Most APIs require you to prove your identity. Like passwords for your accounts, APIs require a secret token before providing access. Credentials in Tines let you securely store these secret tokens and use them when making requests to any tool that has an API.
Good credential management is critical when working with APIs. Not only do credentials need to be secure, but they also need to be accessible. Tines can store many kinds of credentials like basic text, OAuth, and AWS credentials. One of the most flexible credential types is the HTTP Request action credential (HRAC). This type of credential allows users to dynamically authenticate to APIs that might have multiple legs of their authentication or retrieve passwords from secure privilege access managers.
Security Considerations when using credentials
It is important to note that while this method dramatically increases the security of secret information in Tines, like any piece of security, it's not absolute.
For example, if Tines is interacting with a 3rd-party service, it is possible the service, depending on its operation, may insecurely include the credential's value in its response, which Tines will then include in an emitted event.
How to create a Credential
There are two main ways to create a credential in Tines: via your dashboard, or directly from within a story.
Create a credential via your dashboard
If you know what credential you want to create, you can do so directly from your dasjboard.
Select the team you wish to add the credential to.
Click "New Credential" and select the tool you are connecting to or the type of credential required.
Each type of credential requires different information. Complete the required fields. You can find more details of the different types of credentials here.
The credential is now available for use in the stories in the team.
Create a credential in a story
Open the storyboard and select "Templates"
Select the vendor you wish to authenticate with. In this example, we select Okta.
Drag a template onto the storyboard.
Click "Connect on the right in the configuration panel.
Enter the required details in the popup.
The credential will now be available for use.
Sharing a Credential
Credentials will, by default, only be accessible to the team they are created within. Credentials can be configured to be shared with all other teams in the tenant by selecting the 'Everyone' access option.
Credentials with the same name as Credentials shared across multiple Teams will use the Credential located within the same Team as the Story.