Skip to main content

Documentation Index

Fetch the complete documentation index at: https://libretto.sh/docs/llms.txt

Use this file to discover all available pages before exploring further.

Use the credentials API to store, update, list, read, and delete tenant-scoped credentials.
All routes on this page require x-api-key.

Using stored credentials in jobs

The credentials API stores encrypted credential JSON for your tenant. To use a stored credential in a hosted workflow, read it from the credentials API in your server-side caller, then pass the needed fields in the params object when you create the job. The workflow receives those fields as normal input parameters. 
const apiKey = process.env.LIBRETTO_API_KEY;
if (!apiKey) throw new Error("LIBRETTO_API_KEY is required");

const credentialResponse = await fetch(
  "https://api.libretto.sh/v1/credentials/get",
  {
    method: "POST",
    headers: {
      "x-api-key": apiKey,
      "Content-Type": "application/json",
    },
    body: JSON.stringify({
      json: { name: "portal-production" },
    }),
  },
);

const credentialBody = await credentialResponse.json();
const credential = credentialBody.json.value;

await fetch("https://api.libretto.sh/v1/jobs/create", {
  method: "POST",
  headers: {
    "x-api-key": apiKey,
    "Content-Type": "application/json",
  },
  body: JSON.stringify({
    json: {
      workflow: "portal-login",
      params: {
        memberId: "12345",
        username: credential.username,
        password: credential.password,
      },
    },
  }),
});

POST /v1/credentials/create

Store a new credential object. Request fields:
  • name: credential name
  • credentials: JSON object to encrypt and store
Response fields:
  • success
  • credential_id
  • message

POST /v1/credentials/list

List stored credentials. Response fields:
  • credentials
Each credential entry includes:
  • credential_id
  • name
  • created_at
  • updated_at

POST /v1/credentials/get

Read a stored credential by name. Request fields:
  • name: credential name
Response fields:
  • id
  • value

POST /v1/credentials/update

Update a credential by id. Request fields:
  • id: credential id
  • credentials: optional partial object to merge into the stored JSON
  • name: optional new name
Response fields:
  • success
  • message

POST /v1/credentials/delete

Delete a credential by id. Request fields:
  • id: credential id
Response fields:
  • success
  • message
Deletion is blocked while queued or running jobs still reference the credential.

Webhooks

Configure tenant-level job result webhooks.

Jobs and Logs

Run workflows that may use stored credentials.

Schedules

Schedule recurring workflow runs.