Skip to main content
DocsBuild WorkflowCredentials

Credentials

Securely store API keys in Credential Center and reference them in workflows.

Credential Center is the unified storage of all external system keys - OpenAI API Key, Slack Webhook, Stripe Secret, internal API authentication header... they are all placed here. The platform uses AES-256-GCM to encrypt the database, and it will not appear in YAML exports, logs, and audit events from beginning to end.

Why Use the Credential Center?

If you want to conveniently write the key directly in YAML, there will be three types of problems:

  1. leak — Exporting YAML, Git submission, and AI assistant diff preview will all bring out the plaintext key.
  2. Unable to rotate — When the key is revoked, each YAML must be manually modified, which is very easy to miss.
  3. Unable to audit — When a problem occurs, I don’t know which Key was used in which execution.

Credential Center leaves only "references" in YAML, and the real values are injected into the corresponding step at runtime.

The AI assistant uses these credentials

The full AI assistant configuration is under Account Settings → AI Assistant. Manage models, prompts, tools, Skills, MCP, and Claude Code / Codex parameters there; this page stores personal and team credentials.

Create A Credential

  1. "Credential Management" on the left → "New Credential" in the upper right corner.
  2. Fill in:
    • Name — An all-lowercase + underscore short identifier, which will be used for quoting in YAML. Example: openai_mainslack_webhook_url
    • Type — api_key / oauth_token / bot_token / webhook_secret / generic。类型决定平台在 UI 上怎么展示它,对解析逻辑影响不大。
    • Value — Once written, it cannot be read back.
    • Namespace — Individual/Team (if you are on a team on the Pro+ package).
    • Description (optional) — Written for yourself or team members, for example: "Prod key of OpenAI project X".
  3. Save. The platform immediately encrypts the database and displays it in the list as ****abc3 This form of the last few digits.
Values can only be overwritten, not read back

This is secure by design - not even platform administrators can read your credential values. If you forget the original value and need to change it, you can only delete it and rebuild it or overwrite it with "update value".

Quoting Credentials In YAML

For Agent Use: Provider Field

yaml
agents:
  writer:
    preset: writer
    overrides:
      model: gpt-4.1-mini
      provider: openai_main          # 凭据中心里的凭据名

provider: openai_main Tell the Agent: "Use the key named openai_main in the credential center when debugging LLM." The platform parses in namespace order, and the first hit takes effect.

Using the Credentials List in a Code Step

yaml
- id: charge_customer
  type: code
  language: node
  credentials:
    - stripe_secret                  # 声明需要这两个凭据
    - internal_api_token
  code: |
    const stripe = require('stripe')(process.env.STRIPE_SECRET);
    const internal = await fetch('https://api.mycompany.com/invoice', {
      headers: { Authorization: 'Bearer ' + process.env.INTERNAL_API_TOKEN }
    });
    // ...

Description:

  • Only those explicitly declared in the credentials: list can be read - they will not be leaked to other steps.
  • After parsing, it is injected as an environment variable: credential name openai_main → env var OPENAI_MAIN (SCREAMING_SNAKE_CASE).
  • Only the declared ones can be seen in process.env; other credentials in the credential center are invisible to this code.

Referenced In Variable Expression

Some fields (such as inputs of sub_workflow) can be directly {{credentials.xxx}} Quote:

yaml
- id: notify
  type: sub_workflow
  module: dingyue-module-slack-deliver
  inputs:
    slack_webhook_url: "{{credentials.slack_webhook_url}}"
    message_text: "..."

Also parsed in namespace order. The credential value only takes effect when the current step is running and will not be written to the execution snapshot.

Namespaces And Parsing Order

The same name can exist in different namespaces. When running, search in the following order, first hit, first used:

  1. personal namespace — If you build it yourself, only you can reference it.
  2. Team namespace — It is shared by your team and can be referenced by all members. Only Team Admin can create/delete.
Recommended Usage
  • Shared production key (team paid account) → team namespace
  • For your own testing / haven’t decided to put it on the team → Personal namespace
  • Common to the whole team: use the same name at both levels (for example, openai_main), and there is no need to change it in YAML - you use the personal one when testing, and automatically switch to the team's when going online.

Provider: Bind Multiple Keys to Different Businesses

If you have multiple Keys (test / prod / team / project X / project Y) in the same LLM provider (such as OpenAI), you can:

  1. Create one key for each key in the credential center (name distinction: openai_test / openai_prod_a / openai_prod_b).
  2. The overrides.provider field of Agent specifies which one to use.
  3. Different workflows can use different providers but the same preset without copying the Agent definition.
yaml
agents:
  expensive:
    preset: universal
    overrides:
      model: claude-opus-4-7
      provider: anthropic_team_budget     # 团队有预算的那把

  cheap:
    preset: universal
    overrides:
      model: deepseek-v3-5
      provider: deepseek_personal         # 个人账户的

Claude Code / Codex Subscription Credentials

If the AI assistant or workflow agent uses the subscription quota model, please create the corresponding provider in "My Credentials":

  • claude_code_oauth — The OAuth Token obtained by logging in with Claude Code.
  • codex_subscription — Full text of auth.json generated by Codex CLI login.

These values will not be saved to the Agent/AI assistant configuration, but will only be temporarily injected into the corresponding CLI at runtime.

Rotation And Revocation

Normal Rotation

  1. Credential Center → Click on a credential → "Update Value".
  2. Enter new value to save.
  3. New executions initiated thereafter use the new value; ongoing executions continue to use the old value cached at startup.

Emergency Revocation

I suspect that my credentials have been leaked and I want to deactivate it immediately:

  1. Click the credential in the Credential Center → "Delete".
  2. All steps that reference it will immediately fail with credential_not_found the next time they are executed.
  3. Then go to the upstream provider (OpenAI / Anthropic...) to revoke the real key.
Order Is Important

Delete it in Braidrun first, and then go to the upstream to revoke it - if you do it the other way around, if you revoke it in the upstream before deleting it, the running execution will suddenly fail in large numbers.

Audit

An audit log will be recorded for each creation/update/deletion/failure of referenced resolution of credentials. Administrators can go to the "Audit Log" page to filter credential_* by event_type to view.

No log will be recorded if the reference parsing is successful - to avoid log explosion. But the metadata of "which credentials were parsed by this execution" will be displayed in the details of each execution.

FAQ

Can I use environment variables instead?

Technically possible (via the team's self-deploying environment variables), but not recommended:

  • Environment variables are process-level global and can be read by process.env in any code step. Credential Center only injects the few you declare.
  • Environment variable rotation requires restarting the service, and the changes in the Credential Center will take effect immediately.
  • Environment variables are not audited.

Can colleagues see my personal namespace credentials?

No. Even Team Admin can only see the existence of the credentials (in the list), but cannot see the value or reference it in its own workflow - the runtime parsing will miss.

OAuth What to do with refresh?

For mainstream OAuth providers (Google / GitHub / Slack / Notion): refresh_token is placed in the credential center, and the access_token platform is automatically refreshed. For other providers, you need to put a long-term valid token in the credentials or write the refresh code step yourself.

Next