logo_smallAxellero.io

Credentials

Manage authentication credentials for external service integrations in Axellero Studio.

The Credentials service securely stores encrypted authentication data that connectors use to access external services. It manages the full token lifecycle — including automatic OAuth 2.0 token refresh — so you never have to manually rotate expired tokens. Every connector requires a credential; they are the foundation of Axellero's integration system.

Overview

Credentials are managed in Application > Integrations > Credentials. Each credential encrypts and stores the authentication information needed to connect to an external service — API keys, OAuth tokens, or username/password pairs. When an access token expires, the Credentials service refreshes it automatically on your behalf.

┌──────────────┐    ┌──────────────┐    ┌──────────────┐
│  Credential  │    │  Connector   │    │   Trigger    │
│  (auth data) │───▶│  (action)    │───▶│   (event)    │
└──────────────┘    └──────────────┘    └──────────────┘
    Step 1              Step 2              Step 3

Credential Types

Axellero supports three credential types:

TypeUse ForFieldsExample Services
Username/passwordUsername/password authenticationLogin, PasswordDatabases, SMTP servers
Bearer tokenAPI key or token-based authenticationAccess TokenTelegram, Linear, custom APIs
OAuth 2.0 with token refreshFull OAuth authorization flow with token refreshClient ID, Client Secret, Authorization URL, Token URL, Scopes (optional)Gmail, Google Calendar, amoCRM

All sensitive fields (passwords, tokens, client secrets) are stored encrypted.

Creating a Credential

  1. Navigate to Application > Integrations > Credentials
  2. Click the "Create credential" button
  3. Enter a Name and optional Description
  4. Select the credential Type
  5. Enter the required fields for your chosen type
  6. Click Create
  7. For OAuth 2.0: click "Test Authorization URL" to complete the authorization flow

Create credential dialog

The fields change based on the selected type:

Credential type dropdown

OAuth 2.0 Credential

The OAuth 2.0 form includes additional fields for the full authorization flow:

OAuth 2.0 credential form

OAuth 2.0 Authorization Flow

When you click "Authorize" on an OAuth 2.0 credential, Axellero:

  1. Opens a popup window to the service's authorization page
  2. You sign in and grant the requested permissions
  3. The service redirects back to Axellero with an authorization code
  4. Axellero exchanges the code for access and refresh tokens
  5. Tokens are securely stored and encrypted

Re-Authorization

You may need to re-authorize a credential when:

  • The refresh token has been revoked by the service
  • You need to add additional permission scopes
  • The service provider requires periodic re-authorization

To re-authorize, open the credential and click "Authorize" again.

Managing Credentials

Viewing Credentials

The Credentials tab displays a table with all credentials in the current application:

Credentials list view

ColumnDescription
NameCredential identifier
DescriptionOptional description
TypeBASIC, BEARER, or OAUTH2

Editing a Credential

  1. Click the edit icon on the credential row
  2. Update the fields as needed (the Type cannot be changed after creation)
  3. Click Save

Edit credential dialog

Changing credential fields (e.g., rotating an API key) may temporarily disrupt connectors that use this credential. Update during low-traffic periods when possible.

Deleting a Credential

  1. Click the delete icon on the credential row
  2. Confirm the deletion in the confirmation dialog

Delete credential confirmation

Deleting a credential will break any connectors that depend on it. Before deleting, update or remove dependent connectors first.

Integration-Specific Guides

Each integration has specific credential requirements. See the setup guides for detailed instructions:

ServiceCredential TypeSetup Guide
GmailOAuth 2.0Gmail Setup - Step 1
TelegramBearerTelegram Setup - Step 1
WhatsAppBearerWhatsApp Setup - Step 1
LinearBearerLinear Setup - Step 1
Google CalendarOAuth 2.0Google Calendar Setup - Step 1
amoCRMOAuth 2.0amoCRM Setup - Step 1

Troubleshooting

ErrorCauseSolution
"Invalid credentials"Incorrect login/password or tokenVerify the values match what the service provider gave you
"Authorization failed"OAuth flow did not completeTry clicking "Authorize" again; check Client ID and Secret
"Token refresh failed"Refresh token revoked or expiredRe-authorize the credential from scratch
"Invalid redirect URI"Callback URL mismatchEnsure the redirect URI in the service matches Axellero's callback URL
"Insufficient scopes"Missing permissionsAdd the required scopes and re-authorize
"Connection refused"Service unreachableCheck the Authorization URL and Token URL are correct
  • Connectors — Create connections to external services using your credentials
  • Triggers — Configure real-time event handling from connected services
  • MCP Servers — Add custom tools via the Model Context Protocol