Credential API
CredentialClient manages n8n credentials — create, read, update, delete, test, and transfer between projects.
Credential payloads are intentionally flexible because the exact data shape depends on the credential type you are working with.
Access
const credential = client.credentials();
Methods
Common Tasks
- list credentials for audit or cleanup work
- create credentials in a target project
- update secret material or display names
- test a credential before attaching it to workflows
- move credentials between projects
list(params?)
List credentials.
const { data, nextCursor } = await client.credentials().list({
limit: 10,
cursor: 'abc123',
});
get(id)
Get a credential by ID.
const credential = await client.credentials().get('cred-123');
create(data)
Create a new credential.
const created = await client.credentials().create({
name: 'AWS Credentials',
type: 'aws',
data: { accessKey: 'AKIA123', secretKey: 'secret456' }, // pragma: allowlist secret
projectId: 'proj-1',
});
update(id, data)
Update a credential.
const updated = await client.credentials().update('cred-123', {
name: 'Updated AWS Credentials',
data: { accessKey: 'AKIA789', secretKey: 'newsecret' }, // pragma: allowlist secret
});
delete(id)
Delete a credential.
const deleted = await client.credentials().delete('cred-123');
test(id)
Test a credential's connection.
const result = await client.credentials().test('cred-123');
// result.status, result.message
transfer(id, destinationProjectId)
Move a credential to another project.
await client.credentials().transfer('cred-123', 'proj-456');
getSchema(credentialTypeName)
Get the schema for a credential type.
const schema = await client.credentials().getSchema('httpHeaderAuth');
CredentialResource
Use getResource(), listResources(), or createResource() to get a bound CredentialResource instance.
const resource = await client.credentials().getResource('cred-123');
const created = await client.credentials().createResource({
name: 'AWS Credentials',
type: 'aws',
data: { accessKey: 'AKIA123', secretKey: 'secret456' }, // pragma: allowlist secret
projectId: 'proj-1',
});
Properties
| Property | Type | Description |
|---|---|---|
id | string | Credential ID |
name | string | Credential name |
type | string | Credential type identifier |
Methods
| Method | Returns | Description |
|---|---|---|
update(data) | this | Update the credential — replaces snapshot with the API response |
patch(data) | this | Convenience update — merges partial fields with the current writable credential snapshot |
delete() | Credential | Delete the credential |
test() | CredentialTestResponse | Test the credential connection |
transfer(destinationProjectId) | void | Move to another project |
getSchema() | JsonObject | Get the schema for this credential type |
Snapshot management
update() and patch() call replaceSnapshot() with the API response.
Typical Flow
const credential = client.credentials();
const created = await credential.create({
name: 'Internal API Token',
type: 'httpHeaderAuth',
data: {
name: 'Authorization',
value: 'Bearer token',
},
});
await credential.test(created.id);
Typical Flow with Resource
const resource = await client.credentials().createResource({
name: 'Internal API Token',
type: 'httpHeaderAuth',
data: { name: 'Authorization', value: 'Bearer token' },
});
const testResult = await resource.test();
if (testResult.status === 'success') {
await resource.transfer('proj-456');
}