Skip to content

Create Access Credentials v2.0.2 Help

Creates access credentials and associated permissions data using a username-password pair or token.

How can I use the Step?

The Step lets you create access credentials with Basic and Bearer HTTP authentication schemes. You can store these credentials in separate collections to establish multiple authentication systems within a single account, which is helpful for groups of users or projects with different login requirements.

How does the Step work?

The Step creates access credentials and stores them in a specified collection within your key-value storage. Once created, the credentials are ready for authentication, modification, or deletion through other Steps from the Access Credentials bundle.

Credentials type and collection

To set up the section, do the following:

  1. From the Credentials type list, select one of the following options:
  2. From the Collection name list, select a collection within your key-value storage where to store credentials. To create a new collection, type its name in the search field and click +.
  3. Optional: Turn on the Made disabled toggle to make access credentials disabled. You can activate these credentials later with the Modify Access Credentials or Disable/Enable Access Credentials Steps.

Username and password

This credentials type corresponds to the Basic HTTP authentication scheme that transmits credentials as username/password pairs encoded using Base64 (to learn more, see RFC 7617).

To set up a username and password, complete the following details:

  • Username: Required parameter. Must be a UTF-8 string, no more than 1024 bytes, and not contain a colon character :.
  • Password: Required parameter. Must be a UTF-8 string, no less than 16 and no more than 64 bytes (for most cases, it means from 8 to 32 symbols).
  • Saving options: Select the appropriate option to handle credential duplications:
    • Overwrite credentials: Overwrites if matching username. The option provides the Check password match toggle to overwrite credentials regardless of the password match.
    • Manual handling: Creates an additional exist exit for further processing matching credentials.
  • Description: Enter text notes.

Warning: Username and password must not contain any control characters (see "CTL" in Appendix B.1 of RFC5234).

Bearer token

The Bearer HTTP authentication scheme involves security tokens called bearer tokens (to learn more, see RFC 6750).

To set up a Bearer token, complete the following details:

  • Autogenerate: To generate a new token, turn it on and select the token size and encoding. To use an existing token, turn this toggle off and enter the token string in the Token field.
  • Token: Required parameter. Must be a UTF-8 string, no more than 1024 bytes.
  • Saving options: Select the appropriate option to handle token duplications:
    • Overwrite credentials: Overwrites if matching token.
    • Manual handling: Creates an additional exist exit for further processing matching credentials.
  • Description: Credential-related information with no length or character limits. Stored with the credentials and included in the output object.

Expiration time

Select one of the following options to limit the lifespan of the access credentials:

  • Never: Access credentials never expire.
  • After interval: Access credentials expire after a specified interval, entered in the corresponding text field (default is 24 h).
  • On a specific date: Access credentials expire on a date selected in the Choose a date picker.

To change the expiration time of existing credentials, use the Modify Access Credential Step.

Attributes

Add credential-related information as an object using one of the following options:

  • Key-Value: Build an object manually. Both attribute name and value must be UTF-8 strings but have no limitations for length, symbols, or the number of entries.
  • Code: Build an object using JSON format, populated with {"key": "value"} by default.

Merge field settings

The Step returns the result as a JSON object and stores it under the Merge field name. To learn more about Merge fields and how to work with them, see our Merge fields guide.

Output example

The output JSON object depends on the setup and settings provided. For example, access credentials created using a username and password might yield the following response:

json
{
  "result": "success",
  "collectionTable": "my-test-here",
  "message": "Credentials saved.",
  "username": "usernameTest",
  "disabled": false,
  "ttl": 0,
  "description": "descriptionTest",
  "attributes": {
    "myNewAttr": "valueTest"
  },
  "created": 1645626133521
}
{
  "result": "success",
  "collectionTable": "my-test-here",
  "message": "Credentials saved.",
  "username": "usernameTest",
  "disabled": false,
  "ttl": 0,
  "description": "descriptionTest",
  "attributes": {
    "myNewAttr": "valueTest"
  },
  "created": 1645626133521
}

Error Handling

By default, the Step handles errors using a separate exit. So if any error occurs during the Step execution, the Flow proceeds down the error exit. For more information, see Error and timeout handling.

Reporting

The Step automatically generates Reporting events during its execution, allowing for real-time tracking and analysis of its performance and user interactions. To learn more, see Reporting events

Service dependencies

  • flow builder v2.34.0
  • studio v3.71.0
  • bot deployer v2.22.4
  • library v2.18.4

Release notes

v2.0.2

  • Fix custom token encryption issues

v2.0.0

  • Initial release