The Vault
Workflow nodes often need API keys, OAuth tokens, or other secrets. The Credential Vault provides secure, encrypted storage for these sensitive values.
How It Works
1. User opens the Credentials modal in Flow Designer 2. Adds a new credential with a name and value 3. Value is encrypted with AES and stored on disk 4. Workflow nodes reference credentials by name 5. At execution time, the engine decrypts and injects the credential
Security
- Credentials are never stored in plain text
- AES encryption at rest
- Only the Go Engine can decrypt
- Credentials are not included in .flow packages
- API endpoint only returns credential names, never values