Managing Credentials
Credentials are encrypted key-value pairs stored in the platform. They provide a secure way to store API keys, passwords, and other sensitive data that agents might need.
How credentials work
Section titled “How credentials work”Credentials are stored encrypted using AES-GCM. Each credential belongs to a specific user and is only accessible by that user’s agents.
Common use cases:
- API keys for external services
- Login credentials for websites (used with browser automation)
- Access tokens for third-party integrations
Managing credentials
Section titled “Managing credentials”| Endpoint | Description |
|---|---|
GET /api/credentials | List your stored credentials |
POST /api/credentials | Store a new credential |
GET /api/credentials/{id} | Retrieve a credential |
PUT /api/credentials/{id} | Update a credential |
DELETE /api/credentials/{id} | Delete a credential |
Browser profile credentials
Section titled “Browser profile credentials”Credentials can be associated with browser profiles. When an agent uses browser automation with a specific credential, it gets a dedicated browser profile that preserves session state (cookies, local storage) for that credential.
This means an agent can log into a website using stored credentials and maintain that session across multiple conversations.
Security
Section titled “Security”- All credential values are encrypted at rest with AES-GCM
- The encryption key is derived from
FRONA_AUTH_ENCRYPTION_SECRET - Credentials are scoped to the owning user. Other users cannot access them
- Credential values are never logged or exposed in API responses (except when explicitly retrieved)