What Are Credentials?
Credentials are the authorized accounts, tokens, or keys Decisional uses when an agent calls an external system. They sit underneath integrations, tools, and user tool bindings:| Concept | Meaning |
|---|---|
| Integration | The external system or toolkit, such as email, team chat, CRM, file storage, or a database |
| Tool | A specific capability inside that integration, such as send email, list files, update a CRM record, or post a message |
| Credential | The authorized account, token, API key, or connection a tool uses to perform the action |
| User Tool | The binding between a tool and a credential, with a display name, optional defaults, and active or pending connection state |
Credential Types
Decisional supports a few credential patterns:| Type | What it is used for |
|---|---|
| Connected account | OAuth or account-based authorization for an integration account |
| Manual credential | API keys, basic auth, database credentials, or custom integration secrets entered through a credential form |
| Platform credential | A Decisional-managed credential for supported tools, metered through credits instead of using your own connected account |
| Status | Meaning |
|---|---|
| Active | The credential is usable and can be bound to tools |
| Expired | The credential needs to be refreshed or replaced before tools can run |
| Initiated | The connection flow started but has not completed yet |
How Tools Use Credentials
When an agent runs a workflow step that calls an integration tool, Decisional resolves three things:- The integration the workflow is using
- The tool needed for that step
- The credential allowed to execute that tool
User Tool Bindings
Decisional stores the exact tool-to-credential pairing as a User Tool. A User Tool can be:- Bound to a specific integration credential
- Bound to a platform credential when the integration supports it
- Pending when the tool exists but no credential has been connected yet
Multiple Credentials for One Tool
A single tool can be used with different credentials. For example, the same send-message tool can be bound to a support credential, an operations credential, or a personal credential. In the app, credentials are shown with labels and account identifiers so builders can choose the correct account. If no label is set, Decisional falls back to the account identifier when available.Credential Sharing
Credential visibility depends on the workspace.| Workspace type | Credential behavior |
|---|---|
| Personal Workspace | Credentials are private to the user. Integrations connected here are not usable by other people. |
| Shared workspace | Credentials can be shared with the workspace so multiple people and agents can use approved accounts. |
- The owner can rename, refresh, update, delete, and change sharing for their credential.
- Other workspace members can use shared credentials when policy allows, but they do not own the secret.
- Public or unauthenticated views only receive sanitized connection state. They do not expose internal credential IDs or secret values.
Access Control Policy
Decisional applies policy at the integration and tool level. Policy controls:- Which integrations are available in a workspace
- Which tools are allowed for an agent or workflow
- Which credentials a tool can use
- Whether a tool can run automatically, must ask for approval, can bypass eligible approvals, or is blocked
| Access type | Typical use |
|---|---|
| Read | Search, list, fetch, inspect, summarize, or retrieve data |
| Write | Send, create, update, delete, publish, comment, or otherwise change an external system |
Approvals and Policy
Learn how tool policy combines with agent approval settings and workflow gates.
Security Model
Agent code does not receive raw credential values. Decisional resolves the tool and credential server-side, executes the external call through the credential service, and keeps secrets out of agent-visible state. The execution path is:- The workflow calls a User Tool by ID.
- Decisional resolves the integration, tool, provider, defaults, and credential binding.
- The credential service decrypts or resolves the credential only for that outbound call.
- The provider adapter executes the action against the external system.
- The agent receives the result, not the secret.
Security
Learn how Decisional protects credentials and workspace-scoped access.