Credentials and credential variables in the Bot editor

Use credentials when building bots to pass sensitive information such as passwords and account numbers. Using credentials separates the sensitive information from the bots and Bot Runners, which reduces the risk of data spillage or unauthorized user access.

Credential

A credential holds the sensitive information in attributes. An attribute can have a value that is standard for all users or it can accept a user-input value. For example, an Email credential can hold three attributes: host name (standard value), username (user input), and password (user input).

Credentials are predefined in the CREDENTIALS tab and cannot be modified when the user is building or running a bot.

By default, all users can create, manage, and use their own credentials. A user is granted access to another user's credentials by receiving access to a locker that holds the credential. If the credential requires a user-input value, it appears in the CREDENTIAL REQUESTS tab.

A credential must be assigned to a locker to be used for building and running a bot.

Locker

A locker specifies which users can view, modify, or access the credentials. For example, a human resources (HR) locker can hold Email, Database, and Training website credentials and allow only specific employees of the HR department to use the credentials in their bots.

Credential variable

A credential variable stores a credential value in a user-defined variable. It enables users to securely pass values to a bot and from a bot to another bot. Using a credential variable ensures that the values are not displayed in a message box or written to a file. The value is either selected from the Credential Vault or is provided by the user. You can use it into any action field that accepts a variable.

Note: Values of this data type cannot be converted to another data type.

You can:

Pass login credentials to a child bot.
Retrieve confidential data, such as account numbers, and pass them to the main bot.

Note: You cannot pass credential values to the main bot when you deploy it from the Run bot now page. The values must be hard-coded in the bot or selected from the Credential Vault.

Working with credentials

Only fields with a Credential tab below the field name accept a credential.
Action fields display the locker, credential, and attribute name; users can not see attribute values in the Bot editor.
A credential cannot be appended to other variables or to a string.

Packages that support Credential Variables

The following list of packages support use of credential variables:

Active Directory
Apigee
Credentials
Database
Email
Email trigger
Excel advanced
FTP / SFTP
Generative AI
Genesys
Google G Suite
Google Calendar
Google Drive
Google Document AI
Google Sheets
Interactive forms
Legacy Automation
Microsoft 365 Calendar
Microsoft 365 Excel
Microsoft 365 OneDrive
Microsoft 365 Outlook
Microsoft 365 Outlook trigger
PDF
PGP
Recorder
REST Web Service
Salesforce
SAP
ServiceNow
SharePoint
Simulate keystrokes
SNMP
SOAP Web Service
Terminal Emulator
Workday

Automation 360

Credentials and credential variables in the Bot editor