🚀 RealTimeX v1.0.6 is live! Update now →
Credentials

Credentials

Credentials is the secure store for reusable secrets and auth payloads in RealTimeX. Use it when an advanced agent workflow, MCP tool, or integration needs authentication that should be managed centrally instead of typed into a prompt.

Where to find it

  • Settings > Credentials

What this page is for

Use Credentials when you want to:

  • store a reusable API token or header
  • save a username and password pair for Basic Auth
  • provide a query-string auth value
  • expose a secret as an environment variable for local execution
  • rotate a secret without rebuilding every dependent workflow

Supported credential types

RealTimeX currently supports four credential shapes.

HTTP Header

Use this when an integration needs a header such as Authorization.

Typical example:

  • header name: Authorization
  • header value: Bearer ...

Query Parameter

Use this when a service expects auth in the URL query string.

Typical example:

  • parameter name: api_key
  • parameter value: your secret token

Basic Auth

Use this when a service expects a username and password pair.

Environment Variable

Use this when a local execution or external process expects a secret in an environment variable such as API_TOKEN.

Creating a credential

  1. Open Settings > Credentials.
  2. Click Add Credential.
  3. Choose the credential type.
  4. Enter a credential name.
  5. Fill in the required secret fields for that type.
  6. Optionally add JSON metadata.
  7. Save the credential.

The credential name can use letters, numbers, spaces, hyphens, and underscores.

Editing and rotating a credential

Existing credentials can be edited in place.

  • rename the credential
  • replace only the secret field that changed
  • update optional metadata

RealTimeX keeps existing secret values masked in the edit form. If you leave a masked secret unchanged, the current stored value stays in place. This makes rotation safer because you only replace the fields you actually intend to change.

Deleting a credential

Delete a credential only when nothing important still depends on it.

If a workflow, agent, or integration still expects that credential name, it can fail until you update the dependent configuration.

Metadata

Each credential can include optional JSON metadata.

Use metadata for supporting details such as:

  • region
  • environment
  • owning service
  • operational notes

Metadata is helpful for organization, but it does not replace the actual secret payload.

Where credentials are used

Stored credentials are most relevant for:

  • advanced agent workflows that use RealtimeX Moderator
  • MCP tools or integrations that need reusable auth
  • local executions that need secrets passed as environment variables

What credentials are not

The Credentials page is not the only place secrets appear in RealTimeX.

Important differences:

  • Plugin-specific API keys can still live inside a plugin's own Configure form.
  • Some provider setup pages have their own direct API key fields.
  • Agent Runtime CLI authentication is separate. RealTimeX does not store your terminal login state for external CLIs here.

Use the credentials store when the workflow explicitly expects a reusable credential object. Do not assume every provider or plugin reads from this page automatically.

Best practices

  • Use clear, stable names so dependent workflows are easy to trace.
  • Keep one credential per service or auth context instead of overloading a single entry.
  • Rotate secrets by editing the existing credential when possible.
  • Remove credentials you no longer need.
  • Never paste credential values into prompts, notes, or markdown docs when the credentials store can hold them instead.

Related guides

TroubleshootingMCP Servers