Create Access Credentials v2.0.2 Help ​

Creates access credentials and associated permissions data using a username-password pair or token.

How can I use the Step? ​

The Step lets you create access credentials with Basic and Bearer HTTP authentication schemes. You can store these credentials in separate collections to establish multiple authentication systems within a single account, which is helpful for groups of users or projects with different login requirements.

How does the Step work? ​

The Step creates access credentials and stores them in a specified collection within your key-value storage. Once created, the credentials are ready for authentication, modification, or deletion through other Steps from the Access Credentials bundle.

Credentials type and collection ​

To set up the section, do the following:

1. From the Credentials type list, select one of the following options:
   • Username and password
   • Bearer token
2. From the Collection name list, select a collection within your key-value storage where to store credentials. To create a new collection, type its name in the search field and click +.
3. Optional: Turn on the Made disabled toggle to make access credentials disabled. You can activate these credentials later with the Modify Access Credentials or Disable/Enable Access Credentials Steps.

Username and password ​

This credentials type corresponds to the Basic HTTP authentication scheme that transmits credentials as username/password pairs encoded using Base64 (to learn more, see RFC 7617).

To set up a username and password, complete the following details:

• Username: Required parameter. Must be a UTF-8 string, no more than 1024 bytes, and not contain a colon character :.
• Password: Required parameter. Must be a UTF-8 string, no less than 16 and no more than 64 bytes (for most cases, it means from 8 to 32 symbols).
• Saving options: Select the appropriate option to handle credential duplications:
  • Overwrite credentials: Overwrites if matching username. The option provides the Check password match toggle to overwrite credentials regardless of the password match.
  • Manual handling: Creates an additional exist exit for further processing matching credentials.
• Description: Enter text notes.

Warning: Username and password must not contain any control characters (see "CTL" in Appendix B.1 of RFC5234).

Bearer token ​

The Bearer HTTP authentication scheme involves security tokens called bearer tokens (to learn more, see RFC 6750).

To set up a Bearer token, complete the following details:

• Autogenerate: To generate a new token, turn it on and select the token size and encoding. To use an existing token, turn this toggle off and enter the token string in the Token field.
• Token: Required parameter. Must be a UTF-8 string, no more than 1024 bytes.
• Saving options: Select the appropriate option to handle token duplications:
  • Overwrite credentials: Overwrites if matching token.
  • Manual handling: Creates an additional exist exit for further processing matching credentials.
• Description: Credential-related information with no length or character limits. Stored with the credentials and included in the output object.

Expiration time ​

Select one of the following options to limit the lifespan of the access credentials:

• Never: Access credentials never expire.
• After interval: Access credentials expire after a specified interval, entered in the corresponding text field (default is 24 h).
• On a specific date: Access credentials expire on a date selected in the Choose a date picker.

To change the expiration time of existing credentials, use the Modify Access Credential Step.

Attributes ​

Add credential-related information as an object using one of the following options:

• Key-Value: Build an object manually. Both attribute name and value must be UTF-8 strings but have no limitations for length, symbols, or the number of entries.
• Code: Build an object using JSON format, populated with {"key": "value"} by default.

Merge field settings ​

The Step returns the result as a JSON object and stores it under the Merge field name. To learn more about Merge fields and how to work with them, see our Merge fields guide.

Output example ​

The output JSON object depends on the setup and settings provided. For example, access credentials created using a username and password might yield the following response:

{
  "result": "success",
  "collectionTable": "my-test-here",
  "message": "Credentials saved.",
  "username": "usernameTest",
  "disabled": false,
  "ttl": 0,
  "description": "descriptionTest",
  "attributes": {
    "myNewAttr": "valueTest"
  },
  "created": 1645626133521
}

{
  "result": "success",
  "collectionTable": "my-test-here",
  "message": "Credentials saved.",
  "username": "usernameTest",
  "disabled": false,
  "ttl": 0,
  "description": "descriptionTest",
  "attributes": {
    "myNewAttr": "valueTest"
  },
  "created": 1645626133521
}

Error Handling ​

By default, the Step handles errors using a separate exit. So if any error occurs during the Step execution, the Flow proceeds down the error exit. For more information, see Error and timeout handling.

Reporting ​

The Step automatically generates Reporting events during its execution, allowing for real-time tracking and analysis of its performance and user interactions. To learn more, see Reporting events

Service dependencies ​

• flow builder v2.34.0
• studio v3.71.0
• bot deployer v2.22.4
• library v2.18.4

Release notes ​

v2.0.2

• Fix custom token encryption issues

v2.0.0

• Initial release