AJAMY%2FHgmrk97xkhyTfqGHKLGrv4%3D%0A) Running the workflow now shows that the Format Data action has cleaned the email, name, and ip fields by removing the extra dollar signs, modifying the data to the desired format. ### Step 3: Implode the data Finally, use a third event transform action in implode mode to combine the individual, cleaned events back into a single list. 1. Name the action (e.g., Implode). 2. Set the mode to Implode. 3. Set the item path to the action containing the cleaned data (e.g., Format Data). 4. Set the guide path to `explode.guid`. This is the unique identifier created when the initial explode action happens. 5. Set the size path to `explode.size`. This tells Tines how many items were exploded. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2249243778/f4b38696dcc88722c26f69053e8d/0a69f83e-2140-45ed-8d23-46bad97ebc48?expires=1781611200&signature=cc75272a4483f6947d086f1150ea5faec6440a89aff32f4ab4e10c8f83de06ac&req=diIjH8t6noZYUfMW3nq%2BgYnM8pd06GQZ2PWB2%2FbSRxw6pKvfvwfPnKXbRN%2B8%0A5o%2Fqu63RZQRGzrG3W4OLCC1If2s%3D%0A) When the workflow is run, the Implode action will output a single item containing the complete list of cleaned data, pulling everything back together. This showcases how you can quickly use a couple of different event transforms to achieve cool results. ## Event processing flow of explode actions When a story is started, a story run GUID is created. This is a unique identifier for that story run. For each action that is executed, they have an event ID, which is unique to the singular execution of that action. An explode action treats however many events were emitted from it *almost* as different story runs. So, they're emitted and they can flow through the rest of the story in parallel to each other, but they maintain the same story run GUID. We do not respect the order of the events from an explode. For example, when these events are submitted, if you run the same transformation against 50 events and then use an implode action, the implode can and will receive them out of order. This is because, on our back-end, some processors will do the same job slightly faster than others, and while we process as first in/first out, we can't guarantee that an implode will be in the same order as it was sent out. ## Example: Exploding an array This video explains how to explode an array in Tines using a get cat picture example. [Watch video](https://www.youtube.com/embed/W9geiPgPuiI?rel=0) > **👉 For a more detailed description of event transformation** [see here](https://www.tines.com/docs/actions/types/event-transformation/) ## Using functions ## How to use the FILTER function The below video outlines how to use the [FILTER](https://www.tines.com/docs/formulas/functions/filter) function in Tines. [Watch video](https://www.youtube.com/embed/4Z82ifWvBNk?rel=0) > **👉 For more details on functions in Tines, [see here](https://www.tines.com/docs/formulas/functions).** ## How to use the map function in Tines This video explains how to use the map function in the event transform in Tines to filter to a portion of an array using an identified key. [Watch video](https://www.youtube.com/embed/w6gdGboCp_Y?rel=0) > **👉 For a more detailed description of map including examples** [see here.](https://www.tines.com/docs/formulas/functions/map) ## How to use the push function in Tines The below video outlines how to use the [push](https://www.tines.com/docs/formulas/functions/push) function in Tines. [Watch video](https://www.youtube.com/embed/qqxIy_DCmhI?rel=0) ## Using groups Is your Tines story starting to look a little long and complicated? Groups can help you turn sprawling workflows into clean, organized, and easy-to-manage automated processes. ## What is a group? A group is simply a collection of actions within your story. It lets you bundle a series of related actions into one place, making your story more organized. By using groups, you make your complex stories much easier for anyone on your team to understand, troubleshoot, and maintain. It's the perfect way to take a distinct part of your workflow—like checking an IP address, formatting a security alert, or creating a new ticket—and tuck it neatly away under a single, identifiable action. ## How to create a group In your storyboard, select the actions you want to combine. Then, choose Group, or use the keyboard shortcut Cmd/Ctrl + G. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2095372321/f1d59b4873e047147a992b904d41/Create+a+group+of+actions.gif?expires=1781611200&signature=1e8200ae48771aab715e4ced49a00084266a1f5d12e34752ab8d57e254a2e0e1&req=diAuE8p5n4JdWPMW3nq%2BgbsKtL%2FbpLW30mtflNPMrIo2iDz%2BcJ9UTWVJt%2FWJ%0AsU9VxbPLAoSrTMTOpk6vS1gl%2FlA%3D%0A) ## Functionality ### Passing data Groups make it easy to control the information going in and out. You can define specific inputs to send data into your group and configure the output to return exactly the data you need back to the main story. ### Handling lists with loops If you have a list of items (like a list of 100 email addresses, or 50 security alerts) that all need the exact same process applied, a group can do it. You simply tell the group which list to process, and it will automatically run all of its internal actions for every single item. This ability to automatically process lists makes your stories highly scalable. ## Setting inputs and outputs for groups Group inputs and outputs are used to create a clean interface for data to flow into and out of a group, making groups work like reusable components or functions. Every group you create will have both a group input and a group output, allowing you to manage the data exchange between the group and its parent story. ### Group input The group input allows you to define custom fields that can pass data into your group from the rest of your story. They act as the parameters for your group. This makes it easy to send necessary information to your group to execute its defined actions. A group input can be configured with one or more custom options, each supporting a specific data type: - **Object**: Displays an object builder for structured data input. - **Plain Text**: Renders a simple plaintext input field. - **Checkbox**: Renders a single-option checkbox. - **Number**: Renders a number input field. - **Formula**: Renders an input field that supports Tines formulas. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2277360742/45c7f5b2d84ab6a914fe0dd66f5d/17ea6279-a355-47db-a268-84e895cead2b?expires=1781611200&signature=03232f180430f8e88c8a7a672b697962b5ed269ab76f45234d70c6acc814e68a&req=diIgEcp4nYZbW%2FMW3nq%2BgdB0%2BaK1EYcGeC04pGbQ3rBOHDd0LY%2FPBczejNBY%0AvJuBe8hkcFxijPT656GLtODcmPk%3D%0A) ### Group output The group output is where you configure the data that will be returned from the group back to the parent story. This ensures the results of the group's actions are correctly formatted and available for the next action in your workflow to reference the data. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2277360741/96255c26205fc83cc3ecdb145d30/91490476-7b7d-432c-975f-5b66394d201f?expires=1781611200&signature=414b779fee01f4b9889f1ac1899749a0f1270816d5049ecf79781c000340b90e&req=diIgEcp4nYZbWPMW3nq%2BgfeC%2B9EE9JaWZlpA07W6k1mypEp9J8NoZZn704SG%0AGmZ1Qx5%2FLBV7eye3Tg3jXQc22u4%3D%0A) > Note: A group of actions can have only *one* output. You can configure a group using triggers so that only one of the available outputs will be outputted from the group. For example: ![](https://downloads.intercomcdn.com/i/o/am0g137l/2277448235/00635050c3cda4fb51a80ca2f38d/Action%2BGroup%2Bwith%2BTriggers.png?expires=1781611200&signature=b5860328d8e1e0a9694e05655fc68179c722e284d08cf4bc5a3cdc5865f89a0d&req=diIgEc16lYNcXPMW3nq%2BgQo4dPwdYvRKcKtDHc2rTDI2ADWY7y7XALnNgLCh%0AfcqBGxWK%2FufsGsg2YjaNIdRMR40%3D%0A) ### Example use case Imagine a group called "Enrich IP Address": - **Group input:** Receives ip\_address from upstream actions - **Internal sections**: Looks up geolocation, threat intel, WHOIS data - **Group output:** Returns enriched data object with all findings The result is that any action can send an IP to this group and get back enriched data, without knowing how enrichment works internally. Without group inputs and outputs, actions inside a group couldn't receive data from outside, and actions outside couldn't access the group's results. ## Using the loop option in groups When building stories in Tines, you may need to perform a sequence of actions on every item in a list - for example; a list of users, security alerts, or IP addresses. Instead of manually creating separate workflow branches for each item, you can use the loop option in groups. Using the loop option when configuring your groups allows you to apply your logic to every element in an array automatically. ### How it works When you configure a group with the `LOOP` option, Tines will: 1. Take an array (a list of items) from a preceding event. 2. Invoke the entire group for each element in that array. 3. Emit a single output event containing an aggregated list of the results after all loop iterations are complete. ### Loop object When configuring the loop, specify the path to the array you want to iterate on. Within the group, you can refer to the current item being processed using the special `LOOP` object: - `LOOP.value`: The current element from the array (e.g., the IP address). - `LOOP.index`: The position of the current element in the array (starting from 0). ### Serial vs. parallel processing Groups offer two main modes for processing the loop: - **Serial**: The elements are processed one after another to preserve the original order of your array in the final output. This option is selected by default. - **Parallel**: All elements are processed simultaneously. Use this option for better performance when the order of the items in the list doesn’t matter. > **Note:** The parallel processing option does not guarantee the order of the elements is maintained in the final output. ### Important considerations #### Loop size limit A single loop can run on an array containing up to 20,000 elements. For larger arrays, it is recommended to: 1. Use the `CHUNK_ARRAY` formula to break the list into smaller sub-lists. 2. Use an explode mode event transformation action to emit an event for each of the sub-lists. 3. Loop over the lists contained in each emitted event #### Error handling If any single element in the array causes a failure within the group, the entire loop processing is stopped. You must build in error path handling (with a dedicated outgoing event from the group) to ensure your Story can continue processing if an element fails. ## Group restrictions There are a few actions you cannot currently place inside groups. Specifically, you cannot group the following action types: - Pages - Webhooks - Receive Email Additionally, the actions within a group cannot be set up to run on a schedule. > Read more about groups in our docs [here](https://www.tines.com/docs/stories/groups/). ## Using loop in Tines Looping is a common method to iterate through a list in Tines. ## Enabling loop Drag an event transform action onto your storyboard. On the configuration panel on the right, click on "Loop". ![](https://downloads.intercomcdn.com/i/o/am0g137l/2244780598/4dac61379932ddd8c7af2aa558bf/enable+loop.gif?expires=1781611200&signature=2ded15c4df245e2c9b08b16b750bfce3ed3370c2f1e23eab7c0c679312927637&req=diIjEs52nYRWUfMW3nq%2BgYiOXSi4aX7%2BWqrNphYxSLIwYzDct5x9QJaITBY5%0AqVSQpx3JWlQfKajV31tE2H12j6Y%3D%0A) > **Note:** The local value will reset at the beginning of each loop iteration. ## How to use use loop You can follow along in the following video: [Watch video](https://www.youtube.com/embed/w_amfsa0ido?rel=0) Or, look more closely at the examples by going to the story library and importing the [explore loop example](https://www.tines.com/library/stories/1160559/?name=explore-loop-examples) story into your tenant. ### Use the explode event transform action The first and easiest way to loop through a set of arrays in Tines is to use the explode event transform action. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2244660763/1aa5e4746e84dfbcaec8e2a1ddb2/848294a6-e507-46c4-93b9-f58123686310?expires=1781611200&signature=7183403555f3b9661a093ef6dd9835c8b69a9a43caf6bb6262ab62fbdec6e23a&req=diIjEs94nYZZWvMW3nq%2BgW5J%2Bx%2FSwlEdvvMbTO%2F0hh%2FWiUf0hS5cQPhclXLO%0AUfe97JhLIeYPTRNxLseefoo2ULo%3D%0A) Explode allows you to loop through each array that is specified in the path and output multiple events related to each specific array that exists. This is useful when you want to perform enrichment or further actions on each specific array in a new unique event. ### Use the event transform action in message mode The second way to loop through events is with the event transform action in message mode with the loop option enabled. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2244660765/37f3a9f03b599746278ace921004/2d54f1e9-9af4-4a0a-8f9c-4979e97302a2?expires=1781611200&signature=046e9a80179139f01654d0e25057fa1d4ea4e5d305fa5778daea36d516c0d57f&req=diIjEs94nYZZXPMW3nq%2BgQSj8nhR0q41dQcStOd3ZLEDWPSCUUYCAeMlGTZA%0A5i4YwlzjzmR%2Bu7%2Bm3SLxvDzRPhc%3D%0A) The main difference with this approach is that a single event is emitted instead of multiple. This allows you to create a new single event using array data that has been looped through. ### Use tags The third way to perform looping is to use tags. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2244660764/3bab33522cd37799e2c3b0f0efff/69d0728b-e3fd-4965-abc9-040122bb36f8?expires=1781611200&signature=4f38d480d1aefabc37cf3eed27b6a573f9b60b594ab2afa1ce3df744125b861c&req=diIjEs94nYZZXfMW3nq%2BgbY6K%2FbACEnMWg4EJRV3zlbJX%2Fi0GcmWCvBo8A6j%0AGuODEQVUb0K%2BeGnfBvahd8RHqeU%3D%0A) This method comes in handy if you have two different groups of arrays and you want to loop through them. > Note: If you are familiar with Python, this will look similar to how a for loop is constructed. ## Example: How to loop through data with event transform action This video outlines how to use event transform to loop through an array of data in Tines. [Watch video](https://www.youtube.com/embed/J4KXf7C7LzE?rel=0) > **👉 For examples of using loop** [see here](https://www.tines.com/story-library/1160559/explore-loop-examples) ## Using Pages in Tines Pages in Tines are web pages connected to your stories that your end users can provide input to (and view output from) your workflows. This article will go through how to use pages in Tines. For an introduction to pages in Tines, read [this article](https://What%20are%20pages%20in%20Tines?). ## Collecting inputs with forms The most common way to use pages is to kick off a Story run based on some structured user input. ### Defining input fields First, [add a page](https://www.tines.com/docs/pages/#adding-a-page) and double-click it to open the editor. Then, use the page editor to select form input fields for the type of information you want to collect from the user. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2218788609/ce50f63ff037ab681d672f8c57db/pages+fields.gif?expires=1781611200&signature=2b97d6033b69eb65bd71d68cbc8bd166bdee235f141cecfd5173d369919162ba&req=diImHs52lYdfUPMW3nq%2BgaJ%2BO8OQw2BpMo%2Fhz0FLT%2B6qdNT%2FypwFrY7TCgSW%0AeeCjrh2%2BDgTV3YC7S1dcws6%2Fpos%3D%0A) When adding a field to a page, you can select from the following options: - Short text - Long text - Email - Web URL - Option - Date or time - Boolean - Number - Slider - File upload - Password When the field is added, you can configure it with the following options: - Helper text - Multi-select - Required - Default value - Custom validation ## Connecting to your story Once your page is configured to accept the input you need, it's time to connect it to downstream actions (or other pages). Just like actions, pages produce [events](https://intercom.help/tines-9c531f867f99/en/articles/6877834-events-in-tines) once they're submitted, and these events get passed to everything downstream, providing contextual data. For a simple example, let's say we've connected our page to an action that sends an email: ![](https://downloads.intercomcdn.com/i/o/am0g137l/2218789740/ace23fb2c385a8ff54a3127ea068/944ddaa4-fa6d-4af5-bd8c-c46f0e520726?expires=1781611200&signature=31254761c0b41e9be2f3ba2aa66579e3ff88f2a6b40bc3ce374b9f43888b1331&req=diImHs52lIZbWfMW3nq%2BgcQvbi1zbypXg0ztowZ%2F%2BHzs%2BbfjFkMa%2FzHMFAMj%0AxbhiXJXhfzZQ9Akmq5nn0HPasqI%3D%0A) The "Send an email" action could then access the submitted page data using a [formulas expression](https://intercom.help/tines-9c531f867f99/en/articles/6878126-referencing-data-with-formulas) like the following: `new_page.body.example_input` ## How can I directly access a page in a story? A page can only be directly accessed if it is the first action in a story without any input event into the page action. If a page has an input, the page will only be created and a link generated when an event comes into the page as the information submitted in the page will continue the same story run as shown below. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2218790706/92dde5c36df64b8fa32c1a652ffc/eb09438d-3d98-4407-a989-e30478314fb6?expires=1781611200&signature=f2f9076f38a27ed8e147aa815bdfee7fbd05bea61b7794a152bc6817a3fe036a&req=diImHs53nYZfX%2FMW3nq%2BgQbEUFlM4t2HQOLGhWkrKJRgSIr3jDdjDBAHBpSE%0AA1xtXnJG8hjKCn%2FZnF0YbTYKHII%3D%0A) > Read more about pages in our docs [here](https://www.tines.com/docs/pages/). ## Using Teams in Tines When invited to a team, you can then segment users and objects. Objects in Tines include credentials, resources, and workflows (i.e., Stories). ### **How does it work?** Users can only access the objects within their designated teams. Tenant owners are the only ones who can view all teams and objects across the tenant. ### **How do I invite users to a team?** Adding members to a team is simple: 1. Open Tines and click on your team name 2. Click `Settings` and then `Users` 3. Hit `+New` and enter the email address of the user you want to invite. You can separate multiple email addresses with a comma. 4. Optional: Assign teams and roles After a team member accepts the invitation, you can configure their role. ### Understanding Roles Roles in teams include admin, editor, or viewer. Each role within a team is designated certain permissions and levels of access. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2035973438/373dd8b7104a3a380ab59a45ae1f/CleanShot+2026-02-06+at+15_24_29%402x.png?expires=1781611200&signature=9630ad6cc900b98e1fcd99bda362d3042b3c45346b2d1b451401e5acbe4fb8db&req=diAkE8B5noVcUfMW3nq%2BgVgahZEJI3xTq%2FM5RxDOSAFKanlut17T5lihXE8Z%0AR5VT3ODOWdUXqenlCCKnRnzQ8J4%3D%0A) > 👉 **Learn more about roles in Tines [here](https://explained.tines.com/en/articles/13367762-roles-in-tines).** #### Team Admin This is the editor who also manages the team. They have unrestricted read and write permissions for all objects within the team including: - Add, manage, or remove members of a team - Perform destructive actions such as deleting an object - Push changes to a workflow live through [change control](https://www.tines.com/docs/stories/change-control) #### Editor This editor has read and write permissions to *most* objects across a team, but they cannot manage member access to the team or perform destructive actions. This role is useful for most users who simply need the ability to create, edit, and run Stories in Tines. #### Viewer This role gives a user **read-only permission** across a team. They can view, but not edit, objects in a team. This role is useful for situations where a colleague or auditor needs oversight or understanding of an automated workflow, without the ability to alter it – or even accidentally break it. #### Permissions table This table provides a detailed view of the exact permissions for the different roles. | **Permission/Team Role** | **Team Admin** | **Editor** | **Viewer** | | --- | --- | --- | --- | | **Read objects** | **x** | **x** | **x** | | **Interact with pages** | **x** | **x** | **x** | | **Create new objects** | **x** | **x** | | | **Edit existing objects** | **x** | **x** | | | **Run an action** | **x** | **x** | | | **Import a story** | **x** | **x** | | | **Export a story** | **x** | **x** | **x** | | **Push changes to a story** | **x** | | | | **Manage team members** | **x** | | | | **Share objects** | **x** | | | | **Move objects** | **x** | | | | **Delete objects** | **x** | | | > *Objects are events, resources, credentials, records, or workflows (Stories) in Tines.* ### Object sharing across teams By default, all objects are shared to the team where it was created. This enables editors to reuse a single object in multiple places. As a result, when an object is changed or updated, that change is reflected everywhere the object is used. ##### Limiting or increasing access to an object When creating a credential or resource, the editor defines the access level. They can choose to share it with all teams or select specific teams. This is useful when some teams shouldn't be able to access a credential or resource. > **Note:** all objects shared outside a team **must have a unique name**. More information on Story sharing configuration can be found with the [Send to Story](https://www.tines.com/docs/stories/send-to-story) configuration options. ## Team story allocation If you have multiple teams in a tenant, the tenant owner can provision story limits by team. 1. Go to your main menu in the top left corner 2. Click `Settings` and then `story allocation` 3. Check the box for the team(s) you want to limit 4. Set the maximum stories for the team(s) 5. Click `Save` You can always come back and modify these settings. * * * *Please note: depending on your plan, you may only have access to a certain number of teams and builders (editors and team admins). If you need to increase your limits, please reach out to your Customer Success Manager. [See the Pricing Explained for more information](https://explained.tines.com/en/articles/7007597-understanding-tines-pricing-plans).* ## Using the send email action ## Configure emails - Start by dragging a send email action onto the storyboard. - Select the send email action to configure. - Configure the email in the properties panel on the right. - You can configure the reply to address, sender name, subject, and the body of the email. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2273052274/6346f0d0abae76f648f765d02bc1/send+email+configure.gif?expires=1781611200&signature=7a18b3584c7cd69da087199ecd82cc769dd3a7e13ac3530a24d901b256426bbe&req=diIgFcl7n4NYXfMW3nq%2BgTmmcpDwRGlZotuJrmAH0xT%2BAXd6tngt6e6JS8na%0Ay9M3JrGkXdQuwSN3xRKztp7TRdU%3D%0A) There is an HTML editor available in Tines to format the email body. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2273053362/bfc675cd45d831eaa083b6502f36/send+email+html.gif?expires=1781611200&signature=799ddc23387bf55fd4440544b3e6e1d74354d7990a922cb4f8d6e50043b99198&req=diIgFcl7noJZW%2FMW3nq%2Bgccz971bv6KHxWkmaKB%2BJydSi65jSEPxGvTVbhA2%0AwvhFK37XOaMQUlmybFSFqqCxGls%3D%0A) ### Email attachment size limit There is currently no limit to the size of email attachments in Tines. ## Sender detail tips ### Trusted senders list To ensure that you receive all emails from Tines, add the following addresses to your trusted sender's list: - support@tines.com - support@tines.io - mail@tines.com - mail@tines.io - Any [custom email](https://explained.tines.com/en/articles/8128720-how-do-i-configure-a-custom-sender-email-address-for-my-tenant) senders configured on the tenant If you continue to encounter issues, please contact [support](https://www.tines.com/contact) as we may need to remove your email address from an Amazon blocklist. ### Mail exchange (MX) record The MX record value is necessary for the custom sender email address feature. Using the [custom sender email address](https://www.tines.com/docs/admin/custom-sender-email-addresses) feature, you will need to create a subdomain (i.e. `security.tines.com`) in order to get (i.e. `tines.com`) to work as a sender domain. The subdomain is used to verify that you own your domain, and does not actually have a mail server. Tines' custom sender email address feature is powered by Amazon SES and MAIL FROM, and the need for the MX record is a requirement from AWS: [Using a custom MAIL FROM domain](https://docs.aws.amazon.com/ses/latest/dg/mail-from.html#:~:text=SES%20requires%20you%20to%20publish,send%20email%20from%20your%20domain). > To learn more about the send email action, [see here](https://www.tines.com/docs/actions/types/email). ## Using the Tines Tunnel The Tines tunnel provides a way to securely access your systems running on private networks from the Tines cloud environment. It is deployed as a container service. Get started by opening your tenant and appending the URL with: `/admin/tunnel`. This gives you the relevant information to deploy the tunnel container. ​ ## Deploying the tunnel The tunnel container can be run with Docker using the example below or similarly with other container orchestration platforms. ``` docker run \ --name tines-tunnel \ --env TINES_TUNNEL_SECRET="secret" \ tines/tines-tunnel:latest ``` The tunnel service uses the host routing and DNS services where it is deployed. ## Using the tunnel HTTP Requests can be sent through the tunnel by selecting the `Use tunnel` parameter in an HTTP Request action properties panel. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1750723875/f78d85e9230efade115ea9ea664d/HTTP+action.png?expires=1781611200&signature=b8e7e676874e7b8b9c8fb0da9467bb2acce3ae660af3fc09c53efaf72baef7dd&req=dSciFs58nolYXPMW3nq%2BgXcjBzs0kIv9TQwzmcZ%2FxY02x5Xm37UP73uD%2BPHh%0AsKYvA5%2FLbqiGpfiSVxvlNAKc6rs%3D%0A) ![](https://downloads.intercomcdn.com/i/o/am0g137l/1750716254/ec37fb915faccfd5784d14754074/Tunnel.png?expires=1781611200&signature=71d92805c17955639bcc557fe624e6b0840ad81b46887e7d88e6021a88222b69&req=dSciFs5%2Fm4NaXfMW3nq%2BgT5ecSjArz2puJinvbjpohTprVwsdt1CVIwzfbbn%0A2tRV%2BMmWRqo6aQbUhJ4Jj5XaHD8%3D%0A) ## Connectivity Requirements The Tines tunnel uses [Cloudflare Tunnels](https://developers.cloudflare.com/cloudflare-one/connections/connect-apps). To function properly, it requires connectivity to Cloudflare. It does not require additional inbound from Tines, the internet, or elsewhere. The container will attempt to form a connection with the services below from its deployment location. | **DESTINATION** | **PORT** | **PROTOCOLS** | **DIRECTION** | | --- | --- | --- | --- | | region1.argotunnel.com | 7844 | TCP/UDP/QUIC/h2mux | Outbound | | region2.argotunnel.com | 7844 | TCP/UDP/QUIC/h2mux | Outbound | | region1.v2.argotunnel.com | 7844 | TCP/UDP/QUIC/h2mux | Outbound | | region2.v2.argotunnel.com | 7844 | TCP/UDP/QUIC/h2mux | Outbound | | api.cloudflare.com | 443 | TCP/HTTPS | Outbound | | updates.cloudflare.com | 443 | TCP/HTTPS | Outbound | If utilizing strict TLS/SSL inspection, exclude the above HTTPS traffic from the interception policy and outbound traffic to `cftunnel.com`. For more information, see Cloudflare's documentation [here](https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/do-more-with-tunnels/ports-and-ips/). > ➡️ The tunnel is an available add-on for cloud customers. > Learn more by contacting [Tines support](https://www.tines.com/contact-support). ## Using Workbench ### Enabling stories for Workbench As explained in an [Introduction to Workbench](https://explained.tines.com/en/articles/9822635-introduction-to-workbench), the product is user-scoped. Any builder within a team can enable a story for Workbench via the [send-to-story](https://www.tines.com/docs/actions/types/send-to-story/) settings in the build pane. There are two options for stories and Workbench: - **Workbench**: this means the story is only available to use in Workbench, not other stories. These stories *do not* count towards your tenant limits as they cannot run autonomously. - **Workbench and send-to-story**: this means it can be referenced in either Workbench or another Story. This is great if you’re looking to leverage existing stories in Workbench as well. These do count towards your tenant limits. ![](https://downloads.intercomcdn.com/i/o/1175830622/b15082d866d3c232c9eda16c/Enable+Workbench+stories.gif?expires=1781611200&signature=e6c8578f69c4b3c867879975599de4631e9c0f3cbe76ef19c11b35067331e8e4&req=dSEgE8F9nYddW%2FMW3nq%2BgbnLmek35VPG74IHGgEy6I3Qi81n17xzWdcjdgBi%0A%2Fvvy3FhAEXiU18hhZN5PP7cEoS8%3D%0A) In this video, we'll learn how we can add a story to be accessible by Workbench. [Watch video](https://www.youtube.com/embed/Kj-e3CLjngM?rel=0) ### Finding optimal efficiency with Stories and Workbench With Workbench, you are in the driver's seat. You determine what Workbench can and cannot do within your tenant based on the stories you enable. For ideal functionality, make sure your send to story inputs are well-defined with descriptions. The stronger a story description, the better Workbench will understand your task and perform your request. This is especially helpful when you have similar stories available to Workbench. ### **How to chat with Workbench** In the below video, we'll take a look at how we can interact with Workbench. [Watch video](https://www.youtube.com/embed/lx2XeedEcCk?rel=0) ### **Leverage templates and stories in Workbench** In this video, we'll take a look at how we can activate available templates and stories to our Workbench instance. [Watch video](https://www.youtube.com/embed/9txpybCFWNo?rel=0) #### **Looking for inspiration?** Workbench is useful to any team! Here are a few ways different teams can take advantage of the product - **Security:** enrich user and asset information, investigate EDR alerts, analyze and block IPs, domains, and URLs, run real-time response and forensic investigations - **IT:** create a ticket in Jira, lock down a device in Jamf - **Any Tines builder:** view upcoming meetings, send a Slack message, create a new document in Google Docs If you need inspiration, explore our [Library](https://www.tines.com/library/). We’ve added a few stories that you can import into your own tenant. Each story includes a complete look at the chat conversations to give you an idea of what the output may look like. ## Venafi Authentication Guide Venafi provides global visibility of machine identities and their associated risks for the extended enterprise on-premises, mobile, virtual, cloud, and IoT. Venafi delivers innovative solutions for the world's most demanding, security-conscious Global 5000 organizations and government agencies. ## First, get a Venafi API key 1. Login to your Venafi account 2. Click on the user menu and click "Preferences" ​ ​ ![](https://downloads.intercomcdn.com/i/o/929245556/6a9a743119615ad47cc98de3/image.png?expires=1781611200&signature=4027fadd0001a6612ca03c129d1f26ac4dbc45cde212918d6ccb2e5385ad474a&req=fSIuFM17mIRZFb4V1XW4gW08aT8a%2FLXh8RpNUY1mfnE7tfRxWT4f%2B%2FNbBwtZ%0Amo8VIe%2Bv9B88%2Fmsq6QOxIBiDMw%3D%3D%0A) ​ ​ 3. Click on "API Keys" and copy your API Key to a text editor. ​ ​ ![](https://downloads.intercomcdn.com/i/o/929246940/1aa6850f3ddeade3873ff5c3/image.png?expires=1781611200&signature=064d49326a1b545402b572c42ff7a00741fb3d69afec478314c1664fe2654dbb&req=fSIuFM14lIVfFb4V1XW4geuaN7ZWgqDEhjKu%2FO20204VXTk8RMveE9nwuKSc%0AoWVw6lwsTzHKC7jxOlXonwtG2A%3D%3D%0A) ​ ## Lastly, create a Venafi credential in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Text" 4. Input the values for the Venafi credential 1. **Name:** Venafi 2. **Description:** Optional 3. **Value:** Your API key 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API 6. Click "Save" > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Venafi** **stories in the [story library](https://www.tines.com/library?s=venafi&view=all)** ## VirusTotal Authentication Guide VirusTotal allows you to analyze suspicious files, domains, IPs, and URLs to detect malware and other breaches and automatically share them with the security community. Here's our guide for integrating with VirusTotal using Tines: ### First, get a VirusTotal API key 1. Visit [www.virustotal.com](http://www.virustotal.com/) and sign in. You'll need to sign up if you are not an existing VirusTotal customer. 2. Click on your profile in the top right-hand corner and select **API key**: ​ ​ ![](https://downloads.intercomcdn.com/i/o/732525704/3a508e38a0df1bc814052b61/image.png?expires=1781611200&signature=17f0ad19fcda74df4ee65e4c9dc234f98ca2e7d3e2eea57c603ac9938818b268&req=cyMlE8t7moFbFb4V1XW4gcCJ1LvNYAgCWPI49aaxPgezfuuDXXNkZWNtSs1p%0Alo4vHQdusM%2Fs1pIUPvWuDK7M5A%3D%3D%0A) 3. Copy the API key. ### Then, create a VirusTotal credential in Tines **VirusTotal connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "VirusTotal" and follow the prompts to connect. ​ **Manual credential creation** This method is not recommended as the VirusTotal connect flow creates this credential with much less complexity. However, if you need to create this credential set manually, see the following steps below: 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credential" 3. Click "+ New Credential" and select "Text" 4. Input the values for the VirusTotal credential 1. **Name:** Required 2. **Description:** Optional 3. **Value:** API Key 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API > Learn more about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/virustotal). > > For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines). > > You can find a selection of VirusTotal stories in the Tines [story library.](https://www.tines.com/story-library?s=virustotal) ## WatchGuard Authentication Guide **WatchGuard** provides network and endpoint security, secure-WIFI, multi-factor authentication, and network intelligence products and services. ## First, get your WatchGuard API Key 1. Log in to your WatchGuard Cloud account 2. Select "Administration" and then "Managed Access" 3. Click "Enable API Access". ​ ![](https://tines-f60bb36f92a5.intercom-attachments-1.com/i/o/771308994/3e98384bc5966eb6ff51df74/api_access_disabled.png?expires=1781611200&signature=277de7a32d29000587ebb0f34a3b48348cd64192b6203121de1dc577278817f2&req=cycmFcl2lIhbFb4V1XW4gf2ieRNdp0hByoy2mrFkMKVtHCVs1SIRagb6%2BWF2%0ARDaYWoBcppWRRrfcdCCdsY0Kzg%3D%3D%0A) 4. Specify the "readwrite" and "readonly" passwords to use as your API access credentials, then check the check box and click "Save" ​ ![](https://tines-f60bb36f92a5.intercom-attachments-1.com/i/o/771309000/893d33c1ac7c63d3fed5db00/api_access_passwords.png?expires=1781611200&signature=b706080d5e1039756375b3ab430fc89f70a1fd6be0297ea274d6b3517fdf91cd&req=cycmFcl3nYFfFb4V1XW4gTnkpCFxEUdlBg%2BTFpOVpyWnS0cvrergqQCBC3%2FA%0A2cMQLOjdeYUmwrtv0olj7mr62g%3D%3D%0A) 5. Once enabled, you will see the following information. Take note of 1. "Access ID (Read-write) 2. "Authentication API URL" 3. "API Key" ​ ![Screen shot of RESTful API Access enabled](https://tines-f60bb36f92a5.intercom-attachments-1.com/i/o/771309004/66d3b0e74de872e2af1c35e3/api_access_enabled.png?expires=1781611200&signature=783ded04f9b04b0b1d451446d610e2910636aef0aca7089a836b09de65f4a77d&req=cycmFcl3nYFbFb4V1XW4gTCQQXFUGCMFLmsTrRpE9WqQgom0Rc3umKZ6u%2BTe%0AdsCtkAPlLsQdAcI8Fg5fcBZc4g%3D%3D%0A) ## Lastly, Create WatchGuard credentials in Tines ### HTTP request type to obtain access token 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credential" 3. Click "+ New Credential" and select "HTTP Request" 4. Input the values for the WatchGuard credential 1. **Name:** Required 2. **Description:** Optional 3. **URL:** The "Authentication API URL, i.e. `https://api.usa.cloud.watchguard.com/oauth/token`. 1. Depending on your WatchGuard Cloud account data storage region, this may different. 4. **Content Type:** Form 5. **Method:** post 6. **Payload:** `{"grant_type": "client_credentials", "scope": "api-access"}` 7. **Headers:** 1. `{"accept": "application/json"}` 2. `{"Authorization": "Basic dXNlcm5hbWU6N3loVHI1RHNkLWg2YTktODVnZS1nNjc4OTNoNmUwdGQ"}` 1. **read-write access ID:read-write password** encoded into base64 8. Click "Run options" and double click on the key named `access_token` in the response. 9. **Location of token from response:** Paste the value copied in the previous step. 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains 2. **Access:** What other teams can also use the API ### Text type for API Key 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credential" 3. Click "+ New Credential" and select "Text" 4. Input the values for the WatchGuard credential 1. **Name:** Required 2. **Description:** Optional 3. **Value: "**API Key" 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains 2. **Access:** What other teams can also use the API > For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines). ## Using the credential in an action When you make an API request, include the HTTP request type credential in the `Authorization` header after "Bearer" like: ​ ``` Bearer <>​ ``` and the text type credential in the `WatchGuard-API-Key` header like: ​ ``` ​<> ``` ​ An example action you can copy and paste onto your storyboard: ``` {"standardLibVersion":"29","actionRuntimeVersion":"4","agents":[{"disabled":false,"name":"Get account information","description":"Created from cURL command","options":"{\"url\":\"https://api.usa.cloud.watchguard.com/rest/platform/accounts/v1/accounts/<>\",\"method\":\"get\",\"payload\":{\"fields\":\"contacts,addresses\"},\"headers\":{\"Authorization\":\"Bearer <>\",\"Content-Type\":\"application/json\",\"WatchGuard-API-Key\":\"<>\"}}","position":{"x":1065,"y":-810},"type":"httpRequest","timeSavedUnit":"minutes","timeSavedValue":0,"monitorAllEvents":false,"monitorFailures":false,"monitorNoEventsEmitted":null,"recordType":null,"recordWriters":[],"form":null,"cardIconName":null,"createdFromTemplateGuid":null,"createdFromTemplateVersion":null}],"links":[],"diagramNotes":[]} ``` ## Watch: Simplify security alerts with AI in Tines From transforming data with a prompt and generated code, to directly accessing and using a language model in your workflows, our AI features make automation even more accessible and efficient for anyone in your organization. Learn how you can take multi-source security alert workflows from 25 actions to 3, reducing the potential for error and making it simpler to make updates like adding sources, change rule definitions, and more. [Watch video](https://fast.wistia.net/embed/iframe/zz99digy66) ## Watch: Streamline software auditing processes in IT From transforming data with a prompt and generated code, to directly accessing and using a language model in your workflows, our AI features make automation even more accessible and efficient for anyone in your organization. Learn how AI can streamline software auditing processes in IT with a focus on automating manual tasks like analyzing computer inventories and software installations. [Watch video](https://fast.wistia.net/embed/iframe/yoqt6vzani) ## Webhook Best Practice: Configuring Names and Paths Properly naming and configuring the path of your webhooks is a critical best practice to ensure your workflows are maintainable and easy to track. Read the [Introduction to Webhooks](https://explained.tines.com/en/articles/14007076-introduction-to-webhooks?q=formula) article for more information. ## Why naming conventions matter A webhook's path becomes part of the URL used for communication with external systems. Failing to configure a meaningful name can lead to tracking issues and unnecessary work, especially when the webhook URL is placed in third-party applications. **Consequences of poor naming:** - **Difficulty tracking:** If a webhook is created and takes a nonsensical path based on a temporary story name (e.g. `new_story_for_user_7086`), it becomes difficult to track where the URL leads. - **Inconvenience:** If you later rename the story, or need to update the path, you must manually go to every third-party tool where that webhook URL is used and update it as well. ## Best practices for webhook configuration 1. **Use a meaningful path **The path you set for your webhook is part of the URL it generates. This path should be descriptive of the webhook's function. - **Example:** Instead of a generic or temporary name, a webhook that receives support ticket updates could be named `support-notifications`. This immediately informs you of the webhook's purpose when viewing the URL. 2. **Name the action itself **Always name the webhook action within your story (e.g., do not leave it as `Webhook Action`). 3. **Use webhook rules** Webhook Rules allow you to specify criteria that must be met in order for an event to be emitted. Read more about webhook rules in our docs, [here](https://www.tines.com/docs/actions/types/webhook/#webhook-rules). 4. **Prioritize sensible configuration **Even if the webhook is used as the entry point for a send to story action, where the path is not relevant to the invocation, it is still considered good practice to configure a sensible path and name the action. This maintains a good habit, particularly for stories that may be invoked both via send to story and direct webhook calls. Read more about webhooks in our docs, [here](https://www.tines.com/docs/actions/types/webhook/). ## What access does a user with a viewer role in Tines have to credentials? Users with a viewer role have the ability to "look" at the credential by clicking it under "Credentials" in the team, so they could look at how a credential is configured They can only see \*\*\*\*\*\*\*\* for any sensitive data. > **👉 For more details on teams and roles [see here](https://www.tines.com/docs/admin/teams)** ## What are actions in Tines? Actions are the building blocks of all Tines automation stories. Actions can perform a number of functions, including interaction with 3rd-party tools and services. Once you drag an action onto the storyboard in Tines, you have started building your first story in Tines! Actions emit [events](https://intercom.help/tines-9c531f867f99/en/articles/6925442-what-are-events-in-tines) to other actions. Actions can either run on a predefined schedule or when they receive an event. [Watch video](https://fast.wistia.net/embed/iframe/f0ggpbu6n3) > Please note: We recently introduced our eighth action type, the AI Action. This video is being updated. In the meantime, you can learn about the eighth action and our AI-powered features [here](https://www.youtube.com/watch?v=7FlKch137mE&ab_channel=Tines). There are eight types of actions. Each action type: - is designed to perform a specific action. - has unique configuration options. - can receive and emit events to other action types. Below is a brief description of each action type. | **Action Type** | **Function** | | --- | --- | | Send Email Action | The Send Email action sends emails to recipients specified in the action options | | Event Transformation Action | The Event Transformation action has several modes that modify the contents of received events | | HTTP Request Action | The HTTP Request action sends HTTP requests using a variety of methods to a specified url | | Receive Email Action | The Receive Email Action, formally known as the IMAP Action, emits Events when it detects new emails on an IMAP server or when emails are sent to a uniquely generated email address. | | Condition Action | The Condition action compares the contents of a field from an incoming Event with predefined rules, when the rules match, an event emit is triggered | | Webhook Action | The Webhook action will emit events it receives through Webhooks (HTTP callbacks) | | Send to Story Action | The Send to Story action sends events to another Tines story (the sub-story). After the sub-story has completed its action, the Send to Story action will emit an event. | | AI Action | The AI Action invokes a secure and private large language model (LLM) on demand. | > 👉 For a more detailed description of each action type [see here](https://www.tines.com/docs/actions). ## What are events in Tines? When an action runs, it completes its job and passes data to the next action in your workflow in what we call an event. The number of events emitted by a particular action is shown in a pill in the top right of each action. For example, here we see that each action in this story for sending daily jokes in an email have 3 emitted events each. ![](https://downloads.intercomcdn.com/i/o/677225689/69d27f9214c71e18f3b90ced/1dab5f01-8088-4a6c-b3e8-4db0dd8e01df.jpg?expires=1781611200&signature=2ce185cb33201a645dfd5a5e28d9051aa5eb031a0c50dcbc9cbb7b8df8430e38&req=cicgFMt7m4lWFb4V1XW4gQMHEfSU4%2BUdsKtUipyWkyuwuC6DdZn0UrOvj5gM%0ADl13PW8ULFntR54OC6mp4vZ%2BJQ%3D%3D%0A) Under the events tab you'll be able to delete or re-emit events, as well as view the details of each event: ![](https://downloads.intercomcdn.com/i/o/677227693/d8f85e7b460bc647dacff3e3/e9a454cc-03d9-4f37-b495-d96ae43367aa.jpg?expires=1781611200&signature=c5ba899a25b6dac02d89c6f5e34af52cb0e96374433aeb77b3d1e2534cee775b&req=cicgFMt5m4hcFb4V1XW4gQ%2Bzn3lMEASoxAXX0ONLLtbcLvhb613iP5beR5lm%0AbCnwuZvLvUZIqYWBxTjGJQTGlg%3D%3D%0A) Events emitted from all actions upstream will be contained in the receiving action Events represent the structured data sent between actions. Events are JSON objects making them flexible and easy to read. All events are timestamped and "write-once", providing an audit trail and making them an ideal basis for the calculation of key performance metrics. > **👉 For a more detailed description of events [see here](https://www.tines.com/docs/events).** ## What are pages in Tines? Pages made in Tines are web pages connected to your stories that your end users can provide input to (and view output from) your workflows. You can use pages to do things like: - **[Kick off a workflow](https://www.tines.com/docs/pages/collecting-input-with-forms)** with user input in forms - **Get detailed human input** mid-way through a Story run - **Build requester/approver flows** for internal tools, with great UX By combining flows of multiple pages and **[actions](https://www.tines.com/docs/actions)** together, you can even **[build end-to-end apps with Tines](https://www.tines.com/docs/pages/building-apps-and-flows)**. [Watch video](https://www.youtube.com/embed/g3q-1Rgny5c?rel=0) ### Page collections Page collections create a single view of multiple apps for your team. ![](https://tines-f60bb36f92a5.intercom-attachments-1.com/i/o/897267045/58d5096b508a56ca2f59f1e6/1701331989-page-collections.jpg?expires=1781611200&signature=8c4b566a7a04ef9a1cdcbc92481147ab0b446162873866841bcbdc0cf1856876&req=fCkgFM95nYVaFb4V1XW4gf9iMPi3AyZ2vywZseGenag3hSK%2F6sHwsmyM07BO%0ATsH%2FAIAsGSCK2mMuCXRTNS3epg%3D%3D%0A) **You can create a page collection from directly in your storyboard:** 1. Click the page you’d like to add to a collection 2. Via the build pane, choose “+” next to Collections 3. Choose from an existing collection or create a new one Your collection will then show in the collections section of the menu. > **👉 Learn more about pages and page collections [here](https://www.tines.com/docs/pages).** ## What are stories in Tines? Stories are a collection of interconnected actions working towards a singular goal. Think of them like automated use-cases, or playbooks. For example, you might have a Phishing story, an infected endpoint story, or an employee onboarding story. To begin your first story, simply drag an actions or a template onto your storyboard and connect them like this: ![](https://downloads.intercomcdn.com/i/o/677256282/6a4bbfbca5eb9fd2df27f95d/97f38bbb-56f7-4e30-bdfc-041abfa6995c.gif?expires=1781611200&signature=19675b79ed00b18a1b82680afa845119dd2cbd70c18223310fc59343b09c1a88&req=cicgFMx4n4ldFb4V1XW4gYvBy2Zlen9OnAM%2BRinS65vjktpXDLUtDhvB0WEX%0A7eerwn8Rid%2B8GiqNzn8iB2KAIw%3D%3D%0A) You can also create your first story by importing one from our [Story Library](https://www.tines.com/story-library) from right inside Tines, like this: ![](https://downloads.intercomcdn.com/i/o/677262652/8b71115c628128c1bcddef93/d603a6c9-8924-4f30-b3a9-a5a238c15008.gif?expires=1781611200&signature=6b280dc63b32119a9e231fd412e5c9f333368c77cbcb55178378f04f25a82d37&req=cicgFM98m4RdFb4V1XW4gWfWAlfsGES0ft8Ck0N1n3qEcS8CNjy1KdUECMo0%0AmLXLqYljoZfDCkoKOK7m0wn9Kw%3D%3D%0A) Another way to get started with stories is with the default stories available to you when you first create your Tines tenant: - **The Simple Story**: A short story that demonstrates how actions and events interact to automate workflows. - **Simple Story - VPN Notification**: This story demonstrates how automated threat detection and response can be performed on corporate VPN connections. - **Analyze URL in URLScan**: This story demonstrates how Tines actions can be used to analyze suspicious URLs. So you can better understand what a completed story might look like, here is an example of a story designed to automate threat detection and response of corporate VPN connections: ![](https://tines-f60bb36f92a5.intercom-attachments-1.com/i/o/645864102/4d53b5963485cb5eb88f6735/1654856057-quickstart_story-7171552b5404f4622813b966a19384a1.png?expires=1781611200&signature=9948bdc25c4b06c9654cd94d077f68fe5e7d6d2b24001c277d49148d8989a5c7&req=ciQiHs96nIFdFb4V1XW4gZ5whZ5bYBIqNGMrff1qhP9G%2BXIt1CYtBIVpfysa%0AQTw%2FOtJK0zp5FTdLUmoqU%2FkZSA%3D%3D%0A) When you start creating a new story, it is unpublished by default. An unpublished story is similar to a draft. It will be restricted in that it will only run while you're working on it. Unpublished stories do **not** count toward your stories quota. > **👉 For more detailed docs on how stories work, [see here](https://www.tines.com/docs/stories).** ## What happens to a Tines API key when the user account that created it leaves the tenant? When a user creates a Tines API key, there are several levels of access they can set during creation: - **Tenant owner:** Access to the entire tenant - **Team:** Role-based access to a specific team on the tenant - **Service:** Access to [tenant permissions](https://www.tines.com/docs/admin/user-administration/#tenant-permissions) - **Personal:** A key tied to your identity and permissions > **Note:** The level of access the user can select at the time of the API key creation also depends on the user's permissions within the [tenant](https://www.tines.com/docs/admin/user-administration/#permissions)/[team](https://www.tines.com/docs/admin/teams/): Let's look at an example. We have a user named Jane Tino, who, within their tenant, is a tenant owner and also a [team admin](https://www.tines.com/docs/admin/teams/#_1-team-admin) of "Team Automation". This would give Jane access to all four access levels mentioned above. Within Team Automation, Jane creates Tines API keys for each level as [credentials](https://www.tines.com/docs/credentials/). - If Jane's account is active in the tenant, all four API keys will work as intended. - If Jane's account exists in the tenant but is deactivated, the *Personal API key* will break (returns a `401` status code), while the other three will still work as expected. If Jane's account is re-activated, the Personal API key will continue working again. - If Jane's account is completely deleted from the tenant, the *Personal API key* will break (returns a `401` status code), while the other three will still work as expected. - If Jane is reinvited back to the tenant, the *Personal API key* will not work (returns a `401` status code), while the other three will still work as expected. In summary, when a user is deactivated or removed entirely from the tenant, the only API key that stops working is their Personal API key. Even if they are re-invited to the tenant, the Personal API key from before will still not work. ## What IPs are used for Run Python Script executions? The IPs for [Run Python Script executions](https://www.tines.com/docs/actions/templates/run-python-script/) are not the same as the tenant's egress IPs. These separate IPs are assigned from the AWS IP pools and the range is determined by AWS. Lambda functions within a Run Python Script all use the default VPC owned by the Lambda service, which is mentioned [here](https://docs.aws.amazon.com/lambda/latest/dg/foundation-networking.html). Due to this limitation, we don't recommend making HTTP requests from Run Python Scripts (and instead recommend using the [HTTP request action)](https://www.tines.com/docs/actions/types/http-request/). > **Tines Tip:** To learn more about how the Run Python Script works behind the scenes, read more [here](https://www.tines.com/docs/actions/templates/run-python-script/#behind-the-scenes). ## What is a dead job in Tines? When a job fails, it will be retried 25 times over the course of approximately 21 days. After a job fails 25 times, it will be moved to the "Dead jobs" section and not retried again. > **👉 To understand more about job management, [see here](https://www.tines.com/docs/admin/job-management).** ## What is a flow in Tines? A flow is a connected set of one or more elements on the Storyboard, that can run automatically. We define a autonomous flow as one that can run by itself without someone opening the story and clicking "Run". In other words: - 2 or more connected elements that can run autonomously - containing an IMAP, webhook, form - 1 or more scheduled elements - scheduling enabled on at least one action Elements include any of the 8 actions, a tool, or template you can pull onto the Storyboard to begin a workflow. This does not include annotations. You can have one or more flows on a Storyboard, but will be charged for each autonomous flow. Flows located in your Personal team (formerly known as Drafts) cannot be scheduled and therefore cannot be run automatically. These flows will not be charged. See Tines pricing and packaging [here](https://explained.tines.com/en/articles/9620399-understanding-tines-pricing-and-packaging) for additional information on our pricing model. This is an example of a single flow: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1432832855/2161aa3a63aba61687792b83906a/single+flow+example.png?expires=1781611200&signature=504cec5ff2e81540c0b495aa5f1a814e1c82fc1ca38a9ade5c06559270c54cdc&req=dSQkFMF9n4laXPMW3nq%2BgUlvNURXZIhPcSJGrq736d3DPsPBeVaeveWj2Nwz%0AHbw1%2B0FBVYI7oTxewyfBsigawjI%3D%0A) This is an example of 2 flows: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1432833461/511d47d4a89cfcb45ebd451d955b/example+flow2.png?expires=1781611200&signature=81c775a0f111dadf8c35da4fde9b8d899c734eaa9f0d97bd8b01dd340cf8c16b&req=dSQkFMF9noVZWPMW3nq%2BgZzh7nWBxeg8CbEU9DTKafDhk3VqXvna%2FZ61mYtg%0A6O6Ie3kDyOeRmm%2Bch8BI%2BuuNPXg%3D%0A) ## Limits Below are the limits on the number of flows you can have in your Tines tenant. | **Edition** | **Flow limits** | | --- | --- | | Community | 3 | | Business | Starting at 30 | | Enterprise | Contact Tines | Read how usage in Tines is calculated [here](https://explained.tines.com/en/articles/9653918-how-usage-in-tines-is-calculated). > 👉 For more detailed information on how flows work, reach out to your Tines account team. ## What is AI in Tines? All AI features in Tines are powered by secure access to tenant-scoped large language models (LLMs). There are two core features and our newest product, Workbench, behind AI in Tines. ## Features ### **AI Agent action** Bring advanced AI capabilities directly into your workflows with the AI Agent action's two modes, **Task** and **Chat**. Automate complex tasks, improve decision-making, and enable natural, dynamic interactions with integrated systems. ### **Automatic mode in Event Transform** Author data transformations with all the power of code, without the need to read or write it. Simply provide your input and describe the output you need in plain English. Once you approve the behavior suggested by AI, it’s locked into the workflow for consistent execution. Perfect for processing complex, gnarly data structures. Great for deterministic behavior. ### **Workbench** A natural language chat interface to interact with data and take action on your workflows, privately and securely. Workbench removes the need to switch context between applications. It offers builders a singular view to run and monitor in the context of real-time scenarios or events. Learn more about Workbench [here](https://explained.tines.com/en/articles/9822635-introduction-to-workbench#h_be9fbf76c1). ### **Workbench for Storyboard (formerly Story copilot)** An AI-powered chat interface built directly into the Tines storyboard. With its two modes, ask and chat, Workbench for Storyboard helps you build, understand, maintain, and optimize stories using natural language — whether you're starting from scratch or working with an existing workflow. It makes Tines accessible to your whole team, regardless of technical skill level. ## **Get inspired** Below are some examples of where each feature would best suits your workflows. ### **AI Agent action** **Task mode:** - Condense multi-thread support conversations into a status update with next steps. - Investigate URLs, file hashes, or email headers and return a summary of potential threats using integrated tools. - Assess the tone, language, or structure of alerts and assign a severity level. **Chat mode:** - Help employees understand and follow internal policies (e.g., PTO, travel, or security) by answering questions in real time. - Walk users through diagnostic steps for common issues (like VPN connection failures) and offer next actions or escalation. - Gather preferences from a user in conversation and use tools to find and propose open times via integrated calendar services. ### **Automatic mode** - Process/convert any data structure - Statistically analyze event data - Map an incoming alert to a record schema - Convert between file formats - Perform advanced cryptography - Add a watermark to an image ### Workbench for Storyboard - "I didn't build this story — can you explain it to me?" - "My story isn't running the way I want it to. Can you help me figure out what's wrong?" - "We changed from X tool to Y tool. Help me update the credentials." - "I'm a new builder. Build me a flow that checks IPs against a threat feed and blocks malicious ones." ### **Workbench** - Send a message in Slack - Look up an employee in BambooHR - Create a ticket in Jira - Get detections in CrowdStrike Falcon - Lock down a device in Jamf ## **How do I turn on or off the AI-powered features?** We believe the AI-powered features are extremely powerful in improving your overall efficiency as builders and problem solvers. While we hold firm on that belief, we also understand that your company might have policies or processes for opting into AI features. To allow for this, the tenant owner can turn off or on the AI-powered features tenant-wide. They can also allocate AI Agent action credits to different teams in their tenant to manage their usage. ### **Turn on or off** Follow these steps to turn on all AI-powered features: 1. Go to the **Settings** drop-down in the top left of your screen. 2. Choose AI Settings. 3. Check the box to turn AI on; uncheck it to turn AI off. [Embedded content](https://demo.arcade.software/Ja9xMqPpAsgHWFVjIDQR?embed) ### **Automatic mode in the Event Transform action** Automatic mode in the Event Transform action is available to all plans and does not require AI run-time credits or team allocation. After turning it on, it's available to all teams in your tenant. ### **Distributing** AI run-time **credits for the AI Agent action** The AI Agent action requires you to distribute AI run-time credits in addition to turning the feature on. To allocate credits to one or multiple teams, follow these steps: 1. Go to the AI settings screen 2. Check the box next to the team(s) who should have credits 3. Specify the credit volume for each team 4. Click 'Save distributions' > **👉 Learn more about AI Agent action monthly credits [here](https://explained.tines.com/en/articles/9369092-how-ai-usage-and-ai-credits-work-in-tines).** ## **Talk to your team** Want to introduce AI in Tines features but need help pitching to your internal teams? Use [this guide](https://explained.tines.com/en/articles/10389755-how-to-pitch-ai-in-tines-to-your-grc-team) to learn what questions to expect and get set up for success. ## **Continue learning about AI in Tines** - [Security & privacy for AI in Tines](https://explained.tines.com/en/articles/9369078-security-privacy-for-ai-in-tines) - [How AI usage and AI credits work in Tines](https://explained.tines.com/en/articles/9369092-how-ai-usage-and-ai-credits-work-in-tines) - [Writing effective prompts](https://explained.tines.com/en/articles/12097316-writing-effective-prompts) - [Best practices for Automatic mode](https://explained.tines.com/en/articles/9369122-best-practices-for-automatic-mode) - [Best practices for the AI Agent action](https://explained.tines.com/en/articles/11644147-best-practices-for-the-ai-agent-action) - [Workbench articles and best practices](https://explained.tines.com/en/collections/10398899-workbench) - [Introduction to Workbench for Storyboard](https://explained.tines.com/en/articles/13572150-introduction-to-story-copilot) - [Workbench for Storyboard: Best practice guide](https://explained.tines.com/en/articles/13713921-story-copilot-best-practice-guide) - Tines Docs: - [AI Agent action](https://www.tines.com/docs/actions/types/ai-action/) - [Automatic mode](https://www.tines.com/docs/actions/types/event-transformation/automatic/) - [Workbench](https://www.tines.com/docs/workbench/) - Tines University: [Using AI in Tines](https://www.tines.com/university/tines-basics/using-ai-in-tines/) ## What is my Tines cloud egress IP address? The egress IP is the IP address that external servers or services see as the source of an HTTP Request action request. To see the egress IP addresses for your tenant, visit `https:///info`. > **Tip:** The tenant egress IP does not apply to our Run Python Script. To learn more about the IPs used for our Run Python Script, read [here](https://explained.tines.com/en/articles/10470380-what-ips-are-used-for-run-python-script-executions). ## What is the grading turnaround time for Tines Certification submissions? The Tines Training Team generally delivers grading responses within a 72-hour time frame following your exam submission. > **Tines Tip:** To sign up for a Tines Certification, visit our [registration page](https://www.tines.com/get-certified). ## What is the session timeout for SSO in Tines? You can configure SSO using OIDC and SAML under "Authentication Settings". When set up, you can choose the "Session timeout". ![](https://downloads.intercomcdn.com/i/o/785127609/11e374da4af8e7d7d48f60c3/Screenshot+2023-07-14+at+11.55.20.png?expires=1781611200&signature=e7b0ce65b2b26b5bb9fc977646f686e7d71a832d44f8e8415e9a6d93bb79624f&req=cygiF8t5m4FWFb4V1XW4gXEsPQclhLnBadWEIvxmahRmGbRf%2BjorV1JMM6Fj%0A3CCsh3%2FzJwGHOLZoi8sW4vfQYA%3D%3D%0A) > **To learn more about SSO in Tines, [see here.](https://explained.tines.com/en/articles/6883934-single-sign-on-sso)** ## What is the size limit for an individual event? There is a 100MB limit on the size of an event. > **👉 For more details on events [see here](https://www.tines.com/docs/events).** ## What kind of problems can I solve with Tines? Companies across the world are saving thousands of hours by automating their workflows using Tines. Below are ***just some*** of the ways in which our customers have turned the power of Tines into tangible business results. #### Security teams use Tines to automatically: - [Analyse phishing emails](https://www.tines.com/story-library?s=Phishing+email) - [Triage security alerts](https://www.tines.com/story-library?s=security+alerts) - [Analyse files](https://www.tines.com/story-library?s=analyze+file) - [Add form data to spreadsheets](https://www.tines.com/story-library?s=add+form+data) - ***[...and many more](https://www.tines.com/story-library/)*** #### IT Ops teams use Tines to automatically: - [Create Jira issues using Slack](https://www.tines.com/story-library/87653/create-jira-issues-via-slack) - [Create chatbots for communicating within and between remote teams](https://www.tines.com/blog/chatbots-for-security-and-it-teams) - [Suspend or disable accounts in Google, Okta, Github](https://www.tines.com/story-library/87650/suspend-or-disable-accounts-in-google-workspace-github-and-okta) #### DevOps teams use Tines to automatically: - [Handle Github notifications and notify Slack](https://www.tines.com/story-library/1136336/handle-github-notifications-and-notify-slack) - [Reimage an AWS instance](https://www.tines.com/story-library/87635/reimage-aws-instance) - [Create Terraform infrastructure as code](https://www.tines.com/story-library/89549/create-terraform-infrastructure-as-code) #### HR teams using Tines to automatically - [Onboard employees & grant specialized access to specific tools](https://www.tines.com/story-library/1120478/onboard-employees-grant-specialized-access-to-specific-tools) - [Add new employees to Bamboo HR and manage system access](https://www.tines.com/story-library/87651/add-new-employees-to-bamboohr-and-manage-system-access) > If you've got an idea for a Story in Tines, **[we'd love to hear it!](https://www.tines.com/story-library?tag=IT&modal=request-story)** ## What's an event in Tines? When an action runs, it completes its job and passes data to the next action in your workflow in what we call an event. Each time an action executes and emits an event, it counts toward your event limit for your story/tenant. Event limits are measured daily or monthly depending on your plan. You can learn more about this [here](#h_31c17139ea). The number of events emitted by a particular action is shown in a pill in the top right of each action. For example, here we see that each action in this story for sending daily jokes in an email have 3 emitted events making a total of 12 events in the story. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1802449050/6b4985b99585572354ff3ad0837e/1dab5f01-8088-4a6c-b3e8-4db0dd8e01df.jpg?expires=1781611200&signature=c4da98b036ba115fa9cf5ab9bb448052332a14656ac4ded55a1ad192ec94fce0&req=dSgnFM16lIFaWfMW3nq%2BgbmZFmTvfbSU5phgdC04lzzEbf9coZ3pIrSfQBnr%0AmcLkegsL1%2FUQt%2BSRKAD1aM3EfZg%3D%0A) Under the events tab you'll be able to delete or re-emit events, as well as view the details of each event: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1802449048/d5cfb37c7f966023292b9f222d1a/e9a454cc-03d9-4f37-b495-d96ae43367aa.jpg?expires=1781611200&signature=f871ae8088700cb99ff936b6b290ffe18143c4718c56c8ebb4b2244bfa943cbe&req=dSgnFM16lIFbUfMW3nq%2BgSgX6XkE9GFDQyCK7%2FMATxotRRrXcaenuf%2BETivH%0Ajs7IFH1HB3dH%2F2hjeSpgTH5F7NU%3D%0A) Events emitted from all actions upstream will be contained in the receiving action. There is a 100MB limit on the size of an event. For more details on events [see here](https://www.tines.com/docs/events). #### Event retention By default, Tines retains event and log data for seven days. **Depending on your Tines subscription**, you can configure how long event and log data are stored in Tines. Open your story, and on the right panel, select the desired option from "Keep events and logs." ![](https://downloads.intercomcdn.com/i/o/am0g137l/1802451768/0fad9c981ba886daa4805e6e2f8c/Screenshot%2B2023-05-03%2Bat%2B15_22_50.png?expires=1781611200&signature=b0f8496f7f5195921697b1ddb52d69801c83e6c90b681c523a8e374d570f3338&req=dSgnFM17nIZZUfMW3nq%2BgR4NEzIk1L2GHc7IXJFrbJtCmHkioDA2cJsXM%2BdI%0AcNh0CVXHhJJkAw6t7ZEUu1H5%2Fsw%3D%0A) Then select how long you would like to store the data for: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1802451770/fabe16225fe81dafa16dcdf08e27/Screenshot%2B2023-05-03%2Bat%2B15_23_13.png?expires=1781611200&signature=201f0d1c47015cb7b98a0dc9921a9074f9478608340fa5fd1220f57722cc84a6&req=dSgnFM17nIZYWfMW3nq%2BgcmB8HO1SLSGt%2FLK9nmfsctBbA7BVRjyM9sNF5EZ%0A%2B5%2BBub7BTlJiwqmDWo6zhONMKXI%3D%0A) If the period of retention has passed, the events cannot be recovered. Events represent the structured data sent between actions. Events are JSON objects making them flexible and easy to read. All events are timestamped and "write-once", providing an audit trail and making them an ideal basis for the calculation of key performance metrics. ## Limits Below are the limits on the number of events you can have in your Tines tenant. | Edition | Event limits | | --- | --- | | Community | 25,000 monthly | | Business | 1,500,000 daily | | Enterprise | Contact Tines | Read how usage in Tines is calculated [here](https://explained.tines.com/en/articles/9653918-how-usage-in-tines-is-calculated). > 👉 For a more detailed description of events [see here](https://www.tines.com/docs/events). ## What timezone are requests made in the audit logs returned? Audit logs in Tines are stored in UTC timezone and ISO8601 format e.g. 2023-04-21T10:30:02+00:00 ## What Tines AI features are available to community edition users? All of our AI features and products are available for Tines community edition users. This includes: - Automatic mode for Event Transform - AI Agent action - Workbench - Workbench for Storyboard (formerly Story copilot) ## **Credits** Community edition tenants will have 50 AI run-time credits to use each month. > For more info on run time credits go [here](https://explained.tines.com/en/articles/12801399-ai-usage-and-credits). For Workbench, tenant admins can interact with the chat interface on their tenant at up to 20 daily messages tenant-wide. Workbench does not consume any AI credits. > **👉** For more information on Automatic mode, [see here](https://www.tines.com/docs/actions/types/event-transformation/automatic). > > 👉 For more information on Workbench, [see here](https://www.tines.com/docs/workbench/). > > 👉 For more information on AI Agent action, [see here](https://www.tines.com/docs/actions/types/ai-agent/). > > 👉 For more information on Workbench for Storyboard, [see here](https://www.tines.com/docs/stories/story-copilot/). ## When a user is deleted in Tines, what happens to their stories, credentials, and resources? Stories, credentials, and resources saved in a team will remain available. The deleted user's drafts will be deleted. Any shared credentials in those drafts will also be deleted. ## When do AI credits reset in my Tines tenant? AI credits reset on the first of the month. > **Tines Tip:** Explore [AI in Tines](https://explained.tines.com/en/collections/9473753-ai-in-tines) to learn more about our AI offerings. ## Where can I download Tines' logo? As an example, when creating an app in your 3rd party platform to connect to Tines, attaching our logo helps to visually identify Tines in your toolkit. You can access our brand assets by following these steps: 1. Navigate to the [Tines website](https://www.tines.com/). 2. Right-click on the Tines logo in the top-left corner. 3. Select **Access all Tines brand assets**: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1384083691/be9e1d1c3da4569aa145e803bc85/image.png?expires=1781611200&signature=a669a0782fed3af0e9737b1ea168cecb9d57e527841217bc239f5fdc61c72d84&req=dSMvEsl2nodWWPMW3nq%2BgXXxAAlTqe4atU4BTUX87kZ6jXayhGwuupPSW0Ez%0A%2B5qMbhET0554sS8SLEuJGC2KnNQ%3D%0A) 4. Click **Download brand essentials**: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1384086668/9c5a828ad5d368c12c33b2637ffa/image.png?expires=1781611200&signature=3c010c2c7251f0487055e5fde3d47465b434f9144a32edcb294ef4f221657a92&req=dSMvEsl2m4dZUfMW3nq%2BgUapisaqB%2BYIVQ5AQtp1LMN7kgYZGJOmFstm108c%0AHq0dGarGGhFPt2IXhZuH2p5bMPM%3D%0A) This will locally download a ZIP file named **Tines Brand Essentials** that contains AI, PNG, and SVG files of our full logo and icon. ## Where can I find Tines' customer Data Processing Agreement (DPA)? Tines' Data Processing Agreement (DPA) can be found on our website here: [Customer data processing agreement](https://www.tines.com/dpa). ## Where can I request to have a user added as a tenant owner? Tines can promote ***existing*** users to tenant owners for your tenant. Contact [Tines Support](https://www.tines.com/contact) and provide the following information: - The full tenant URL. (i.e. `https://your-tenant-domain.tines.com`) - The user's email tied to the account within the tenant. - Someone within the tenant (it cannot be the requester) will need to provide us with a secondary approval for this change. They can send an email to [support@tines.com](mailto:support@tines.com) that states “I approve (user's email here) to be added as a tenant owner." Once we have obtained this information, our team can begin processing your request. Requests can typically take up to 48 business hours to complete. > **Tines Tip:** For more information around tenant owners and other roles, read more here: [User administration](https://www.tines.com/docs/admin/user-administration) ## Where do I log in to my Tines Certification dashboard? To access your Tines Certification dashboard, log in here: [Tines Certification Login](https://certification.tines.com/login) > **Tines Tip:** To sign up for a Tines Certification, visit our [registration page](https://www.tines.com/get-certified). ## Where do I turn in my Tines Certification exam submissions? Once you have run through your exam story and ensured there are no errors, you can submit your Tines Certification Lab submission within the certification itself: - **Tines Core Certification**: Within "Exercise #" sections of the Certification Practical Exam module: ![](https://downloads.intercomcdn.com/i/o/1056685209/c6d69472f257b14c0dc2d467/image.png?expires=1781611200&signature=105c10b37bf441fc04a70b0db9cd5b6ce8266b9f1d1901ff27408a172ba5077b&req=dSAiEM92mINfUPMW3nq%2BgaMhld%2F9qt%2FfR%2FWsVd%2FrmW7c3idFTfJkHyAXRgRW%0AmGLe18VlFR7XfIBwAYAA%2FlCBDgI%3D%0A) - **Tines Advanced Certification**: Within the "Exam: Submission" section of each module: ![](https://downloads.intercomcdn.com/i/o/1056690030/19eb5bf4611a43fead8bcb26/image.png?expires=1781611200&signature=f4fb5d5d4c7dba09f4e3390fc55354abb4d8bea68cda725df95fe038a4782cd6&req=dSAiEM93nYFcWfMW3nq%2BgQH7vp2Eg8xWl8S%2FZBjK9sNM9J7zteWmLdUmSE3u%0AhZiVbwG3c3ZHjLmNlPCoSw9vu6w%3D%0A) > **Tines Tip:** To sign up for a Tines Certification, visit our [registration page](https://www.tines.com/get-certified). ## Which AWS regions does Tines Cloud currently support? We currently host Tines in the following AWS regions: - `ap-northeast-1` (Tokyo) - `ap-southeast-2`(Sydney) - `eu-west-1` (Dublin) - EU Community Tenants are hosted here - `eu-west-2` (London) - `eu-north-1` (Stockholm) - `eu-central-2` (Zurich) - `us-west-2` (Oregon) - US Community Tenants are hosted here ## Who can receive email notifcations regarding tenant limits? To receive an email regarding your tenant, you must be a tenant owner. > **If you would like to learn more about teams and users in Tines, [click here](https://explained.tines.com/en/articles/6883947-using-teams-in-tines).** ## Who can set up SSO on Tines? To configure SSO, you must be a tenant admin or owner. By default, the tenant owner is the person who created the tenant and is the first tenant admin. There can be multiple tenant admins. > **To learn more about teams and roles, [see here](https://intercom.help/tines-9c531f867f99/en/articles/6883947-using-teams-in-tines)** > > **To learn more about SSO, [see here](https://explained.tines.com/en/articles/6883934-single-sign-on-sso)** ## Why have I not received my sign-in email from Tines? Emails from Tines originate from the following 4 addresses - [support@tines.com](mailto:support@tines.com) - [support@tines.io](mailto:support@tines.io) - [mail@tines.com](mailto:mail@tines.com) - [mail@tines.io](mailto:mail@tines.io) We advise that you add these emails to your email safe sender or trusted list. ## Wiz Authentication Guide Wiz is the leading cloud infrastructure security platform that enables organizations to rapidly identify and remove the most pressing risks in the cloud. Wiz uses an agentless approach—a single API connector per cloud and Kubernetes environment to scan deep within every cloud resource. There are two ways to integrate with Wiz in Tines: - [Calling the Wiz APIs from Tines](#h_5a703edbbd) - [Receiving Webhooks from Wiz in Tines](#h_7f6d37aa09) ## Calling the Wiz APIs from Tines **Wiz connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Wiz" and follow the prompts to connect. ## Receiving Webhooks from Wiz in Tines ### First, create a Webhook action in Tines 1. Create a new Story 2. Drag a "Webhook" action onto the storyboard ​ ​ ![](https://downloads.intercomcdn.com/i/o/931403864/71601a3f717921c9235ec35a/image.png?expires=1781611200&signature=e5fd4a36ff975b03e3b800a9e8103b8a0fb424be9b7f5c970ee43fbf9012e02a&req=fSMmEsl9lYdbFb4V1XW4gWO2pE8kdUPCNx2If60REpKhEoodZsWN6EV8C35%2B%0Avol%2FX%2F2QWDMGp%2FIQ6lhGsKgXuQ%3D%3D%0A) ​ 3. In the "Build" tab on the configuration panel, copy the "Webhook URL" ​ ​ ![](https://downloads.intercomcdn.com/i/o/931404417/2f5be0f85c488ae5e8436cb5/image.png?expires=1781611200&signature=7bdc04db776a202955aa2e147a39b36ed8904e22727150813ec208ac13432aed&req=fSMmEsl6mYBYFb4V1XW4gWdqW12ONUu937pWDbm3t%2F95DJrC8BcDPmds67wj%0A5yQ1YwMtNy5TbVWdtLnIgs3iug%3D%3D%0A) ​ 4. Add a Tines integration to your Wiz tenant (see [Wiz Documentation](https://docs.wiz.io/wiz-docs/docs/tines-integration#add-a-tines-integration-in-wiz)) 5. Once the Tines integration is configured, create a Tines Push integration in Wiz using the Webhook URL copied earlier (see [Tines Push integration](https://docs.wiz.io/wiz-docs/docs/tines-integration#push-integration-steps)) ### Lastly, test the integration 1. Manually trigger an action on an issue in Wiz for the Tines Integration created (see [Run an action on an issue](https://docs.wiz.io/wiz-docs/docs/issues#run-an-action-on-an-issue)) 2. Open your story in Tines. 3. If your integration is correctly configured, you will receive a green notification with the number 1 ​ ​ ![](https://downloads.intercomcdn.com/i/o/931406830/b1b0bceecfb16cd7fa3e6fe4/image.png?expires=1781611200&signature=d34dd414489d7bf6e9abbb3ace6f16837747cfc248ae9258dda1d83d23740409&req=fSMmEsl4lYJfFb4V1XW4gXubWdPqUAtl5OVCDgiDm%2FyLJ9Gk2vtomAO7Wuxg%0A%2Bsixt29EYQPWHTDlHiL3qnS33Q%3D%3D%0A) ​ 4. (Recommended) After confirming the integration is working, add an Automation Rule in Wiz to automatically send webhooks to Tines for Wiz Issues, Vulnerabilities, Cloud Configuration Findings, etc. when they are generated (see [Add an automation rule](https://docs.wiz.io/wiz-docs/docs/tines-integration#optional-add-an-automation-rule)) > **Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/wiz).** > > **More on creating credentials in Tines [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can also find a selection of Wiz stories in the [story library](https://www.tines.com/library?view=all&s=wiz).** ## Workbench FAQs ## **What is Workbench?** Workbench is a familiar Tines-powered AI chat interface that can access proprietary information, take action, or identify next steps in real-time across your tech stack. All interactions through Workbench must come from an authorized user’s instruction or approval to take action. ## **What types of actions can Workbench take?** Workbench interacts with any stories or action templates you give it permission to access. As it is user-scoped, the access level depends on the user's access-level to the stories and elements. To read more about using send-to-story with Workbench, [click here](https://explained.tines.com/en/articles/9855926-using-stories-with-workbench). ## **How do I know where to start?** Start by interacting with a familiar tool like Jira, Slack, or CrowdStrike. Click the template, then choose from various available tasks, such as sending Slack messages, creating tickets in Jira, or getting detections in CrowdStrike Falcon. If you need inspiration, check out some examples from our Labs team in [our Library](https://www.tines.com/library/product-features/workbench/). ## **Do I have to be a Tines customer to use Workbench?** No! Workbench is available for all editions of Tines. To get the most out of it, we recommend using it in combination with existing stories. It is not available as a standalone product. ## **Can I use Workbench without paying for it?** Yes. Workbench is available in a limited capacity for free, learn more [here](https://explained.tines.com/en/articles/9855931-how-to-access-workbench). ## **How do I enable my AI-powered features to access Workbench?** [This explained article](https://explained.tines.com/en/articles/9396326-how-do-i-turn-on-or-off-the-ai-powered-features) will walk you through how to enable AI-powered features, including Workbench, in Tines. ## **Will my Workbench chats be reflected across my tenant or specific to a team?** Workbench chats are user-scoped. The contents of a chat are private to the individual user; audit logs are kept for actions taken and messages sent. The templates and stories you interact with are available based on the teams you’re in. Any story or credential available to “all teams & drafts” will be available to all workbench users. ## **Does Tines capture an audit log of the tasks Workbench performs?** All actions are captured in the platform's audit logs section, which are available to tenant admins via our UI and API. Our system automatically and consistently captures a log for each user request and Workbench response based on the story or template used. Read more on audit logs in our [docs](https://www.tines.com/api/audit-logs/). ## **What stories and credentials can I access from Workbench?** Workbench is scoped to the individual user; therefore, within Workbench, users can enable credentials or stories they have access to run within Tines. To understand more, check out our [docs](http://tines.com/docs/workbench/). ## **Will stories used with Workbench count towards a tenant’s story limits?** Stories used *exclusively* for Workbench do not count towards any story limits as they cannot run autonomously. Learn more about [stories and Workbench here](https://explained.tines.com/en/articles/9855926-using-stories-with-workbench). ## **Is there a token limit when messaging Workbench?** Our text limit is measured in tokens, where conversations are limited to 200K tokens. Limits can be hit by either: - Having a large quantity of tools enabled - Generating a massive output from a tool call - Generating a massive input to a tool call (i.e. file data) ## How are my daily Workbench messages counted? All Tines plans, including community plans, include 20 daily messages. These messages are available to tenant admins only. For unpaid Workbench plans, the daily Workbench messages are counted and reset on a 24-hour rolling period. For example, a message entered at 11 a.m. counts against the limit of 20 messages until 11 a.m. the next day. ## **Is Workbench available on mobile and tablet?** Yes! Workbench is available for users on mobile devices (Android, Apple), tablets, and desktop computers. ## **Is Workbench available for self-hosted tenants?** Yes, consistent with all AI in Tines, Workbench is available for cloud and self-hosted tenants. Our [self-hosted docs](https://www.tines.com/docs/self-hosting/additional-configuration/ai/) provide information on configuring and connecting to different AI providers for self-hosted tenants. ## **What is Workbench good at?** It’s great at assisting you as you work in real-time, whether that’s aggregating data from your proprietary systems, investigating alerts, or taking actions. In addition, like any other AI-powered chat, it has powerful general knowledge capabilities. ## **What is it not good at?** While you can use it to build actions, stories, or resources in Tines, we still believe that stories are best built by those who know them best. > Bookmark our [Workbench docs](http://tines.com/docs/workbench/) and [Introduction to Workbench](https://explained.tines.com/en/articles/9822635-introduction-to-workbench) for all available resources on Workbench. ## Workbench for Storyboard: Best practice guide Workbench for Storyboard (formerly Story copilot) is a conversational AI interface in Tines to build, understand, and optimize stories. This article outlines key recommendations to help you use Workbench for Storyboard. Read our Introduction to Workbench for Storyboard article [here](https://explained.tines.com/en/articles/13572150-introduction-to-story-copilot). There are two main modes in Workbench for Storyboard: - **Ask** - Ask anything about the story on screen or general Tines queries - **Build** - Build, edit or debug your workflow ## Ask mode Ask mode is designed purely to help you understand and assess existing Tines stories or ask general Tines queries. Its primary goal is to provide clarity and insight into any story on your screen. #### Example: Need to understand a complex story - **Prompt**: “This is a big story, can you summarize it for me?” - **Result**: Workbench for Storyboard will summarize the story, give you information such as its purpose, overview, key components, integration points, any issues and some notable features being used. #### Example: Reviewing a critical story for maintenance. - **Prompt**: “Wanting a health check on my story. Are there any updates I should make?” - **Result**: Workbench for Storyboard will analyze the configuration of the actions in the story, check credentials, check action logs for errors, and suggest specific changes. ### Tips - **Query safely**: Use Ask mode when querying a story to prevent accidental edits. - **Access**: if you don't have editor access to storyboards, you will only see Ask mode. ## Build mode Build mode is the comprehensive interface for all workflow construction, modification, and troubleshooting. It functions as the umbrella for three core capabilities: build, edit, and debug. > **Note:** Build, edit and debug are not separate modes you have to select, they all live under Build mode. ### Build This allows you to create a story from scratch. #### Example**:** Create a story that triages an alert and sends a notification if its critical - **Prompt:** “I have an alert that follows this format: { “alert”’ { “user\_name”: “tino”, “ip”: “194.88.246.242”, “email”: “[tino@tinesdemos.com](mailto:tino@tinesdemos.com):, “device”: “MacBook Pro 16” }} Build out a story that receives the alert, triages it, and emails the team if it’s critical” - **Result:** Workbench for Storyboard will analyze the request to plan the workflow. It may ask you some confirming questions first like “Which threat intelligence service would you like to use for IP reputation checks?”. It will search existing templates to see if one exists already. If there is one, it will give you a diagram of the workflow just before it starts to build it. Once it has built the story, it will also test the workflow to make sure it works. Workbench for Storyboard will then summarize the story for you and you will have the option to review and accept or refuse the suggested story. #### Example: A beginner user attempting their first workflow. - **Prompt:** “I’m a new builder and need help getting started. I want to build a flow that checks a list of IPs against a threat intelligence feed and blocks them if they are malicious.” - **Result:** Workbench for Storyboard will ask a few confirming questions before drafting the workflow, explaining the steps for a new user, and possibly offering to guide them through the configuration. ### Edit This allows you to make changes to an existing story. #### Example: Adding a final notification step to a story. - **Prompt:** “When the entire vulnerability remediation story finishes running successfully, can you add a step to post a summary of the results to the #security-ops Slack channel with the tag @security-lead?” - **Result:** Workbench for Storyboard will add a new Slack Send Message Action at the end of the workflow, configure it to post the summary, and set up the necessary conditional logic. #### Example: Preparing a finished story for team handover or production. - **Prompt:** “I finished building the offboarding story. Can you rename and write descriptions for all the actions to improve clarity?” - **Result:** Workbench for Storyboard will rename all actions with clear, descriptive titles (e.g., 'HTTP Request to HR System' to 'Fetch Employee Manager') and add a concise description to each action explaining its purpose. ### Debug This can help you figure out why a story isn’t working. #### Example**:** Messages not being sent to Slack - **Prompt:** “Why isn’t my slack message sending?” - **Result:** Workbench for Storyboard will debug the issue for you and when it finds the issue, it will communicate it back to you and explain why it is not working. Next, it will fix the issue and give you the option to review and accept or refuse the change. #### Example: A story is failing with an unknown error. - **Prompt:** “My story isn't running the way I want it to. I expected it to block the IP address, but it only sent the email. Can you help me figure out what’s wrong?” - **Result:** Workbench for Storyboard will analyze the story's execution history, identify the point of failure or divergence, and explain the issue, offering a fix. ### Tips - **Be specific and concise**: Provide succinct but detailed prompts to ensure Workbench for Storyboard accurately understands your goal. - **Review all changes:** Always review and approve Workbench for Storyboard's suggested actions to maintain full control over your workflow. Read this article on [Writing effective prompts](https://explained.tines.com/en/articles/12097316-writing-effective-prompts) for more help. ## Using your own style guides To build or customize stories using your team's internal style guides and best practices, you can create a Workbench for Storyboard guidelines resource. This article will help you create [resources in Tines](https://explained.tines.com/en/articles/12691570-resources-in-tines). To leverage your resource, simply ask Workbench for Storyboard to reference the resource when you are building. This makes team-wide use and updates easy as your internal best practices evolve. > Read more about Workbench for Storyboard [here](https://www.tines.com/docs/stories/story-copilot/). ## Workbench for Storyboard now uses AI credits Workbench for Storyboard (formerly known as Story copilot) now consumes credits from your monthly AI credit allocation, alongside the AI agent action and Workbench. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2423055040/87555b1fcf6ff83816414684d4cf/CleanShot%2B2026-05-25%2Bat%2B17_05_21-402x.png?expires=1781611200&signature=df99ffd6afc1f3090d35caef39490a2729a3c510271f22080ee40b86b4a5d264&req=diQlFcl7mIFbWfMW3nq%2BgaXl%2F%2B74vGwZvW7zh5Jnb2j8Sgsd8GNXxGfUf4o%2B%0AsviNOZwE0JVkdlHjv0cbPTEHGJA%3D%0A) To support this transition, we're increasing every customer's monthly credit capacity by a minimum of 25%. The following features help you manage consumption: - **Notifications** at 80% and 100% usage for tenant owners and team admins. - **Credit distribution** to reserve credits for specific teams and mission-critical workflows. - **Workbench for Storyboard limits** to control how much each team can spend on Workbench for Storyboard. - **Top-up credits** as a safety net if you exhaust your allocation. > Note: Read our [AI usage and credits](https://explained.tines.com/en/articles/12801399-ai-usage-and-credits) article for help with any of the above features. You can set Workbench for Storyboard limits per team in your AI credit allocations settings: `.tines.com/settings/ai/allocations?tab=workbench_for_storyboard` Check your updated credit amount in tenant settings, or visit the reporting page to review your current usage. [Read more on our blog](https://www.tines.com/blog/bringing-story-copilot-into-the-ai-credit-framework/). ## Writing effective prompts Using AI in Tines, you can take action and access proprietary data with [Workbench](https://www.tines.com/docs/workbench/), and with the [AI agent action](https://www.tines.com/docs/actions/types/ai-action/), bring advanced AI capabilities directly into your workflows. > **Note:** AI in Tines uses AI run-time credits. You can see the real-time AI run-time credits used per team in the **AI settings** section of the tenant **Settings** menu. Learn more about AI run-time credits [here](https://explained.tines.com/en/articles/9369092-ai-action-credits-executions). Creating effective prompts for AI, or prompt engineering, can seem like a daunting task at the outset, but by focusing on writing clearly and concisely you’ll be able to leverage the most out of AI. Following these 5 tips will help you to write better prompts, and get better results faster. 1. Write clearly and provide specific details 2. Provide context and use personas 3. Be specific about outputs and constraints 4. Clearly explain your goal and success criteria 5. Refine and adjust your prompts iteratively #### **1\. Write clearly and provide specific details** Structure your prompt logically with clear instructions and include specific examples of what you're looking for. Avoid vague requests and instead provide concrete details about your expectations. When writing your prompt, use plain language to explain what the task is. ❌ Vague prompt: ``` Help me analyze this log file. ``` ✅ Clear, structured prompt: ``` I need to analyze this Cisco firewall log for potential security incidents. Please: 1. Identify any failed login attempts (more than 3 from the same IP) 2. Flag any connections to known malicious IPs (especially those from countries X, Y, Z) 3. Summarize the findings in a table with columns for IP, event type, and recommended action 4. Include a brief explanation of the security implications ``` #### **2\. Provide context and use personas** Give the AI relevant background information where necessary and consider asking it to adopt a specific role or perspective. When using personas in AI, it’s better to tell it that it is something, rather than to pretend that it is something. This will help to structure the response in a way that aligns with your needs. ❌ Limited context: ``` Write an email about the security incident. ``` ✅ Rich context with persona: ``` You are an experienced CISO communicating with the executive team. Write an email about yesterday's ransomware incident that: 1. Summarizes what happened (encrypted files in the finance department) 2. Explains current containment status (isolated to one subnet, backup restoration in progress) 3. Outlines next steps (security audit, employee training) 4. Maintains a calm, professional tone while conveying appropriate urgency 5. Keeps the email under 300 words for readability ``` #### **3\. Be specific about outputs and constraints** Clearly define what format you want the output in, any limitations to consider, and for complex tasks, ask the AI to show its reasoning process. Being specific with these details will help to reduce the amount of back and forth clarifications needed. However, you don’t want to make your request too busy or complex, be specific but succinct where you can. ❌ Ambiguous request: ``` Analyze this network traffic data. ``` ✅ Specific request with output format: ``` Analyze the attached network traffic data for potential data exfiltration attempts. Constraints: - Focus only on outbound traffic to non-corporate domains - Consider any single connection transferring >100MB as suspicious - Flag connections occurring outside business hours (8am-6pm local time) Please show your analysis step by step, and present your findings as: 1. A markdown table of suspicious connections with timestamp, destination, data volume 2. A brief explanation of why each flagged connection is concerning 3. Recommended next steps for investigation ``` #### **4\. Clearly explain your goal and success criteria** Help the AI understand what you're ultimately trying to accomplish and how you'll evaluate whether its response meets your needs. The more clear and direct you are with a goal the better. When you’re clear on this before writing your prompt, it’ll make understanding whether the response is right, or where it’s gone wrong much easier. ❌ Goal-less request: ``` Create a script to check our AWS environment. ``` ✅ Goal-oriented request: ``` I need to create a Python script that audits our AWS environment for compliance with our security policy. The goal is to identify and remediate any S3 buckets with public access enabled. The script should: 1. List all S3 buckets in our account 2. Check each bucket's permission settings 3. Generate a report of non-compliant buckets 4. Include remediation commands to fix each issue A successful script will correctly identify all public buckets in our test environment and provides accurate remediation steps that can be executed without manual modification. ``` #### **5\. Refine and adjust your prompts iteratively** Treat prompt writing as an iterative process. If you don't get the desired results, provide feedback and refine your prompt based on what worked and what didn't. ❌ Initial prompt: ``` Help me create a dashboard to monitor security alerts. ``` ✅ Refined prompt after initial response: ``` Thanks for the overview. I'd like to create a more specific security alert dashboard in Tines. I need to visualize: 1. Alert volume by severity (Critical, High, Medium, Low) 2. Top 10 alert sources 3. Alert trend over the past 7 days Can you help me with the specific Tines formulas I'll need to aggregate this data from our alert JSON? ``` **Learn more:** - [Introduction to Workbench](https://explained.tines.com/en/articles/9822635-introduction-to-workbench) - [Frequently asked questions: Workbench](https://explained.tines.com/en/articles/9855941-frequently-asked-questions-workbench) - [Get started with Agents](https://explained.tines.com/en/articles/11541238-get-started-with-agents) - [AI Agent action FAQs](https://explained.tines.com/en/articles/11510164-ai-agent-action-faqs) ## Writing formulas with Workbench Workbench is able to get the latest documentation about formulas to help you write both simple and complex formulas. The best way to get started is to provide Workbench with some sample data aexplain what you're trying to achieve using Tines formulas. Workbench will then fetch the latest Tines documentation on formulas to suggest a combination of formulas to solve your ask. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1404803934/491d394b01a725aa5a45992dfeb2/Formula.png?expires=1781611200&signature=0a6dced276eecce4c7d297e74540d1d50ef08ff28cdc4ebe2fe9347d4fb53a32&req=dSQnEsF%2BnohcXfMW3nq%2BgV2C5PC7UB2Lfcg8KijnqaBdmENQ9GsoAide%2FaRF%0ArBi9UWFrE0vshVCgvAX9fTY%2BcX8%3D%0A) Like all AI tools, sometimes Workbench will generate a formula that is incorrect. If that happens, you can provide the error message back to Workbench and reexplain what you were trying to achieve and it can correct itself. ## Your first visit to Tines [Watch video](https://fast.wistia.net/embed/iframe/bmwlrbcvmf) In this article, we’ll guide you through your very first visit to Tines. Once you've read it, why not [jump on a **1:1 call** with a Tines product expert](https://www.tines.com/book-a-demo?utm_source=intercom&utm_medium=product&utm_campaign=explained). First, on the left, you have your actions. These are the building blocks of all automation in Tines. Using any combination of these eight action types, you can arrange the tasks or steps for any process you automate. The **eight** types are: webhook, HTTP request, receive email, send email, AI, trigger, event transform, and send to Story. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1216389657/b6ef8762aa48f33241d75ca7d325/CleanShot+2024-10-15+at+11_08_13.png?expires=1781611200&signature=a1f9a2e42d2c7904b38fc381d1bf32776fb41d61e3e240a2db5f24830655fd8d&req=dSImEMp2lIdaXvMW3nq%2Bge8CTjr00GpH6B%2BBUDsc9ZH3J546Hr95TVT2H%2BZC%0A1zSZcYcSUwGuDnEJ6a4fhh4RkaQ%3D%0A) And, if you aren’t sure where to start, you can drag on one of these pre-configured actions from our action templates, here: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1401163456/81f423761ad7215ecb1f09a8ab56/Actions.gif?expires=1781611200&signature=8495b7c42225a39560d4191c581d0fb2a4279b69297eea3e3a607429b6399a54&req=dSQnF8h4noVaX%2FMW3nq%2Bgb%2BQ1ZmEqZUyOlf7URepkFsSKbIo5DQcEQLhdQLw%0Aa%2BP%2BsoTHf1N8UNfRTOLEittlVzo%3D%0A) For example: if you wanted to automatically post a Slack message to your team every time a user makes a request, select Slack from templates list and drag the pre-formatted Action onto your storyboard. With the Slack action selected, search for `Send a message` in the properties panel on the right. Connect it to the preceding action, configure it, and that's it. The area in the center is your storyboard. This is where you’ll build your story by dragging on actions and connecting them to other actions. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1401164031/92a406d408c5d335450e4847bba8/Storyboard.gif?expires=1781611200&signature=d2fc6fbff279aa90c9db8d7f10a8dcaba58944c4ef92ef04c68cf96a867e057a&req=dSQnF8h4mYFcWPMW3nq%2BgUpLUmKhwPjcOLwV5smU21P7PrmNWjbiRpv5SPPQ%0Atn5No6nBfn2siQ63sKhMnePBJac%3D%0A) > Simply put, **stories** are a series of connected **actions**. And a story runs when an event passes data between actions. An event is the output of an executed action. If you're looking for inspiration, consider building one of these stories: - request a list of users in a system - check to see if a URL is malicious - send some kind of notification (like email) when something specific happens Lastly, this right-hand side panel is called the build panel. As you drag an action onto the storyboard, it changes to reflect what configuration options we have available for that action. For every action, we can give it a name and description and then set the rules by which it makes decisions. ![](https://downloads.intercomcdn.com/i/o/675730018/55881e6ddfb289ec9bd9dfcc/cbbc4e01-d4f6-44c7-a6e6-b91597c4252a.gif?expires=1781611200&signature=67331a76fd67d39e4e8c74509ff93f2201ea21caf96a6d317922e903b55bbb49&req=ciciEcp%2BnYBXFb4V1XW4gXTh2kEpqWTx4RnqkVyzjxn1fX%2FN9spg0RXUIxQT%0AyW0mJVX1rPA6xEQfXW0498B6qg%3D%3D%0A) If you are looking for some inspiration to get your first story going, check out the Tines [story library right here.](https://www.tines.com/story-library) You’ll see how other stories have been built. And, you can easily import them into your tenant to get going... like this: ![](https://downloads.intercomcdn.com/i/o/am0g137l/1401166799/c2457f948b6970e1f74a117e15c1/Story+library.gif?expires=1781611200&signature=a8d094095936096e4fc3a805b414d959b98935e512803c3231c5a395c465404b&req=dSQnF8h4m4ZWUPMW3nq%2BgVF47sebn%2FXXvgbQpXkB9vdIjHsNMhfQNn%2BWlkAK%0A2LF7Q7FnGodDQ0wzfo2kbrbSCsw%3D%0A) Start building right now –and if you get stuck, chat with us using the messenger inside the product… we’re always here to help. ## Talk to a product expert What to expect: - Zero-pressure, technical demo of the Tines platform - Walkthrough of a relevant use case - Overview of products and plans - Insight into API and integration capabilities [Get a demo](https://www.tines.com/book-a-demo?utm_source=intercom&utm_medium=product&utm_campaign=explained) ## Your first visit to Tines In this article, we'll guide you through your very first visit to Tines. Once you've read it, why not [jump on a 1:1 call with a Tines product expert](https://www.tines.com/book-a-demo?utm_source=intercom&utm_medium=product&utm_campaign=explained). [Watch video](https://fast.wistia.net/embed/iframe/bmwlrbcvmf) ### **Actions** First, on the left, you have the story toolbar. This is where you will find the building blocks of all automation in Tines. Using any combination of these action types, you can arrange the tasks or steps for any process you automate. The action types are: webhook, HTTP request, receive email, send email, AI, condition, event transform, and send to story. Also found in the story toolbar are notes, sections and pages. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2332266861/af1d9d9f1f64111ab2a0428fc301/toolbar+location2.gif?expires=1781611200&signature=f60e92a0b8ddb93aa6cd4dc93e40876e8260ffe0b591dbadb6d5ff5dd565bf8d&req=diMkFMt4m4lZWPMW3nq%2BgU14aKAG1%2BlwaT5lWJ%2B4HhUgtc2r3ytbr0SwR5Uq%0A6YwkR9hP6IYd2KdRGDTAGZA1gKU%3D%0A) And, if you aren’t sure where to start, you can drag on one of these pre-configured actions from the HTTP request. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2332283233/3eb2709fe6a0b2617a845434cbc7/toolbar+templates2.gif?expires=1781611200&signature=537ed3f07d37dc34286d5d30b74d20f5d78a98fa09504c01709aba5d5364b22e&req=diMkFMt2noNcWvMW3nq%2BgetMfdB6sfoZlk5bjrcwnXVDmg%2F5ApQtNVpu%2FmEa%0A4Tl6xEuQ8W87bUQ3k7reYmYyG9Q%3D%0A) For example: if you wanted to automatically post a Slack message to your team every time a user makes a request, select Slack from products list, search for `Send a message` and drag the pre-formatted action onto your storyboard. Connect it to the preceding action, configure it, and that's it. > **Tip:** You can switch between light and dark modes by clicking on your name in the top right of the screen, and selecting your preferred option. ### **Storyboard** The area in the center is your storyboard. This is where you’ll build your story by dragging on actions and connecting them to other actions. ![](https://downloads.intercomcdn.com/i/o/am0g137l/2179824367/5dace121e042bb5c96eda82c5ac2/CleanShot+2026-03-19+at+15_33_22.gif?expires=1781611200&signature=75658e8241bbaf286e880231580e21f71c01749804cf634a2ebdfd5ea0c9c464&req=diEgH8F8mYJZXvMW3nq%2BgZlJUlbnQkWid7Qa4MJGY04XSnITt8WdEhwGOgs1%0AdCZlozJNTXoEWWKfPW30sD7YlbY%3D%0A) > Simply put, **stories** are a series of connected **actions**. And a story runs when an event passes data between actions. An event is the output of an executed action. If you're looking for inspiration, consider building one of these stories: - request a list of users in a system - check to see if a URL is malicious - send some kind of notification (like email) when something specific happens ### Properties panel Lastly, this right-hand side panel is called the properties panel. As you drag an action onto the storyboard, it changes to reflect what configuration options we have available for that action. For every action, we can give it a name and description and then set the rules by which it makes decisions. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1801456650/9e62dad7533c956ece914f1c7e20/cbbc4e01-d4f6-44c7-a6e6-b91597c4252a.gif?expires=1781611200&signature=74bb91ab66eeb45898f99429140d6b4b3473c206fbf1d2c8fb91c68d0938e854&req=dSgnF817m4daWfMW3nq%2BgY7eRurtYfyjpLgoo3gjrnZtES%2FzeQo1PEuMp1pP%0AtQ8DAXTDWE2EkTQg1BHQ%2F2QWyQM%3D%0A) ### Story library If you are looking for some inspiration to get your first story going, check out the Tines [story library right here.](https://www.tines.com/story-library) You’ll see how other stories have been built. And, you can easily import them into your tenant to get going... like this: ![](https://downloads.intercomcdn.com/i/o/am0g137l/2179852200/c28a9e879da0147c316b50624cc1/Clipboard-20260319-154124-509.gif?expires=1781611200&signature=db1724e5160e3794f1638066845e00209d2b20ee15778a3d967f4546d437114d&req=diEgH8F7n4NfWfMW3nq%2Bgf9nHBn5KIsL%2BahVVZZO1tIVgf9auyNKrr4de42a%0AY2akPzx4i%2BB40VlHaUr2e%2F2kPV8%3D%0A) ### **How to switch between tenants** If you have multiple tenants, you can switch between them using the tenant switcher in your menu in the top left. ![](https://downloads.intercomcdn.com/i/o/am0g137l/1801477309/67f7312243d9b4e172c2e2aaade4/CleanShot+2025-10-28+at+19_23_49.gif?expires=1781611200&signature=7e6b5b862938b832f1f72725f1f19511dc3b6b790745271c5e1de271975cca94&req=dSgnF815moJfUPMW3nq%2BgfHF3pefKucMN9VgLZWvCc7Lrh%2Bv9T4XdRaXbwlY%0ALNEidbDuL5IK6mY71idOgrThZVg%3D%0A) ### **Talk to a product expert** What to expect: - Zero-pressure, technical demo of the Tines platform - Walkthrough of a relevant use case - Overview of products and plans - Insight into API and integration capabilities [Get a demo](https://www.tines.com/book-a-demo?utm_source=intercom&utm_medium=product&utm_campaign=explained) ## Zendesk Authentication Guide Zendesk is a comprehensive customer service and engagement platform designed to empower businesses to deliver exceptional support experiences. With its suite of powerful tools and features, Zendesk enables companies to streamline customer interactions, boost efficiency, and foster customer satisfaction. This guide covers 2 options for authentication: 1. [OAuth](#h_96dcc6cf2d) 2. [Basic Authentication](#h_5a6da933e9) ## OAuth 1. Log in to your Zendesk account 2. Click on the application tray and click "Admin Centre" ​ ​ ![](https://downloads.intercomcdn.com/i/o/910239510/6890db597310c4dcc17d43d6/image.png?expires=1781611200&signature=f7e93448d8f9c1869e9cbf648fbbc893e50449fde98da1172729e2e4bd34d2de&req=fSEnFMp3mIBfFb4V1XW4gdPeMyVxXMxkU2jr9%2F%2BC3g1T8OeEQWsClPZeIsBD%0A2iytqLjcrgGDTsPKtptXIiKAPw%3D%3D%0A) ​ 3. Click "Apps and Integrations" ​ ​ ![](https://downloads.intercomcdn.com/i/o/910239681/ce39de9a6abddd58429c6b62/image.png?expires=1781611200&signature=38fa3f9e5e5ed54940ec003e69fc53ee3a62e5b1b1d7222241dfa71273833bf2&req=fSEnFMp3m4leFb4V1XW4gRalsrbmT3nLWBTI5D%2B8a%2BxuBVQxktOqAUefqaaM%0A4lrUamcmDmKd43MrEGkmdSwIag%3D%3D%0A) ​ 4. Click "Zendesk API" under "APIs" ​ ​ ![](https://downloads.intercomcdn.com/i/o/910239933/0340c3f7222ccf1a51587c2b/image.png?expires=1781611200&signature=9e4c1eca25d9bde5c8602149fd43a8411190a058d161b9118bb0d83fc79319df&req=fSEnFMp3lIJcFb4V1XW4gaG%2FRdk4sMV%2F0gj%2BHVOdgPCT7Td9cLRhxKwFc2RP%0AnXYoCxUGLrVHHO9mWvEKQYJniA%3D%3D%0A) 5. Click "OAuth Clients" and then click "Add OAuth client" ​ ​ ![](https://downloads.intercomcdn.com/i/o/910242743/4d98c6b06c5af357e0c91440/image.png?expires=1781611200&signature=b2ef0f65c15996fef6f55fb9587a2f8aafe4788a2408e253c0c8bf4acc787abd&req=fSEnFM18moVcFb4V1XW4gfI53UDnbGwWgjLLKUCA0jKXoXuhz0K0uQ4hcVQ6%0AwE%2B5LePKpnbLTCFYXyNGK11KEQ%3D%3D%0A) ​ 6. Name your client, give it a description, add a logo and then click "Save" ​ ​ ![](https://downloads.intercomcdn.com/i/o/910243185/f02f93c7bc9a4c847bb0d74b/image.png?expires=1781611200&signature=d9007bf5ed08b18f72e52fb5999a8cd80816fc103b9ea9ed8f7ec1d2fa33b7c6&req=fSEnFM19nIlaFb4V1XW4gfAC7uYQqwuTyEN4HZJAMtUQBx2Q%2BlsmHj8iK7AP%0AAm4vV53%2BYxOA3WPbKySV4OO7yQ%3D%3D%0A) ​ ​ 7. Click "OK" ​ ​ ![](https://downloads.intercomcdn.com/i/o/910243609/6f17877de61c63cde57ac928/image.png?expires=1781611200&signature=9ad037f1991adeefa971af7c86bda0cd986dbe7b7025689a7c46460dda34cc74&req=fSEnFM19m4FWFb4V1XW4gS6CtIQi5c87wLCpvU0XWWopipO6hALxTFmjKEaU%0A9HVEHOqv39V6BC0dMTKmMh9AnA%3D%3D%0A) ​ 8. Copy your "Unique identifier" and "Secret" to a text editor ![](https://downloads.intercomcdn.com/i/o/910245295/4b8d6184261eb1a062e1dd39/image.png?expires=1781611200&signature=6ef11d8812524fa5648d52995b3a1f0111b7227ebac561b6b8080989a12aead7&req=fSEnFM17n4haFb4V1XW4gUA7c7Ui3OGjhdir5OKAJSVCjFC4oyGFnbkk%2F43F%0AxHqqXJUMHzLB7bUJ1YEtTFoEpw%3D%3D%0A) ​ ​ ## Create a Zendesk resource and credentials in Tines You will need to create: - One Resource: "Zendesk username" - Two Credentials: - Text type: Zendesk password - HTTP Request type: Zendesk OAuth ##### Resource 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Resource" 3. Click "+ New Resource" 4. Input the values for the Zendesk resource 1. **Name:** Zendesk username 2. **Description:** Optional 3. **Builder:** Your Zendesk username 5. **Optional** 1. **Access:** What other teams can also use the resource 6. Click "Save resource" ##### Text type 1. Navigate to the team that will be using the API and click "Credentials" 2. Click "+ New Credential" and select "Text" 3. Input the values for the Zendesk credential 1. **Name:** Zendesk password 2. **Description:** Optional 3. **Value:** Your Zendesk password 4. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API 5. Click "Save" ##### HTTP Request type 1. Click "+ New Credential" and select "HTTP Request" 2. Input the values for the Zendesk credential 1. **Name:** Zendesk 2. **Description:** Optional 3. **URL:** `https://.zendesk.com/oauth/tokens` 4. **Content-Type:** JSON 5. **Method:** post 6. **Payload**: Copy the below object and paste into the "Plain code" section: 1. Replace `` with your "Unique identifier" and `organizations:write read` with the client's scopes ``` { "grant_type": "password", "client_id": "", "client_secret": "<>", "username": "<>", "password": "<>", "scope": "organizations:write read" } ``` 7. **Secret:** Your "Secret" 8. Click "Run options", navigate to the `access_token` key and double-click on the key: ​ ​ ![](https://downloads.intercomcdn.com/i/o/910250228/d42007b3e3932164133976fb/image.png?expires=1781611200&signature=03f8ec2f50822c4e08a434db5e127d935de5fdf0c95482544281d3eea9c1a029&req=fSEnFMx%2Bn4NXFb4V1XW4gdPSKFlkEkZF8MFtzXQ2YAkJvFu5iMf3SxafrIOv%0A0t1xFo74iR7sI0papT7liNqTzg%3D%3D%0A) 9. **Location of token from response:** Paste the path to the token in the value pill, `zendesk_oauth.body.access_token` 3. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains 2. **Access:** What other teams can also use the API 4. Click "Save" Your credential should look like the following: ​ ![](https://downloads.intercomcdn.com/i/o/910249075/9427ecdef826105fc59de966/image.png?expires=1781611200&signature=2d5214b7164e7b51a412cc36125e63fadbb55847b22e2ce92283a316e66f7b41&req=fSEnFM13nYZaFb4V1XW4gQr76xqscy7BJde7KMPPAzdWBAmBtjUFiGgL7wXx%0AHvMZAbLTXqMWRbhz00eMZeid6Q%3D%3D%0A) ![](https://downloads.intercomcdn.com/i/o/910249132/c542bc064cc4f41a14d99587/image.png?expires=1781611200&signature=904f1a701aec9974dda614c8dcc95f8d79f116b1ff38a88ad344b2d0ab9891fc&req=fSEnFM13nIJdFb4V1XW4gZFL2k72qV9hLCZqNU%2FP9P6t0Lr4VJpo5kBhY3Jt%0AtDtR%2F8G1FJvmTc8IWqsRIca0lA%3D%3D%0A) ![](https://downloads.intercomcdn.com/i/o/910249289/1b5724c74a2039a43d78ef60/image.png?expires=1781611200&signature=15d02a1b8fe7fa8479a49fdc18cd2ab6e4b6b999e7b46ee7665ffb1134a36431&req=fSEnFM13n4lWFb4V1XW4gYJnUvjkxQUXvYBFjZ1JFpLGAF4oUlSpOCCM67I9%0AIoasMfSLKxvkYqeM73zhn3zOpw%3D%3D%0A) ## Basic Authentication ### First, get a Zendesk API token 1. Login to your Zendesk account 2. Click on the application tray and click "Admin Centre" ​ ​ ![](https://downloads.intercomcdn.com/i/o/910239510/6890db597310c4dcc17d43d6/image.png?expires=1781611200&signature=f7e93448d8f9c1869e9cbf648fbbc893e50449fde98da1172729e2e4bd34d2de&req=fSEnFMp3mIBfFb4V1XW4gdPeMyVxXMxkU2jr9%2F%2BC3g1T8OeEQWsClPZeIsBD%0A2iytqLjcrgGDTsPKtptXIiKAPw%3D%3D%0A) ​ 3. Click "Apps and Integrations" ​ ​ ![](https://downloads.intercomcdn.com/i/o/910239681/ce39de9a6abddd58429c6b62/image.png?expires=1781611200&signature=38fa3f9e5e5ed54940ec003e69fc53ee3a62e5b1b1d7222241dfa71273833bf2&req=fSEnFMp3m4leFb4V1XW4gRalsrbmT3nLWBTI5D%2B8a%2BxuBVQxktOqAUefqaaM%0A4lrUamcmDmKd43MrEGkmdSwIag%3D%3D%0A) ​ 4. Click "Zendesk API" under "APIs" ​ ​ ​ ![](https://downloads.intercomcdn.com/i/o/910239933/0340c3f7222ccf1a51587c2b/image.png?expires=1781611200&signature=9e4c1eca25d9bde5c8602149fd43a8411190a058d161b9118bb0d83fc79319df&req=fSEnFMp3lIJcFb4V1XW4gaG%2FRdk4sMV%2F0gj%2BHVOdgPCT7Td9cLRhxKwFc2RP%0AnXYoCxUGLrVHHO9mWvEKQYJniA%3D%3D%0A) 5. Enable "Password access" and "Token access", and click "Add API token" ​ ![](https://downloads.intercomcdn.com/i/o/910240458/717fdc84d4f4d45ef57c290e/image.png?expires=1781611200&signature=8f9311692f0686fe3bf1b32feb449fc7f6519922121d72719bb15dbe6c6d5d57&req=fSEnFM1%2BmYRXFb4V1XW4gcXMH62c%2BtXuNQe2xFW%2F%2FFGuNIHfHv8NZ8smW5y5%0AS2egvcv0BrwAPrTzXIz6KONCaw%3D%3D%0A) ​ 6. Name your token, copy your token to a text editor and click "Save" ​ ![](https://downloads.intercomcdn.com/i/o/910241038/846de3ecaa04ae8bc53bf5fe/image.png?expires=1781611200&signature=f99e7a3b006f6f5ebf5e747c17af9c9399dd92a3ec0f82938ab07fe0d7fd4101&req=fSEnFM1%2FnYJXFb4V1XW4gdxQMGieCt%2BqTofJDwXGdW3jae6I6yI2hWZiY%2BSv%0Ab%2F8xObFDWFG6ScvD%2FciBv3U%2BKQ%3D%3D%0A) ### Lastly, create a Zendesk credential in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Text" 4. Input the values for the Zendesk credential 1. **Name:** Zendesk 2. **Description:** Optional 3. **Value:** Your API token 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API 6. Click "Save" > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Zendesk stories in the [story library](https://www.tines.com/story-library?s=zendesk)** ## Zoho Desk Authentication Guide Zoho Desk is a cloud-based help desk solution from Zoho Corporation, catering to businesses of all sizes. Key features include management of customer support tickets, a customer support portal, contract management and report creation. ## First, create a ZohoDesk application 1. Login into your ZohoDesk Developer [Portal](https://api-console.zoho.eu/) and click "Get Started" ​ ![](https://downloads.intercomcdn.com/i/o/891057854/1ed04227b3052d27b491d138/image.png?expires=1781611200&signature=101bc8365713ff45462592e3db4ffc1403f360fa6f0cc094f2357a58827b486e&req=fCkmFsx5lYRbFb4V1XW4gRqP78G3LZ6kT0fj3ZsDqsWoH22nVyLXX%2BmkN6f%2F%0A7Z1VBHtIZGknfd68Fry81EhIMA%3D%3D%0A) ​ 2. Choose a "Self Client" and click "CREATE NOW" ​ ![](https://downloads.intercomcdn.com/i/o/891058169/93e7692fafa697ffb92de8b0/image.png?expires=1781611200&signature=05daae938058b27564185a4eae993d875ab9df93444cee9c9d2c48a3cb41af66&req=fCkmFsx2nIdWFb4V1XW4gSNegow%2BPpqVnPHNW42L4lGazANNgX8m2t1Tys5E%0ATtqR5hY5zI1HmfyplNWwh0rPmw%3D%3D%0A) ​ 3. On the "Client Secret" tab, copy your "Client ID" and "Client Secret" to a text editor ​ ![](https://downloads.intercomcdn.com/i/o/891058858/92ae982de0402143a61d3e36/image.png?expires=1781611200&signature=261f2303cfe033dfbd5a984c267d706ebc790a64664db56eb0c0e2ad2a648e4f&req=fCkmFsx2lYRXFb4V1XW4gdwYYooFmxe4juH5qZ3x%2FRb%2Bf1PdV86Jhm4K1%2Fx1%0ApOvENM%2BMrmkw%2FFx%2FbNkZh%2BgKGQ%3D%3D%0A) ​ 4. Click "Generate Code" 5. Choose the appropriate scope, time duration and give the token a description, then click "Create" ​ ![](https://downloads.intercomcdn.com/i/o/891062067/4e2f4bea06e62d1c66e21435/image.png?expires=1781611200&signature=55509dd718441b96845aa5fded939c132bc7b7a61e9cf1fcaa1ff3306945e58a&req=fCkmFs98nYdYFb4V1XW4gWt7w8X71CxPMvKIa4oNUo3C9YNDtpIWNsjf%2FsKR%0AuNgVq4oa5iQQZBYDoDWKVLZ2Zg%3D%3D%0A) ​ 6. Select the appropriate "Portal" and "Organization", then click "Create" ​ ![](https://downloads.intercomcdn.com/i/o/891062658/a85b2772195f26326a1bfb67/image.png?expires=1781611200&signature=989ee91eccd9c4f00878084c953ff8ae99f524144687038fbd3bdc6c73943154&req=fCkmFs98m4RXFb4V1XW4gSTzkBrroZzR91D0wp1e0y%2FkrWBShZrAsEAcC5GG%0A4qtdPQ0K%2BSPR5q2%2FhuaJ7XWI4A%3D%3D%0A) ​ 7. Copy your code to a text editor ​ ![](https://downloads.intercomcdn.com/i/o/891063153/b388035e511883d4bc35b911/image.png?expires=1781611200&signature=ac975bf5fca437edb5788bffe47266420c9b76d271d7411f6fcd2ce8f8b14a08&req=fCkmFs99nIRcFb4V1XW4gfslzkPuMe5CAtUTBZqxZ06FMNeAUiyEPwTT9nRU%0AhZikqqkQrMfT7oIiylRAq85Tgg%3D%3D%0A) ## Lastly, create ZohoDesk credentials in Tines 1. Login to your Tines tenant 2. Create a new story 3. Paste the below curl command onto your storyboard and replace the values for `client_id`, `client_secret` and `code` with your "Client ID", "Client Secret" and "Code" ​ ``` curl -v \ -X POST \ --location \ "https://accounts.zoho.eu/oauth/v2/token" \ -H 'Content-Type: form' \ -d 'code=code&grant_type=authorization_code&client_id=clientid&client_secret=client%20secret&redirect_uri=https%3A%2F%2Fwww.tines.com' ``` 4. Run the action and copy the value for the `refresh_token` key to a text editor ​ ![](https://downloads.intercomcdn.com/i/o/891065517/675138718a48288a708456fc/image.png?expires=1781611200&signature=d8a79df8f5793fce4fd4e18f24d4d2d806533298b47cde1ac03e2c8bca29d342&req=fCkmFs97mIBYFb4V1XW4gQemMinnTDikfS42M4Gnvb%2FeF8jTWczgUwlrfcpW%0AItciEH34jxGnmlUcFmUUVXDC%2Bg%3D%3D%0A) You will need to create three credentials: - Two Text type: "zohodesk\_client\_id" and "zohodesk\_client\_secret" - One HTTP request type: "zohodesk" ##### Text type 1. Navigate to the team that will be using the API and click "Credentials" 2. Click "+ New Credential" and select "Text" 3. Input the values for the ZohoDesk credential 1. **Name:** zohodesk\_client\_id 2. **Description:** Optional 3. **Value:** Your Client ID 4. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API 5. Click "Save" 6. Click "+ New Credential" and select "Text" 7. Input the values for the ZohoDesk credential 1. **Name:** zohodesk\_client\_secret 2. **Description:** Optional 3. **Value:** Your Client secret 8. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains. 2. **Access:** What other teams can also use the API 9. Click "Save" ##### HTTP request type 1. Click "+ New Credential" and select "HTTP Request" 2. Input the values for the ZohoDesk credential 1. **Name:** ZohoDesk 2. **Description:** Optional 3. **URL:** `https://accounts.zoho.eu/oauth/v2/token` 4. **Content Type:** Form 5. **Method:** post 6. **Payload:** Copy the below object and paste into the "Plain code" section: ``` { "refresh_token": "<>", "client_id": "<>", "client_secret": "<>", "scope": "Desk.tickets.ALL", "redirect_uri": "https://www.tines.com", "grant_type": "refresh_token" } ``` 7. **Headers:** `"orgId":"<>"` 8. Click "Save and run request", navigate to the `access_token` key and double click on the key 9. **Location of token from response:** Paste the path to the token in the value pill, `zohodesk.body.access_token` 3. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains 2. **Access:** What other teams can also use the API 4. Click "Save" Your credential should look like the following: ![](https://downloads.intercomcdn.com/i/o/891071940/62f87de2b85475111a58ff8f/image.png?expires=1781611200&signature=84fbf443ca466c6bc1e1b9fd21bfecaaf956c8698c3dc6f673076caa75ea685e&req=fCkmFs5%2FlIVfFb4V1XW4gUagOiTgXtlPB83rWNvowTzeZ5HSYiPy7bjf3rLh%0AHPhmI2w2BFY2nUNDb8FU1jiZgw%3D%3D%0A) ![](https://downloads.intercomcdn.com/i/o/891072097/bd89479c4159423d4090e3fa/image.png?expires=1781611200&signature=e5675882e2c53abb5b45cae281349035e11f9311cc4bb7eb853872f0d7bc9bc8&req=fCkmFs58nYhYFb4V1XW4gSP3OJadxfLN5I%2BCxMVFKsUKP69dgWXweYgRmH3X%0AB8J%2FXR%2FCYtHKkLMTuk3Y4NBxvw%3D%3D%0A) ![](https://downloads.intercomcdn.com/i/o/891074874/c1ebc90d189d42d43dd266ad/image.png?expires=1781611200&signature=e2ede7aa529a859b787004e2e1a0442ca14088d213ccc6b11d6f886f2696d217&req=fCkmFs56lYZbFb4V1XW4gYHPCGDyCGXhL83TluaPeODjW96HEiXVqYIU5Haz%0ACRnSTztLrlCTeaUrj8zZyEv1hw%3D%3D%0A) > **More on creating credentials in Tines [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can also find a selection of ZohoDesk stories in the [story library](https://www.tines.com/library?view=all&s=zohodesk).** ## Zoom Authentication Guide This guide covers 2 types of authentication for Zoom: 1. [Server to server OAuth app](#h_4965ad46f9) 2. [Personal OAuth app](#h_d2d3f22b86) ## Server to server OAuth app ### First, create a Zoom Server-to-Server OAuth app 1. Navigate to [https://zoom.us/signin](https://zoom.us/signin) and sign in to your account 2. Navigate to [https://marketplace.zoom.us/develop/create](https://marketplace.zoom.us/develop/create) and click "Create" on the "Server-to-Server OAuth" type (see [Zoom's Create a Server-to-Server OAuth app](https://developers.zoom.us/docs/internal-apps/create/)) ​ ​ ![](https://downloads.intercomcdn.com/i/o/813468845/5df3cc6f0a3b457fdb9a6293/image.png?expires=1781611200&signature=d28d66b913bb1e484c1588f20989d66d84c2a57a6eccb01e983ea54109cb4a6a&req=fCEkEs92lYVaFb4V1XW4gbh5Uv3x3Ya6aAXdzv56ogF3a6qmvh0QLRKAz8aW%0AgxUJHQ%2FB4uLdQA94WwVOYdTAQA%3D%3D%0A) ​ 3. Name the app and click "Create" 4. Copy the "Account ID", "Client ID" and "Client Secret" values ​ ​ ![](https://downloads.intercomcdn.com/i/o/813471000/3fb97406872f07ca433b21ae/image.png?expires=1781611200&signature=da324fd84280bc03071443df6438c69bf1e986649a8642e2f8ed1b65d9d3c56e&req=fCEkEs5%2FnYFfFb4V1XW4ga%2FK1UjdW1vZqhIlbL8VuIFyvY7P8omIijDpphG3%0Act4u2V4KA%2Fj%2BV92MiNJLyGLsDw%3D%3D%0A) ​ 5. Click on "Information" and fill out the details 6. Click on "Scopes" and choose the required scopes 7. Click on "Activation" and then click "Activate your app" ​ ​ ![](https://downloads.intercomcdn.com/i/o/813471776/f1f54f90b29c16420e2f98de/image.png?expires=1781611200&signature=5e6e1a219d68f1b83dd438a69512c3a9e503e6be126fcff25eb6bf773497182b&req=fCEkEs5%2FmoZZFb4V1XW4gbMoalD4y5hIe8hapZ42ms3AzATf%2FPdnoleNgwUm%0AUWI06hmBzclBLmJ%2BG068unzdKQ%3D%3D%0A) ### Next, create Zoom credentials in Tines **Zoom connect flow (recommended):** 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credentials" 3. Click "+ New Credential" and select "Zoom" and follow the prompts to connect. > Read about our connect flows [here](https://www.tines.com/docs/credentials/connect-flows/zoom). ### Using the credential in an action The Header configuration for your Zoom S2S credential should be: ``` "Authorization": "Bearer <>" ``` Here is an example Zoom action you can copy and paste onto your storyboard in Tines: ``` {"standardLibVersion":"35","actionRuntimeVersion":"4","agents":[{"disabled":false,"name":"List all Zoom users","description":"Lists all users in a Zoom account. Query parameters can be added to filter for active/inactive/pending users.","options":"{\"url\":\"https://api.zoom.us/v2/users\",\"content_type\":\"json\",\"method\":\"get\",\"headers\":{\"Authorization\":\"Bearer <>\"}}","position":{"x":180,"y":915},"type":"httpRequest","timeSavedUnit":"minutes","timeSavedValue":0,"monitorAllEvents":false,"monitorFailures":false,"monitorNoEventsEmitted":null,"recordType":null,"recordWriters":[],"form":null,"cardIconName":"httpRequest","createdFromTemplateGuid":"544f7d2d06f0501d676fad32aea5526193e59e964a48af3e6f959ee69ee50a46","createdFromTemplateVersion":null,"originStoryIdentifier":"cloud:aa47f8215c6f30a0dcdb2a36a9f4168e:d4c15df0f02ba4789095426607003199"}],"links":[],"diagramNotes":[]} ``` ## Personal OAuth app ### First, create a Zoom Credential in Tines 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credential" 3. Click "+ New Credential" and select "OAuth 2.0" 4. Copy the "Callback URL" ### Next, create a Zoom OAuth app 1. Navigate to [https://zoom.us/signin](https://zoom.us/signin) and sign in to your account 2. Navigate to [https://marketplace.zoom.us/develop/create](https://marketplace.zoom.us/develop/create) and click "Create" on the "OAuth" type (see [Zoom's Create an OAuth app](https://developers.zoom.us/docs/integrations/create/)) ​ ​ ![](https://downloads.intercomcdn.com/i/o/804409219/5bc4ef160056b2b04ecb8e12/image.png?expires=1781611200&signature=82f94745d61364a99a95fc0a9eebdef391c651d94afa3e1d8aa25945cf7788ef&req=fCAjEsl3n4BWFb4V1XW4gWX%2B2M53hEz5cnvqFrwQxlNpWiNRX6arAE44bL4G%0ADRb7I7E3V44062rOc96erDFRJw%3D%3D%0A) ​ 3. Name the app and choose an app type 1. **Account-level app**: can manage all users in an account and have the ability to perform more actions across the organization 2. **User-managed app**: do not have to be an admin of your workspace and you can do user-level API calls for your accountfor ch as creating a meeting ​ ![](https://downloads.intercomcdn.com/i/o/804411401/86fbfdf9afa18a611f94e606/image.png?expires=1781611200&signature=0958fb9cdc6abe8b7de0778884a14f001c7cb7a2f39c4222f9d1124cf458e845&req=fCAjEsh%2FmYFeFb4V1XW4gYvM9kJGogUicdCGbd57BUIKZKn8%2BFtHBGQ6UMz9%0AbYavk6OIvC0WN9%2F1SHLk92l%2FKQ%3D%3D%0A) ​ 4. Paste the "Callback URL" copied from the Tines credential into the "Redirect URL for OAuth" and "Add allow lists" ​ ​ ![](https://downloads.intercomcdn.com/i/o/804416376/bb3b5a7d9a917c028264fa32/image.png?expires=1781611200&signature=58140c634f0cb1aa61d5872fae3ec8115c7647bd17a585c7e5cf866c430a34a7&req=fCAjEsh4noZZFb4V1XW4gbqk%2FPdXmISFRp4TXKyYAd2ssTpwsV8Fv%2BPymMoW%0AVCcL3HV63lsWAGYk0WEsYSMNZg%3D%3D%0A) ​ 5. Copy the "Client ID" and "Client secret" values ​ ​ ![](https://downloads.intercomcdn.com/i/o/804417013/dcb661332994ed3b36db3bf1/image.png?expires=1781611200&signature=219c6fe8bdc4642c4b7f332c119182e7e5679f200672dad821f7810ac6f67bee&req=fCAjEsh5nYBcFb4V1XW4gUlupofjmKK9%2BtXFa9oMy6BfNWRMZuq4KhHGcorj%0AOGfNdZz9JfMdgbcdqDh1%2FMc59w%3D%3D%0A) ​ ​ 6. Click on "Information" and fill out the details 7. Click on "Scopes", choose the required scopes and then copy each scope ​ ​ ![](https://downloads.intercomcdn.com/i/o/804419089/8707c774f26c5194b0e43af1/image.png?expires=1781611200&signature=1a2f77c54be6107b51a39437e63bea5cb97ec941330e69823d85534900386e8a&req=fCAjEsh3nYlWFb4V1XW4gZ1DbU%2FNoIsI%2FgukkCuEXI9EXBDsKlaAbKPkoeCf%0AsslGC0um9zstfjpIWz%2F4fOFeXg%3D%3D%0A) ### Lastly, finish creating the Zoom credential in Tines 1. Input the values for the Zoom credential 1. **Name:** Required 2. **Description:** Optional 3. **Client ID:** "Client ID" copied earlier 4. **Client secret:** "Client secret" copied earlier 5. **Scope:** Scopes copied earlier, separated by a space 6. **OAuth Provider:** Manual 7. **Grant type:** Authorization code 8. **OAuth authorization request URL:** `https://zoom.us/oauth/authorize` 9. **PKCE challenge method:** None 10. **OAuth token URL:** `https://zoom.us/oauth/token` 2. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains 2. **Access:** What other teams can also use the API ​ ​ ![](https://downloads.intercomcdn.com/i/o/804421387/f1d8bd793ddb4efca26736e8/image.png?expires=1781611200&signature=9c5eb96d2579096bf608bdd0b264e41a127b1e42d0a98ebc3fad9e3caf53b11f&req=fCAjEst%2FnolYFb4V1XW4gc6Dupp2pHoig84hetFqZdgD1y0nMsT2CV0nh8zx%0AWFj0zb%2FdTjiRaKq3ONMQ67yj3A%3D%3D%0A) ![](https://downloads.intercomcdn.com/i/o/804421578/5e29aa04dc380d2ffc851a5a/image.png?expires=1781611200&signature=61824202df10a59b94e93f815deb1c03f297662099f574b2884c1e0512c37d3d&req=fCAjEst%2FmIZXFb4V1XW4gbUcCDA%2B%2FljZ9BwNnp3HGzRdPP55DMIAwxpTqn47%0Aoczo6%2BC1Bfss4%2F7YXs3hfo0%2BLQ%3D%3D%0A) ​ 3. Click "Save credential" and then click "Allow" to authorize the app ​ ​ ![](https://downloads.intercomcdn.com/i/o/804422520/11f0bbc8ff7dbf36b508becf/image.png?expires=1781611200&signature=3ff9d7f344372f5ef580bd44ed21cdea1281f55df7bb3fc71a4f3a10cf0541b7&req=fCAjEst8mINfFb4V1XW4gb3%2BgpNAfdz7M4gcEShLS2DOpILJh17Fq9r0oHB%2F%0A745Dp7QEouIBqg8%2FLbcEhPjVbA%3D%3D%0A) > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of Zoom stories in the [story library](https://www.tines.com/story-library?s=zoom)** ## ZScaler Authentication Guide ### First, get your API key in ZScaler 1. Log in to your ZIA Admin Portal. 2. Navigate to Administration > Cloud Service API Key Security and copy the API key. 1. If one is not present, click "Add API Key" to create one (see [ZScaler Cloud Service API Key](https://help.zscaler.com/zia/about-cloud-service-api-key)) ### Next, create ZScaler Credentials in Tines Four credentials will need to be created: - Three Text type: "ZScaler Username", "ZScaler User Password", "ZScaler API Key" - One HTTP request type: "ZScaler" ##### Text type 1. Login to your Tines tenant 2. Navigate to the team that will be using the API and click "Credential" 3. Click "+ New Credential" and select "Text" 4. Input the values for the ZScaler credential 1. **Name:** Required 2. **Description:** Optional 3. **Value:** API Key 5. **Optional** 1. **Domains:** Ensure this credential can only be used when making HTTP requests to specific domains 2. **Access:** What other teams can also use the API 6. Click "Save" ##### HTTP request type 1. Click "+ New Credential" and select "HTTP Request" 2. Input the values for the ZScaler credential 1. **Name:** Required 2. **Description:** Optional 3. **URL:** [`https://zsapi./api/v1/authenticatedSession` 1. `` is the name provisioned for your organization by Zscaler (e.g. `zsapi.zscalerbeta.net`). 4. **Content Type:** JSON 5. **Method:** post 6. **Payload:** Copy the below object and paste into the "Plain code" section: ​ ​ ``` { "apiKey": "<>", "username": "<>", "password": "<>", "timestamp": "<>" } ``` 7. **Local values:** Click the "+ Option" button, select "Local values" and paste the below into the "Plain code" section: ​ ​ ``` { "timestamp": "<>", "credential": "<>" } ``` 8. Hit Save. Then click "Run options" and make sure you get a successful response. 9. **Location of token from response:** `SPLIT(zscaler.headers['set-cookie'], ';') |> FIRST(%)` 3. Additional configurations 1. **URLs and domains:** Ensure this credential can only be used when making HTTP requests to specific domains. Add the base url to the specific domain for all 4 credentials: Zscaler API Key, Zscaler Username, Zscaler User Password, and Zscaler. 2. **Restrict direct access:** Select this option to prevent the credential from being directly retrieved outside of a story, ensuring it is only used within controlled Tines workflows. 3. **Access:** What other teams can also use the API. 4. Click "Save" Your credential should look like the following: ​ ![](https://downloads.intercomcdn.com/i/o/808547909/5c3f83601c20ea26d12d7a2a/image.png?expires=1781611200&signature=c817b099b37c119c6faf9cc26d29457b52709fc29bbd8b91a7bde65eab629302&req=fCAvE815lIFWFb4V1XW4gWa39Ce%2Bj9AVnfZ%2F%2FW26RX2STmlYuGGGZJoFxzX3%0AhwsjmXQQ5H4q%2BC2BaZRiQZ4NMA%3D%3D%0A) ![](https://downloads.intercomcdn.com/i/o/808548091/cdc433dd51c173552b69f330/image.png?expires=1781611200&signature=415f67387f23f7b2c6bb7a89761780f65ef393ea14ee56c84e12a0515d0c6758&req=fCAvE812nYheFb4V1XW4gWjrtgH%2BDfDw8eND%2BgTQH8nG1Ejz1MOvdTO0viVx%0AnbbB27FtZiDdLHTKQ1UAM9Vicg%3D%3D%0A) > **For more on creating credentials in Tines, click [here](https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines).** > > **You can find a selection of ZScaler stories in the [story library](https://www.tines.com/story-library?s=zscaler).** ### Using the credential in an action The Header configuration for your ZScaler credential should be: ``` "cookie": "<>" ``` Here is an example ZScaler action you can copy and paste onto your storyboard in Tines: ``` {"standardLibVersion":"32","actionRuntimeVersion":"4","agents":[{"disabled":false,"name":"Create Admin User","description":"Creates an admin or auditor user","options":"{\"url\":\"https://admin.zscaler.net/api/v1/adminUsers\",\"content_type\":\"application_json\",\"method\":\"post\",\"payload\":{\"loginName\":\"johnsmith@acme.com\",\"userName\":\"John Smith\",\"email\":\"johnsmith@acme.com\",\"role\":{\"id\":2322},\"password\":\"AeQ9E5w8B$\",\"rank\":7,\"name\":\"Read only\",\"policyAccess\":\"READ_ONLY\",\"dashboardAccess\":\"READ_WRITE\",\"reportAccess\":\"READ_WRITE\",\"analysisAccess\":\"READ_ONLY\",\"usernameAccess\":\"READ_ONLY\",\"adminAcctAccess\":\"NONE\",\"permissions\":[\"CUSTOM_URL_CAT\",\"ADVANCED_SETTINGS\",\"COMPLY\",\"FIREWALL_DNS\",\"SECURE\",\"SSL_POLICY\",\"VZEN_CONFIGURATION\",\"PARTNER_INTEGRATION\",\"LOCATIONS\",\"VPN_CREDENTIALS\",\"HOSTED_PAC_FILES\",\"EZ_AGENT_CONFIGURATIONS\",\"SECURE_AGENT_NOTIFICATIONS\",\"AUTHENTICATION_SETTINGS\",\"USER_MANAGEMENT\",\"IDENTITY_PROXY_SETTINGS\",\"APIKEY_MANAGEMENT\",\"OVERRIDE_EXISTING_CAT\",\"REMOTE_ASSISTANCE_MANAGEMENT\"],\"logsLimit\":\"UNRESTRICTED\",\"roleType\":\"ORG_ADMIN\"},\"headers\":{\"cookie\":\"<>\"}}","position":{"x":735,"y":1215},"type":"httpRequest","timeSavedUnit":"minutes","timeSavedValue":0,"monitorAllEvents":false,"monitorFailures":false,"monitorNoEventsEmitted":null,"recordType":null,"recordWriters":[],"form":null,"cardIconName":"httpRequest","createdFromTemplateGuid":"8eed5d2f44abb9a27905037f99400921a997b97b4d2639374ca915aa3ebc4560","createdFromTemplateVersion":null,"originStoryIdentifier":"cloud:aa47f8215c6f30a0dcdb2a36a9f4168e:d4c15df0f02ba4789095426607003199"}],"links":[],"diagramNotes":[]} ```