Managing Credentials
Credentials let workflows connect to private APIs and services without putting secrets directly in the workflow graph.
When you need a credential
You need a credential when a node must prove who it is to another service.
Examples:
- Calling a private API.
- Sending an authenticated email.
- Connecting to an OAuth provider.
- Running an integration that needs an account.
You usually do not need credentials for public APIs such as the quick-start GitHub Zen endpoint.
Create a credential
- Open Credentials.
- Click Add Credential.
- Choose the credential type.
- Enter the required values.
- Save or connect the credential.
Rune stores sensitive values securely and lets workflows reference the credential by name.
Use a credential in a workflow
- Open the workflow on the canvas.
- Select the node that needs access.
- Choose the credential in the node settings.
- Save the workflow.
- Run a test execution.
Share carefully
Credentials can be shared so teammates can run workflows that depend on them.
Before sharing, confirm:
- The teammate should be allowed to use that account or key.
- The credential has only the permissions the workflow needs.
- Deleting or changing the credential will affect workflows that use it.
OAuth credentials
For OAuth credentials, Rune sends you to the provider, you approve access, and Rune stores the resulting tokens for workflow runs.
If OAuth fails, check:
- The provider account has permission for the requested scopes.
- The credential was connected again after scope changes.
- Your workspace admin has configured OAuth correctly for that provider.
Deleting credentials
Before deleting a credential, Rune checks whether workflows reference it.
If a workflow still uses the credential, deleting it can make future runs fail.