Skip to main content

What are Credentials?

Credentials in Flowise are secure containers for API keys, tokens, passwords, and secrets required by nodes to connect to third-party services. They provide a centralized, encrypted way to manage sensitive information without hardcoding it into your flows.
Credentials are encrypted at rest and never exposed in exported flow configurations or API responses.

Why Credentials Matter

Proper credential management is critical for:
  • Security: Encrypted storage prevents exposure in version control or logs
  • Reusability: One credential can be used across multiple chatflows and agentflows
  • Team Collaboration: Share credentials within workspaces without exposing values
  • Compliance: Meet security requirements for handling API keys
  • Ease of Management: Update credentials in one place to affect all flows

Credential Structure

Database Schema

{
  id: string              // UUID
  name: string            // User-friendly name (e.g., "Production OpenAI Key")
  credentialName: string  // Type identifier (e.g., "openAIApi")
  encryptedData: string   // Encrypted JSON containing sensitive fields
  createdDate: Date
  updatedDate: Date
  workspaceId: string     // Workspace association
  shared: boolean         // Whether shared across workspace
}

Encrypted Data Format

The encryptedData field contains encrypted JSON: 
// Before encryption
{
  "apiKey": "sk-proj-abc123...",
  "organizationId": "org-xyz789"
}

// After encryption
"U2FsdGVkX1+8xK9Y...[encrypted string]..."
Flowise uses AES-256 encryption for credential data. The encryption key is stored separately and never exposed through the API.

Credential Types

Flowise supports credentials for 50+ services:

LLM Providers

  • OpenAI API: API key, organization ID
  • Anthropic: API key
  • Google PaLM: API key
  • Cohere: API key
  • Azure OpenAI: API key, instance name, deployment name
  • AWS Bedrock: Access key, secret key, region
  • Hugging Face: API token

Vector Stores

  • Pinecone: API key, environment, index name
  • Weaviate: Scheme, host, API key
  • Qdrant: URL, API key
  • Milvus: Address, username, password
  • Chroma: URL, API key
  • Supabase: Project URL, anon key

Tools & Services

  • Serper API: API key (for Google search)
  • SerpAPI: API key
  • Wolfram Alpha: App ID
  • Zapier NLA: API key
  • GitHub: Personal access token
  • Notion: Integration token

Databases

  • PostgreSQL: Host, database, user, password
  • MySQL: Connection string
  • MongoDB: Connection URI
  • Redis: Host, port, password

Creating Credentials

From the UI

  1. Navigate to Credentials page
  2. Click Add Credential
  3. Select credential type from the list
  4. Fill in required fields
  5. Give it a descriptive name
  6. Click Add
// From source code - credential creation flow
const addNew = (credentialComponent) => {
  const dialogProp = {
    type: 'ADD',
    cancelButtonName: 'Cancel',
    confirmButtonName: 'Add',
    credentialComponent
  }
  setShowSpecificCredentialDialog(true)
}

const createResp = await credentialsApi.createCredential({
  name: "My OpenAI Key",
  credentialName: "openAIApi",
  plainDataObj: {
    apiKey: "sk-..."
  }
})

Via API

curl -X POST http://localhost:3000/api/v1/credentials \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Production OpenAI",
    "credentialName": "openAIApi",
    "plainDataObj": {
      "apiKey": "sk-proj-..."
    }
  }'

Using Credentials in Flows

Assigning to Nodes

When a node requires credentials:
  1. Add the node to canvas
  2. Click on credential parameter
  3. Select existing credential or create new
  4. Credential is linked to node

Credential Input Handler

The CredentialInputHandler.jsx component manages credential selection: 
// Simplified from source
const CredentialInputHandler = ({ inputParam, nodeId }) => {
  const [selectedCredential, setSelectedCredential] = useState(null)
  const [availableCredentials, setAvailableCredentials] = useState([])
  
  useEffect(() => {
    // Load credentials matching node's required type
    const matchingCredentials = allCredentials.filter(
      cred => cred.credentialName === inputParam.credentialType
    )
    setAvailableCredentials(matchingCredentials)
  }, [])
  
  return (
    <Select
      value={selectedCredential}
      onChange={(e) => {
        setSelectedCredential(e.target.value)
        updateNodeData(nodeId, inputParam.name, e.target.value)
      }}
    >
      {availableCredentials.map(cred => (
        <MenuItem value={cred.id}>{cred.name}</MenuItem>
      ))}
      <MenuItem onClick={createNewCredential}>+ Create New</MenuItem>
    </Select>
  )
}

Flow Data Reference

Credentials are referenced by ID in flow data: 
{
  "nodes": [
    {
      "id": "chatOpenAI_0",
      "data": {
        "name": "chatOpenAI",
        "inputParams": [
          {
            "name": "credential",
            "value": "cred-uuid-12345"
          }
        ]
      }
    }
  ]
}
Only credential IDs are stored in flows, never the actual secrets. This allows credentials to be updated without modifying flows.

Credential Management

Viewing Credentials

The Credentials page displays:
  • Credential name
  • Credential type (with icon)
  • Last updated date
  • Created date
  • Action buttons (Share, Edit, Delete)
// Table display logic from source
<TableRow>
  <TableCell>
    <Box sx={{ display: 'flex', alignItems: 'center' }}>
      <img 
        src={`${baseURL}/api/v1/concepts/nodes-and-edges-credentials-icon/${credential.credentialName}`}
        alt={credential.credentialName}
        onError={(e) => {
          e.target.src = keySVG  // Fallback icon
        }}
      />
      {credential.name}
    </Box>
  </TableCell>
  <TableCell>
    {moment(credential.updatedDate).format('MMMM Do, YYYY HH:mm:ss')}
  </TableCell>
  <TableCell>
    {moment(credential.createdDate).format('MMMM Do, YYYY HH:mm:ss')}
  </TableCell>
</TableRow>

Updating Credentials

// Update flow from source
const edit = (credential) => {
  const dialogProp = {
    type: 'EDIT',
    cancelButtonName: 'Cancel',
    confirmButtonName: 'Save',
    data: credential
  }
  setShowSpecificCredentialDialog(true)
}

await credentialsApi.updateCredential(credentialId, {
  name: "Updated Name",
  plainDataObj: {
    apiKey: "new-key-value"
  }
})
When you update a credential, all flows using it automatically get the new value on next execution. No need to update individual flows.

Deleting Credentials

// Deletion with confirmation
const deleteCredential = async (credential) => {
  const isConfirmed = await confirm({
    title: 'Delete',
    description: `Delete credential ${credential.name}?`,
    confirmButtonName: 'Delete',
    cancelButtonName: 'Cancel'
  })
  
  if (isConfirmed) {
    await credentialsApi.deleteCredential(credential.id)
    enqueueSnackbar({
      message: 'Credential deleted',
      variant: 'success'
    })
  }
}
Deleting a credential that’s in use by active flows will cause those flows to fail. Check usage before deletion.

Workspace Sharing

Credentials can be shared within workspaces:

Sharing a Credential

// Share dialog from source
const share = (credential) => {
  const dialogProps = {
    type: 'EDIT',
    data: {
      id: credential.id,
      name: credential.name,
      title: 'Share Credential',
      itemType: 'credential'
    }
  }
  setShowShareCredentialDialog(true)
}

Shared Credential Behavior

  • Read-only: Workspace members can use but not edit/delete
  • Marked as Shared: UI shows “Shared Credential” label
  • Centralized Control: Only owner can modify or revoke sharing
// UI rendering for shared credentials
{credential.shared ? (
  <TableCell colSpan={3}>Shared Credential</TableCell>
) : (
  <>
    <TableCell>
      <IconButton onClick={() => share(credential)}>
        <IconShare />
      </IconButton>
    </TableCell>
    <TableCell>
      <IconButton onClick={() => edit(credential)}>
        <IconEdit />
      </IconButton>
    </TableCell>
    <TableCell>
      <IconButton onClick={() => deleteCredential(credential)}>
        <IconTrash />
      </IconButton>
    </TableCell>
  </>
)}

Security Best Practices

Do’s

  • Create separate credentials for development and production
  • Use descriptive names (e.g., “Production OpenAI - GPT-4”)
  • Rotate credentials regularly
  • Use least-privilege API keys when possible
  • Share credentials at workspace level, not by copy-pasting

Don’ts

  • ❌ Never commit credentials to version control
  • ❌ Don’t include credentials in exported flow JSON
  • ❌ Avoid using personal credentials for team projects
  • ❌ Don’t share credentials via unsecured channels
  • ❌ Never log credential values

Component Credentials

Flowise maintains a registry of available credential types: 
// Loading credential components
const getAllComponentsCredentials = async () => {
  const response = await credentialsApi.getAllComponentsCredentials()
  // Returns array of credential types with schemas
  return response.data
}

// Example credential schema
{
  name: "openAIApi",
  label: "OpenAI API",
  version: 1,
  description: "OpenAI API key for accessing GPT models",
  inputs: [
    {
      label: "API Key",
      name: "apiKey",
      type: "password",
      description: "Your OpenAI API key"
    },
    {
      label: "Organization ID",
      name: "organizationId",
      type: "string",
      optional: true
    }
  ]
}

Credentials in Variables

Credentials can reference environment variables: 
// Runtime credential using environment variable
{
  name: "OpenAI from .env",
  credentialName: "openAIApi",
  plainDataObj: {
    apiKey: "{{OPENAI_API_KEY}}"  // Reads from process.env
  }
}
This pattern is useful for keeping sensitive values out of the database and loading them from environment configuration.

Common Use Cases

Multiple OpenAI Keys

Manage different API keys for different purposes: 
- "OpenAI - Development" → Rate-limited key for testing
- "OpenAI - Production" → High-limit key for live traffic
- "OpenAI - GPT-4" → Separate key for premium models

Cross-Service Authentication

Some flows require multiple credentials:

Team Credentials

Workspace admins can:
  1. Create shared credentials for team services
  2. Members use without seeing actual keys
  3. Centralized rotation and revocation

Troubleshooting

Credential Not Working

Check these common issues:
  1. Invalid API Key
    • Verify key hasn’t been revoked
    • Check for typos or extra spaces
    • Ensure key has required permissions
  2. Wrong Credential Type
    • Node expects specific credential format
    • Match credential type to node requirements
  3. Expired Credentials
    • Some services expire tokens
    • Regenerate and update in Flowise
  4. Rate Limits
    • API key may be rate-limited
    • Use different key or increase limits

Error: “Credential not found”

// Possible causes:
- Credential was deleted
- Flow imported from different workspace
- Credential ID mismatch after migration

// Solution:
1. Edit the node
2. Reselect credential from dropdown
3. Save flow

Shared Credential Can’t be Edited

This is expected behavior. Only the credential owner can edit shared credentials. Contact the owner or create your own copy.

API Reference

List All Credentials

GET /api/v1/credentials
Response: 
[
  {
    "id": "cred-uuid",
    "name": "My OpenAI Key",
    "credentialName": "openAIApi",
    "createdDate": "2024-03-04T10:00:00Z",
    "updatedDate": "2024-03-04T10:00:00Z",
    "shared": false
  }
]

Get Credential by ID

GET /api/v1/credentials/:id

Create Credential

POST /api/v1/credentials
Content-Type: application/json

{
  "name": "Production Pinecone",
  "credentialName": "pineconeApi",
  "plainDataObj": {
    "apiKey": "your-api-key",
    "environment": "us-west1-gcp"
  }
}

Update Credential

PUT /api/v1/credentials/:id
Content-Type: application/json

{
  "name": "Updated Name",
  "plainDataObj": {
    "apiKey": "new-key"
  }
}

Delete Credential

DELETE /api/v1/credentials/:id

Get Available Credential Types

GET /api/v1/concepts/nodes-and-edges-credentials
Returns all credential schemas supported by installed nodes.

Build docs developers (and LLMs) love

Get started for freeTalk to us